“Deploying RF technology and leveraging existing best breed security tools, such as network systems, SIEMS, MDMs, and incident response systems, equips security teams with complete visibility and 24/7 monitoring in the complete RF spectrum to thwart attacks,” says Dr. Bob Baxley CTO at Bastille, in an exclusive interview to ITSW.
ITSW Bureau- What methods are used by sophisticated hackers to exploit wireless protocols to gain access to sensitive data assets?
Dr. Bob Baxley- The widespread adoption of devices using Bluetooth, BLE, and IoT protocols is fairly recent. As a result, security teams are untrained and do not have adequate tools to mitigate the risks posed by computing devices, which often have multiple RF capabilities.
For example, IoT infrastructure devices such as HVAC controllers may also have a hardwired Ethernet connection, in addition to Bluetooth, Zigbee and WirelessHART enabled, and sometimes only “protected” by default usernames and passwords.
Radio-based device vulnerabilities include SweynTooth, the Phillips Hue vulnerability Zigbee Worm, BleedingBit, BlueBorne, MouseJack, and KeySniffer. These affect billions of devices from heart monitors to wireless keyboards and are just the start of threat development, underscoring the immaturity of security for radio frequency protocols.
Thus, CISOs need to understand their RF attack surface to maintain a secure perimeter.
ITSW Bureau- How can enterprises prevent the compromise of wireless devices and safeguard sensitive data?
Dr. Bob Baxley-
- Standard security technology can not of detecting devices operating within the RF spectrum. Deploying RF technology is crucial for facilities to detect devices in real-time and equip security teams with complete visibility to locate known and unknown devices.
- It is essential to evaluate RF technology with existing integrations for threat alerts, incident response, and forensics.
Deploying RF technology and leveraging existing best breed security tools, such as network systems, SIEMS, MDMs, and incident response systems, equips security teams with complete visibility and 24/7 monitoring in the complete RF spectrum to thwart attacks.
ITSW Bureau- How can enterprises benefit from tech/solutions on the market to combat RF threats?
Dr. Bob Baxley- As wireless technologies increasingly play an integral role in digital transformations; here are some essential steps enterprises can take to mitigate RF threats:
- Recognizing RF Exploitation: Gaining awareness and visibility into the communication between devices in airspaces is critical to protect sensitive information.
- Assess RF Solutions: When analyzing RF products, security, and IT departments must consider solutions that will fight radio-borne threats to their facilities, trade secrets, and intellectual property.
- Deploy RF Technology: Standard security technology is bad at detecting devices operating within the RF spectrum. Adopting RF technology is crucial for all industries, especially for the government sector, to detect real-time devices. RF adoption will equip security teams with complete visibility to locate known and unknown devices.
ITSW Bureau- Has the pandemic had a significant impact on the tactics, techniques, and procedures of such malicious actors targeting the IT industry and government agencies?
Dr. Bob Baxley-The widespread adoption of teleworking and wireless technologies in government environments has placed the threat of radio frequency (RF) breaches at an all-time high. As cyber thieves target blind spots in wireless communications, shadow IT devices (such as wearables, personal cell phones, and tablets) present major risks to government facilities.
Ordinarily, when employees report to work, they are unknowingly bringing potentially vulnerable devices into facilities via their cell phones, smart watches, and other devices. Government personnel may now be accessing government networks from unsecured devices, or from secure devices that are now in use in home environments and connected to a myriad of home devices, putting facilities at higher risk than before.
Employees using wireless systems at home can easily have their connections breached by devices in nearby homes. As a result, IT teams now have the additional burden of monitoring devices that aren’t connected to their network. Vulnerable devices exist inside government ecosystems via remote work.
They are a potential entry point for cybercriminals and nation-state actors to execute attacks such as exfiltrating secret memos, documents, and sensitive data.
The threat of a possibly disastrous RF attack has become alarming enough for the Department of Homeland Security to dedicate resources to combat these potential attacks. DHS has allotted significant funds toward providing system administrators with real-time situational awareness of RF threats for IoT devices.
For more than a decade, Dr. Bob Baxley has been a technology leader in implementing machine learning algorithms for software defined and cognitive radios. At Bastille, Bob serves as Chief Technology Officer where he leads the development of systems to sift through massive amounts of radio frequency data to protect enterprises from radio threats.
Prior to joining Bastille, Bob was the Director of the Software Defined Radio Lab at Georgia Tech, where he led basic and applied research projects for organizations including NSF, ONR, Army, DoD, Air Force and DARPA. He has published more than 100 peer-reviewed papers and patents, is the receipt of various research awards, and is a Senior Member of the IEEE. He also led the GTRI team that competed in the DARPA Spectrum Challenge and placed second out of 90 teams.