A clear and omnipresent danger: RF exfiltration
- By Chris Risley
- Jul 13, 2020
Government’s widespread adoption of teleworking and wireless technologies has raised the threat of radio frequency (RF) attacks at an all-time high. Cyber thieves are targeting blind spots in wireless communications, the internet of things (IoT) and government devices running on various networks across the wireless spectrum -- presenting major risks to government facilities.
RF espionage puts government networks at risk
Adversaries such as China, North Korea, Russia and others are very savvy at employing RF techniques to breach network security. Acknowledging the threat of RF espionage, government agencies with classified data have policies to exclude RF devices such as cell phones from many facilities.
The dangers to federal facilities have only amplified with COVID-19 and the forced mass adoption of remote work. Government employees may now be accessing government networks from unsecured devices, putting agencies more at risk than ever before. Employees using wireless devices at home can easily have their connections hijacked by devices in nearby homes, forcing IT teams to monitor devices that aren’t connected to their network. When employees report back to secure facilities for work, they may unknowingly bring vulnerable cell phones, smartwatches, Bluetooth accessories and other devices upon which they have come to rely while working from home. This vulnerable equipment is a potential beachhead for cybercriminals and nation-state actors launching attacks to exfiltrate documents, secret memos and other sensitive data.
The threat of a potentially disastrous RF attack has become so alarming that the Department of Homeland Security has allotted funding to provide system administrators with real-time situational awareness of RF threats for IoT devices.
Sounding the sirens: The stealthy risks of RF cyberattacks
With wired networks, IT professionals can see what devices are connected to what networks and where the signals are going. Invisible RF communications leave IT teams with no way of knowing what’s connected or being transmitted in their environment.
In 2017, 156 emergency sirens were compromised in Dallas. While the incident turned out to be more of a prank than an enemy attack, it demonstrated how vulnerable cities – and national infrastructure -- are to RF attacks. Nation-states are using common protocols for spying as signals bouncing around in even the most secure areas make it easy for spy radios to hide in the traffic. This should put government and enterprises on notice as to why it’s imperative to secure and protect radio-configurable critical infrastructure in enterprise environments.
Once hackers access a compromised device inside a government facility, they can leverage the device to attack other systems within the network. Even more troubling, devices can be compromised outside government facilities unbeknownst to their users and then be carried in on the wrists or ears of innocent users.
Safeguarding the government from nefarious RF attacks
As wireless technologies play an increasingly integral role in digital transformation, here are some essential steps that the government sector can take to mitigate RF threats:
- Recognize RF exploitation: Gaining awareness and having visibility into the communication taking place between devices in airspaces is critical in protecting sensitive data.
- Assess RF solutions: When examining RF products, security and IT teams must consider solutions that will combat radio-borne threats to their facilities, intellectual property and government secrets.
- Deploy RF technology: Standard security technology is incapable of detecting devices operating within the RF spectrum. Equipping security teams with RF detection technology is crucial for government agencies to gain complete visibility to locate known and unknown devices in real time.
The exploitation of wireless devices inside government facilities will continue to grow. Not recognizing the threats of an RF attack to vulnerable wireless communications will leave the door wide open for adversaries. Deploying RF detection technology will equip government agencies to fend off potentially devastating RF-enabled breaches.
Chris Risley is the CEO of Bastille Networks.