The world’s leading drone manufacturer, Dà-Jiang Innovations (DJI), has been grounded by the US Army over concerns surrounding ‘cyber vulnerabilities’.
A US Army memo first published by sUAS News reads: “Due to increased awareness of cyber vulnerabilities associated with DJI products, it is directed that the US Army halt use of all DJI products.”
According to the memo, the US Army has granted more than 300 Airworthiness authorizations for DJI aircraft to date. This is despite the fact that the Chinese manufacturer’s drones are not built to military specifications and are most commonly used by professional aerial photographers and companies gathering data from above.
Speaking to Internet of Business, a US Army spokesperson verified the memo, which was not intended for public viewing, and admitted that “We can confirm that guidance was issued; however, we are currently reviewing the guidance and cannot comment further at this time.”
DJI and ‘Cyber vulnerabilities’
It’s not immediately clear what exactly the US Army is referring to with the term ‘cyber vulnerabilities’, as there have been several incidents in recent weeks and months regarding DJI and data security.
The most high profile has been the ongoing battle between DJI and a committed group of hackers intent on liberating their drones from the Chinese manufacturer’s control.
Currently, DJI enforces no-fly zones and altitude limits through its Geo-fencing technology. Russian and American hackers have discovered weaknesses in DJI’s software that enable the Geo system, among other things, to be modified or disabled. Although the manufacturer has introduced firmware patches to fix the security issue, it’s not at all clear that its attempts have been successful.
The situation has highlighted the issue of data security and cast doubts over how well protected the company’s drones are from external interference.
Further to this, there is concern that DJI is collecting, storing or sharing data with the Chinese government. This is suspected to include user registration information and flight data, from aerial imagery to GPS locations – although there is no evidence showing to what extent these suspicions are true. The company has denied this, stating that only data manually uploaded by users is sent to its servers.
In a statement, a company spokesman said “DJI makes civilian drones for peaceful purposes. They are built for personal and professional use, and are not designed for military uses or constructed to military specifications. We do not market our products for military customers, and if military members choose to buy and use our products as the best way to accomplish their tasks, we have no way of knowing who they are or what they do with them.”
“The US Army has not explained why it suddenly banned the use of DJI drones and components, what ‘cyber vulnerabilities’ it is concerned about, or whether it has also excluded drones made by other manufacturers.”
Precedent and protectionism
The situation between the US Army and DJI is nothing new in the landscape of American politics. Another Chinese technology company, Huawei, has been disrupted from selling products in the States for several years because of fears over security and espionage. It has denied any wrongdoing.
Until the US Army outlines the root cause of its concerns with DJI equipment, the Chinese manufacturer will be in a similar position, wondering whether this is a protectionist move made to damage the reputation of a foreign market leader, or a legitimate measure in the face of cyber security concerns.