Securing Enterprises From RF Exploitation

Securing Enterprises From RF Exploitation

RF attacks are on the rise as more organizations employ wireless networks. Here’s how to keep your networks safe

What do the Dallas tornado siren attack, hacked health performance monitors and compromised wearables have in common? Vulnerable wireless protocols.

Corporate airspaces are under attack from an invisible threat: radio frequencies (RF). Because enterprises are crucially reliant on wireless protocols (Bluetooth, Wi-Fi, BLE, Zigbee, Z-Wave, etc.) for IT, building and employees, exploitation of wireless devices is growing increasingly common. These sophisticated attacks use compromised RF devices as their entry points into government and corporate networks. Foreign governments, competitors and cyber crooks are all conducting radio-based attacks on enterprises to access intellectual property and sensitive company information.

RF Attacks Puts Enterprises at Risk

More than 70% of devices connected to a network today are connected via RF and cellular and that percentage will exponentially grow. The problem is that traditional security solutions don’t offer visibility into the numerous devices that operate and exist within the radio frequency. How can enterprises expect to protect what they can’t see?

Equally concerning are the radio-enabled and cellular devices in an enterprise that are not connected to their network—those that enter daily with employees and visitors, as well as those installed into a facility by contractors. These devices can be compromised and used to exfiltrate voice, video and computer data right past firewalls and into the unsecured world outside.

In 2017, 156 emergency sirens were hacked in Dallas for more than 90 minutes, unsettling residents and serving as a warning notice to vulnerable national infrastructure. While the incident turned out to be more of a nuisance than actually harmful, it underscored how vulnerable cities are to RF attacks and that these intrusions are getting much more common. It’s clear that nation-states are using common protocols for spying as signals bouncing around in even the most secure areas make it easy for spy radios to hide in the traffic. This should put the government and enterprises on notice as to why it’s imperative to secure and protect radio-configurable critical infrastructure and corporate environments.

Understanding RF Exploitation

The proliferation of radio frequency transmissions in enterprise networks presents major security concerns for corporations. Covert, rogue, vulnerable wireless and cellular devices include building controls, cell phones, security cameras, smart TVs, printers and peripherals and medical devices.

For example, a laptop legitimately connected to an organization’s network could also be tethered to a cell phone via Bluetooth and that cellphone can be connected via a 40Mbps 4G cellular data connection to a server in China, which is covertly monitoring company secrets in real-time. Other recent examples of radio-borne vulnerabilities include SweynTooth, the Phillips Hue Zigbee Worm, BleedingBit, BlueBorne, MouseJack and KeySniffer.

These threats affect billions of devices from Bluetooth Low Energy (BLE) and pacemakers to wireless keyboards, and these vulnerabilities are just the start, underscoring how immature security is for radio frequency protocols.

How Can Enterprises Protect Their Business From RF Attacks?

Understanding what communication is taking place between devices is essential to identify and eliminate potential intrusions and attacks from radio frequency transmissions. CISOs and security practitioners need to deploy RF solutions that provide 24/7, real-time visibility and situational awareness into the “big 4” protocols operating in organizations’ facilities: cellular, Bluetooth, BLE and Wi-Fi. This deployment will provide security teams with a baseline of what the normal RF activities are in their airspace and from there the system can identify, detect and locate devices in their corporate network. With the visibility to manage and view cellular, Wi-Fi, Bluetooth and BLE activities in corporate environments, organizations are equipped with the security technology to mitigate RF attacks and safeguard their company secrets.

Featured eBook
Identifying Web Attack Indicators

Identifying Web Attack Indicators

Attackers are always looking for ways into web and mobile applications. The 2019 Verizon Data Breach Investigation Report listed web applications the number ONE vector attackers use when breaching organizations. In this paper, we examine malicious web request patterns for four of the most common web attack methods and show how to gain the context and … Read More

Leave a Reply