Anti-poaching technologies vulnerable to cyber-attacks, study finds
Must-ReadStellenbosch University April 19, 2023 News desk
Various technologies such as tracking tags, CCTV and thermal cameras, Wireless Sensor Networks, mobile apps and drones are being used in anti-poaching operations for intelligence and communications to protect wildlife.
However, these technologies bring with them the risk of cyber-attacks, and therefore communication networks and IT infrastructure must be well set up and securely authenticated for greater protection of information, anti-poaching units and animals.
This is according to Ms Christelle Steyn from Orange Cyberdefense Academy. She recently obtained her Master’s degree in Socio-Informatics at Stellenbosch University. The title of her thesis was Towards a Critical Review of Cybersecurity Risks in Anti-Poaching Systems in South Africa.
As part of her study, Steyn, who is also a FGASA (Fields Guides Association of Southern Africa)-certified field guide with a passion for wildlife conservation, used a network software emulator to simulate a hypothetical network of anti-poaching technologies that could be applied in the conservation of wildlife species such as rhinos, elephants, pangolins and lions. She points out anti-poaching operations don’t want to divulge real world data on the status and capabilities of their systems or their mitigation strategies.
Steyn used the simulation to carry out various cyber-attacks identified as pertinent to show the risks inherent to such a network. With the data from the simulation, she was able to perform threat modelling to determine the severity of the potential threats faced by anti-poaching networks. These attacks were then mitigated via system configurations.
Steyn says that due to the nature of her simulation, many of the attacks targeted the backbone of the network – the router and the switch.
“These network appliances were found to be the most vulnerable to the broad classes of Denial of Service (DoS) and Man in the Middle (MitM) attacks. DoS attacks disrupt a service, while MitM attacks intercept data on the network.
“Through my simulation, I discovered that many security features are not always applied by default when acquiring a new network appliance such as a router or switch. So, from the start, correct and adequate configuration is necessary.
“Since many of the technologies used in anti-poaching operations are connected to either another device, a database, a network, or the Internet to transmit data, they are all vulnerable to attack. The systems used to store the collected data are ultimately at most risk, especially if they can be accessed by cybersecurity compromises of the network or connected devices.”
Steyn points out that as soon as the real-time data that anti-poaching operations require is transmitted over a network, there’s a chance for exploitation. She adds that the common attacks on anti-poaching networks would likely be to intercept or retrieve data or to disrupt the network in order to block monitoring or delay response.
According to Steyn, not all networks are adequately protected and those that are could still be subject to very sophisticated and state-of-the-art attacks.
“While a typical poaching recruit in the field might have little technical know-how and give the Joint Operations Centre and rangers a wide berth, the syndicates funding them may be able to provide the skills, training, and equipment necessary for someone to gain access to the anti-poaching systems and communications of an area or park.
“Anti-poaching efforts are implemented by governments, non-profit organisations and private entities, with varying degrees of skills and financial resources.”
Steyn recommends comprehensive antivirus and regular software updates, Intruder Detection Systems and firewalls, an extra layer of protection beyond just a username and password, regular security audits performed by an expert, and the creation of a security-aware culture amongst employees to mitigate some attacks and secure the network overall.
She says her study creates awareness of the cyber threats and offers mechanisms that can be implemented to mitigate these risks.