Emerging Threats to Public Safety: Drones, Cyber, and Synthetic Media at Large-Scale Events

As large-scale public gatherings continue to grow in size, complexity, and global visibility, so too does the threat landscape surrounding them. The convergence of rapidly advancing technologies, UAS, cyber capabilities, and AI-generated synthetic media, has fundamentally reshaped how adversaries can disrupt, influence, or exploit these events. Recent whitepapers from the Center for Internet Security (CIS) highlight three interconnected risk areas that demand attention from public safety, emergency management, and security professionals: evolving UAS threats, drone-enabled cyber risks, and deepfakes and synthetic media. Together, they illustrate a shift toward a more dynamic, multi-domain threat environment requiring integrated, forward-looking strategies.

The “Unmanned Aircraft Systems (UAS): Evolving Risks to Large-Scale Public Gatherings” whitepaper outlines how the rapid proliferation and increased capability of commercial drones have created a diverse and accessible threat vector. Modern drones can bypass traditional ground-based security measures, conduct surveillance, deliver payloads, or trigger disruptions with minimal cost and expertise. The report highlights a wide range of threat actors—from terrorist organizations and criminal networks to lone actors and protest groups—all capable of leveraging drones for reconnaissance, disruption, or even kinetic attacks. It also emphasizes emerging risks such as swarm operations, autonomous navigation, and battlefield-derived tactics migrating into the homeland. Importantly, it underscores that even non-malicious or reckless drone activity can cause significant operational disruption. The paper calls for layered, intelligence-driven approaches that integrate detection technologies, interagency coordination, and public awareness to establish effective airspace security.

The “UAS Companion Cyber Risk” whitepaper expands this conversation by reframing drones not just as physical threats, but as mobile cyber platforms. It explains how drones can act as proximity-based tools for cyber intrusion—carrying equipment capable of intercepting wireless signals, deploying rogue access points, conducting credential harvesting, or disrupting communications systems. By hovering near sensitive infrastructure such as stadium networks, broadcast systems, or emergency operations centers, drones can bypass traditional cybersecurity assumptions about physical separation. The report details threat pathways including wireless reconnaissance, RF interference, GPS spoofing, and malicious payload delivery (such as dropped devices designed to infiltrate networks). It stresses that these cyber-physical risks are amplified during large events where temporary networks, multiple vendors, and dense RF environments create vulnerabilities. Mitigation requires a layered strategy combining cybersecurity controls, airspace awareness, RF monitoring, and cross-domain coordination between cyber and physical security teams.

The “Deepfakes and Synthetic Media: The Emerging Threat to Large-Scale Public Gatherings” whitepaper introduces a different but equally impactful challenge: the manipulation of information and perception. It describes how AI-generated content—including deepfake video, voice cloning, and synthetic personas—can be used to fabricate incidents, impersonate trusted officials, and spread false narratives at scale. These threats are particularly dangerous in high-tempo event environments where rapid decision-making and emotional crowd responses can amplify the impact of misinformation. The report outlines how adversaries across the spectrum—state actors, extremists, criminals, and opportunistic individuals—can leverage synthetic media for fraud, panic induction, influence operations, or operational disruption (e.g., false emergency alerts or swatting incidents). It highlights the concept of “cognitive warfare,” where the goal is not just deception but erosion of trust and decision-making confidence. To counter this, the paper emphasizes preparedness through verification protocols, crisis communication strategies, public awareness, and coordinated monitoring rather than reliance on detection technology alone.

Conclusion

Taken together, these three reports paint a clear picture: the threat environment for large-scale public gatherings is no longer confined to traditional physical security risks. Instead, it is defined by the convergence of airspace, cyber, and information domains—each reinforcing and amplifying the others. Drones can enable cyber intrusions, cyber activity can precede drone operations, and synthetic media can manipulate perception and disrupt response efforts in real time. Addressing these challenges requires more than isolated solutions; it demands integrated planning, cross-sector collaboration, and a shared operating picture across disciplines. As communities prepare for increasingly complex events, the ability to anticipate, adapt, and coordinate across these emerging risk areas will be critical to ensuring public safety, operational resilience, and public trust.