Farmers nervous as Chinese drone ban bill looms
United States farmers may need to plan now for a future in which Chinese-made drones are no longer allowed to operate on U.S. networks. That future may be nearer than many think, but it doesn’t mean they will have to get rid of their drones immediately.
About 80% of the estimated 200,000 drones in use by U.S. farmers are made by Da-Jiang Innovations, a leading Chinese drone-maker that controls about 70% of the global market. Beginning in 2016, DJI’s Mavic and Phantom drones brought sophisticated camera drones to the U.S. consumer market at more affordable prices.
U.S. users say DJI’s drones are better, cheaper, more capable and more reliable than U.S.-made alternatives. DJI quickly took a commanding market position, driving hundreds of U.S. drone-makers out of business. DJI drones are also used by local police departments, forestry workers, fire departments, real estate brokers and inspectors and many other users.
On Sept. 9, the U.S. House of Representatives passed the Countering CCP Drones Act, a bill introduced last March by Rep. Elise Stefanik (R-NY). The bill passed on a voice vote, a procedure in which individual votes are not recorded. It has been incorporated in the National Defense Authorization Act for 2025 and seems likely to become law in an election year in which no one wants to be seen as “soft on China.” At press time, there is no word on when the Senate will vote on it.
If the bill becomes law, it’s tough news for farmers since DJI is one of its specific targets. It follows the already-passed American Security Drone Act, part of the National Defense Authorization Act for 2024, which President Joe Biden signed into law on Dec. 22, 2023. That law bans any federal agency from buying Chinese-made drones beginning in December 2025. If the current bill follows that pattern, it may allow a year or two for drone users to adjust and adapt.
The drone ban is opposed by U.S. farm groups that say it would cripple both U.S. agriculture and law enforcement. The bill would require the Federal Communications Commission to deny banned devices their license to access the U.S. spectrum. However, it will not affect DJI drones already bought and paid for, just new models.
Farmers who want to keep using drones may have to be prepared to spend more for U.S.-made drone with less performance and capacity—at least, until U.S. drone-makers ramp up new production.
Blunt warning: ‘You won’t win.’
Allan Evans is betting his company’s future that a new world of U.S.-based drone making will soon expand. Evans is CEO of Unusual Machines, a company that provides components to U.S. drone-makers and also does some assembly. It is small now, but Evans anticipates big growth soon. He contacted High Plains Journal after the publication ran an earlier story about farm groups opposing the Chinese drone ban bill.
Evans has a blunt warning for all U.S. users of Chinese drone platforms: “You won’t win in whatever comes next.” His is among a small group of U.S. companies added to a Defense Department “cleared list” known as Blue UAS. Companies on this list are pre-cleared for military procurement orders; the clearance means that all components in their supply chain have been security vetted. The list’s purpose is to remove red tape roadblocks and speed procurement.
Companies on the list have undergone a risk assessment for all components in the supply chain, including country of origin, and a cybersecurity check. However, Blue UAS listing does not require that all components be U.S.-made, even though other federal policies sometimes do require a certain percentage of all defense-related project materials to be made in the U.S.
Defense hawks hope that such lists of pre-cleared, American-made tech companies will pave the way for the re-shoring of technology manufacturing back to America. Mike Gallagher is a former U.S. congressman who left Congress to become head of security for Palantir, a software company that just won a $178 million Army contract to develop battlefield targeting software. While in Congress, Gallagher chaired a select committee on Chinese threats.
Citing the recent exploding pager and walkie-talkie attacks on Hezbollah, Gallagher argued in the Wall Street Journal that, “The weaponization of commercial hardware and software will drive a bifurcation in the technology stack between the free world and our totalitarian rivals.” Gallagher says the lesson of the exploding pager attack on Hezbollah (widely attributed to Israel, although Israel has not taken responsibility) is that where national security is concerned, anything less than complete control over supply chains at every level is too risky.
What is the actual threat?
Over the past year, as Stefanik’s bill wound through committees in Congress, the FBI released a steady drumbeat of revelations about Chinese-linked operations to hack or infiltrate U.S. systems. On Sept. 25, the FBI publicized details of a previously undisclosed cyber-attack dubbed Salt Typhoon, in which “actors linked to China” hacked into America’s broadband networks. “In this type of intrusion, bad actors aim to establish a foothold within the infrastructure of cable and broadband providers that would allow them to access data stored by telecommunications companies or launch a damaging cyberattack,” the Wall Street Journal reported.
A week earlier, the FBI disclosed another attack by a Chinese-linked group, Flax Typhoon, which hacked into 200,000 consumer-related devices, including routers, cameras and other internet-connected devices that are entry points into U.S. networks. In August, Microsoft posted a notice about this group, saying it “gains and maintains long-term access to Taiwanese organizations’ networks with minimal use of malware, relying on tools built into the operating system, along with some normally benign software to quietly remain in these networks.”
It’s believed that in the event of an attack by China on Taiwan, groups like this would try to disrupt U.S. communications and responses to support it.
In January, federal officials disclosed the disruption of Volt Typhoon, another China-linked campaign that sought to infiltrate U.S. critical infrastructure. The Volt Typhoon attack used privately-owned SOHO routers infected with “KV Botnet” malware to conceal the Chinese origins of further hacking activities directed against U.S. and other foreign targets, authorities said. The Volt Typhoon hacking activities were the subject of a May 2023 FBI, National Security Agency, Cybersecurity and Infrastructure Security Agency and foreign partner advisory.
The same activity was the subject of private sector partner advisories in May and December 2023, as well as an additional secure-by-design alert released by CISA. According to the FBI, the “vast majority” of routers that comprised the KV Botnet were older Cisco and NetGear routers no longer supported through security patches or other software updates.
Criminalizing free enterprise?
DJI responds strongly to its critics and regularly denies it is a military company or that it has any special connection to the Chinese government or military. Skeptics point to Chinese laws that requires that all Chinese companies give the government access to their data on request. DJI responds that distorted national security fears are being stoked to disguise old-fashioned market protectionism.
“The lawmakers driving this legislation continue to reference inaccurate and unsubstantiated allegations regarding DJI’s operations and have amplified xenophobic narratives in a quest to support local drone manufacturers and eliminate market competition,” DJI said in a statement. A leading U.S. drone magazine went further and said, “A ban on DJI would criminalize U.S. free enterprise.”
DJI is not passively waiting for the ban. Recent stories in drone publications suggest that DJI is quietly looking for American partners to license its technology.
‘Living off the land’ attacks
Security agencies worry about the possibility of undetected threats. In its cyber-alerts, the FBI warns of the rise of a new breed of cyber-attacks known as “living off the land” attacks.
According to cybersecurity expert Justin Hoeft, whose company is called Safe Mode, “A ‘living off the land attack’ is a technique where attackers utilize the applications and features already extant in the target environment. They add no new files to the target systems and instead abuse the legitimate files and applications. This minimizes the chance of detection because the target environment is not altered in any noticeable way. For example, skilled attackers find methods that normally facilitate system administration and file transfer and then use them to maintain persistence and exfiltrate sensitive data. Software maintainers can learn about these abuses and patch against them, but the process is more reactive than proactive.”
LOTL attacks use tools already present in the environment, such as PowerShell and Windows Management Instrumentation, to carry out the attack.
A subvariety, according to Hoeft, is the memory-only malware attack, in which the malware resides only in the computer’s memory, with nothing stored on hard drives. “This is nefarious because, again, the footprint of the attack is much reduced with the bonus of the malware disappearing after a reboot,” Hoeft said. “Persistence may be maintained across reboots by altering the system registry or even creating scheduled tasks that will reinitiate the attack sequence and load the malware into memory, another example of living off the land.”
Hoeft himself recently bought a Chinese drone. “I researched drones made outside of China and would have paid twice as much for half the capabilities,” he told High Plains Journal. “The fact is that China in general, and DJI in particular, have made great strides, particularly in software, that have allowed them to create fully featured drones that are easy to operate at competitive price points.”
Security and the cloud
Hoeft is sensitive to security concerns. “The strategic information available from commercial and hobby video data uploaded to the cloud would be quite valuable (to an adversary) as it would be more up to date than, say, Google Earth, with better resolution. While current rules limit imagery of airports and military installations, much of our critical infrastructure could be available, whether a hobbyist unintentionally records municipal water intake pumps on a river or a commercial operator is inspecting an electrical substation.”
Hoeft points out that drones and other devices need not be continuously connected to the cloud. Many farm drones are able to operate for long periods without being connected to the cloud. This feature is as much to save power or cope with intermittent connectivity as for security reasons.
“I opted out of the cloud storage but must connect the drone to DJI’s systems when doing software updates,” Hoeft said. “I don’t think it would stop functioning if I never connected again.”
Experts agree that security concerns are a reason to bring chip manufacturing back home and take complete control of the supply chain, he said. Echoing Gallagher’s point, Hoeft said, “After the Israeli supply chain attack on Hezbollah’s pagers and walkie talkies, it appears that anything is possible.”
The combination of security scares and bipartisan patriotic appeal may make it hard for the farm and ag community to prevail on the foreign drone issue.
David Murray can be reached at [email protected].
