The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued guidance titled “Cybersecurity Guidance: Chinese-Manufactured Unmanned Aircraft Systems (UAS).” This release aims to enhance awareness regarding the potential threats associated with Chinese-manufactured UAS. Additionally, it offers recommended cybersecurity safeguards to critical infrastructure and state, local, tribal, and territorial (SLTT) partners, aiming to minimize risks to networks and sensitive information.
According to the Cybersecurity and Infrastructure Security Agency, the People’s Republic of China (PRC) has enacted laws that provide the government with expanded legal grounds for accessing and controlling data held by firms in China. The use of Chinese-manufactured UAS in critical infrastructure operations risks exposing sensitive information to PRC authorities. This guidance outlines the potential vulnerabilities to networks and sensitive information when operated without the proper cybersecurity protocols and the potential consequences that could result.
“Our nation’s critical infrastructure sectors, such as energy, chemical and communications, are increasingly relying on UAS for various missions that ultimately reduce operating costs and improve staff safety. However, the use of Chinese-manufactured UAS risks exposing sensitive information that jeopardizes U.S. national security, economic security, and public health and safety,” said CISA Executive Assistant Director for Infrastructure Security, Dr. David Mussington. “With our FBI partners, CISA continues to call urgent attention to China’s aggressive cyber operations to steal intellectual property and sensitive data from organizations. We encourage any organization procuring and operating UAS to review the guidance and take action to mitigate risk. We must work together to ensure the security and resilience of our critical infrastructure.”