Attack of the Drones - Part 1

August 25, 2015 / General

In February, we pondered whether 2015 would be the year of the drones:

Six months later, the answer appears to be a resounding “yes.” Near-miss encounters between commercial aircraft and remote-controlled drones continue to make headlines at an alarming rate.

For example, in May, an American Airlines flight landing at New York's LaGuardia Airport was forced to climb 200 feet to avoid a drone operating in the aircraft’s final approach path at an altitude of 2,700 feet. In June, the pilot of a Southwest Airlines flight landing at Dallas Fort Worth reported that his left wing passed within a few hundred feet of a drone about a mile from the airport. In July, the crew of a JetBlue flight spotted a drone flying at 1,500 feet less than a mile south of the Palm Beach International Airport. In August, the pilot of a Cessna 172 reported a drone maneuvering to follow his aircraft at a distance of just 100 feet, at an altitude of 2,000 feet.

Unfortunately, these are not isolated incidents. The Federal Aviation Administration (FAA) released a new list of pilot, air traffic and citizen reports of possible encounters with unmanned aircraft (UAS) – commonly known as “drones.” This list (http://www.faa.gov/news/updates/?newsId=83544) summarizes a whopping 765 incidents over the 9-month period from November 2014 through August 2015. According to http://www.faa.gov:

“Because pilot reports of unmanned aircraft have increased dramatically over the past year, the FAA wants to send a clear message that operating drones around airplanes and helicopters is dangerous and illegal. Unauthorized operators may be subject to stiff fines and criminal charges, including possible jail time.”

As we noted in our February blog, it is critical for both commercial and non-commercial drone operators to observe and adhere to specific FAA regulations.

But how can you determine which set of regulations applies to you? The difference is not as clear-cut as you might think. One reader of our February blog pointed us to this thought-provoking discussion:

http://buythebestdrone.com/drone-policy ... gulations/

For example, the FAA reportedly sent a “cease and desist” letter to a drone operator who filmed a public event from the air and posted that video on YouTube. It appears that ads generated by YouTube were deemed commercial, even if the videographer received no payment for his drone footage – thus leading the FAA to view this incident as “commercial use.”

Anyone wishing to operate a drone for commercial purposes must obtain an FAA Certificate of Authorization (COA) and either an FAA Airworthiness Certificate or an FAA-approved Section 333 Exemption. In fact, this list of approved commercial drone applications is growing fast. According to the FAA, over 1,300 exemptions have now been granted:

http://www.faa.gov/uas/legislative_prog ... ction_333/

These applications run the gamut, from insurance firms using drones to inspect roofs to cellular firms using drones to maintain communications towers. Although aerial surveying, inspections, photography, and videography dominate the approved list, other applications include wildlife and forestry monitoring, mosquito and insect control, and drone-based package delivery.

For example, Amazon PrimeAir is now forging ahead with tests while proposing that the FAA reserve a commercial use corridor for drones flying 60 knots or more at altitudes of 200-400 feet. Whether Amazon’s PrimeAir concept ultimately “flies” or not, Amazon’s proposal should be of interest to all businesses. In a nutshell, Amazon wants to define requirements (such as GPS navigation support) to enable safe collaborative business use of this corridor while staying clear of commercial aircraft operating at higher altitudes and consumer drones constrained to lower, more isolated areas.

Time will tell whether regulators adopt something like Amazon’s proposal. However, it does seem likely that the FAA will clamp down on non-commercial drone operation s to reduce risk to passengers and crews aboard commercial flights. In the meantime, we’ll take this opportunity to reiterate our drone security recommendations for businesses:

1) Institute a routine monitoring process for drones operating over or near your facility – for example, using a Wireless IPS such as Fluke AirMagnet Enterprise to detect drones.

2) Define a process for unauthorized drone remediation, including tracking, containment, and evidence gathering.

3) Consider how your business might benefit from drone applications.

And now we’ll add a few more… For all existing or potential drone applications within your business:

4) Assess whether that application is in fact commercial.

5) If so, obtain a COA and consider applying for a Section 333 exemption.

6) Take steps to harden business drones against attack. More about this in our next blog post!