According to a memo obtained by sUAS News, the US Army will stop using DJI drones, effective immediately. "Due to increased awareness of cyber vulnerabilities associated with DJI products, it is directed that the US Army halt use of all DJI products," said the memo, which listed flight computers, cameras, radios, batteries, speed controllers, GPS units, handheld control stations and any device with DJI software applications installed on it as products that must cease being used. According to the document, the Army Aviation Engineering Directorate has issued over 300 Airworthiness Releases for DJI products. "Cease all use, uninstall all DJI applications, remove all batteries/storage media from devices, and secure equipment for follow on direction," the memo continued.
The memo cites a report from the Army Research Laboratory and a memo from the US Navy, both compiled in May, that reference operational risks and vulnerabilities with DJI products. Security concerns with DJI drones were the topic of an article published by sUAS News in May, which pointed out that with DJI UAVs, the default settings of the DJI GO 4 app are to upload details of flight records -- including telemetry, video and audio -- to servers located in the US, China and Hong Kong. While it's extremely unlikely that the Army is unwittingly uploading its flight details to DJI servers, recently exploited security shortcomings may have been enough to make the military rethink its use of DJI's technology. For example, hackers have recently shown how it easy is to get around DJI's geofenced no fly zones and height restrictions.
A spokesperson for DJI told Engadget, "We are surprised and disappointed to read reports of the U.S. Army's unprompted restriction on DJI drones as we were not consulted during their decision. We are happy to work directly with any organization, including the US Army, that has concerns about our management of cyber issues. We'll be reaching out to the US Army to confirm the memo and to understand what is specifically meant by 'cyber vulnerabilities.'"
We also reached out to the US Army and a spokesperson told us they could confirm the memo was issued but because the Army is currently reviewing the guidance, they couldn't comment further.