Americans should stop unencrypted texting on their iPhones or Androids Executive Summary A confluence of troubling developments has emerged as U.S. officials reveal that Chinese state hackers remain deeply embedded in telecommunications systems. Meanwhile, due to the ongoing breach, the FBI and CISA have taken the unprecedented step of warning Americans to abandon standard text and voice messaging in favor of encrypted communications. This move represents a fundamental shift in how organizations approach personal and corporate wireless device security. The…
Category: Uncategorized
Why handheld and point-solution detection equipment will fail DOD and Federal WIDS requirements
INTRODUCTION TO DOD AND FEDERAL WIDS REQUIREMENTSDOD and Federal WIDS (Wireless Intrusion Detection System) requirements, such as those of the Secretary of Defense Memo of June 30th 2023 relating to the safeguarding of classified national security information (CNSI) from the threats posed by personal and portable electronic devices within SCIFs and SAPFs, cannot be met with handheld detection solutions for practical, technical, and regulatory reasons. Our breakdown explains the challenges in more detail:CHALLENGES IN MEETING DOD AND FEDERAL WIDS REQUIREMENTS…
The Critical Role of Wireless Threat Intelligence in Modern Corporate Security
In today's interconnected world, wireless technology is an integral part of corporate infrastructure. As businesses continue to rely on wireless networks for daily operations, the importance of securing these networks has never been more critical. Employees and visitors bring wireless devices into corporate facilities. Visiting wireless devices may be unwittingly compromised or used by bad actors to compromise corporate assets and networks, exfiltrating voice and data or introducing threats and vulnerabilities to corporate systems. This is where Wireless Threat Intelligence…
Enhancing Security in Critical Environments Series: The Pager — Bastille
Pagers - History, Uses Today and How to Detect In a world of ever-faster mobile communications devices and cellular networks, it is easy to forget the role still played by much older wireless communication devices: pagers.While smartphones dominate modern communication, pagers—once ubiquitous for short messages and alerts—are still widely used in critical environments. Detecting and monitoring pagers is vital to ensuring operational security. Bastille Networks provides a comprehensive solution for detecting wireless devices across the RF spectrum, including pagers.Understanding the history…
How to Detect and Locate Unauthorized Cell phones — Bastille
Detect and Locate Unauthorized Cell phonesBastille is the first and only product to detect and locate cellular phones within a building based on their cellular signal. Real-time detection with alerts plus DVR-like playback for forensics.Cellular phones are a great business productivity tool, but they are also the most ubiquitous security and compliance threat faced by financial services organizations. Cell phones have cameras, recording devices, the ability to become out-of-network hotspots and to tether to laptops and computers in the building…
Wireless Intrusion Detection Systems (WIDS) — Bastille
In a traditional, hard-wired network, the only way in is through the Internet-facing router. Most modern networks, though, include 802.11 wireless access points (APs). If they aren't well-secured, or if there are unauthorized APs on the network, they can open the systems to intruders. With wireless access, there's no firm boundary between the inside and outside. Other tenants in an office building could be in range. A spy could set up an inconspicuous wireless relay outside a building. Anyone who…
Leading RF Security Vulnerabilities in 2018 — Bastille
When you think of RF vulnerabilities, you probably think first of Bluetooth and Wi-Fi issues. There have been well-publicized vulnerabilities in both during the past year, but the issue is broader. RF devices also include RFID tags, NFC (e.g., Apple Pay), 433 MHz remote control, LR-WPAN networking, and a host of proprietary protocols. Any of them can have security issues.While the less known ones don't get as much publicity, they can cause considerable havoc. Proprietary protocols often don't get examined…
Hacked Pacemakers and Insulin Pumps Are Just the Beginning — Bastille
As the number of medical devices explode, protection against RF risk in the clinical setting gets more complicated.In 2016, the healthcare industry received a wake-up call. Federal regulators discovered critical cybersecurity vulnerabilities in certain pacemakers, defibrillators and other medical devices made by St. Jude Medical. Because these devices use RF signals to transmit and receive patient data, these devices were vulnerable to intrusions and exploits that could have dire consequences for patients. It wasn’t the first time medical device security…
Do You Know Who’s Hacking the Trading Floor? — Bastille
What You Need to Know About Monitoring Cellular and IoT Devices in Capital Markets Will the regulatory climate for capital markets cool off given the pro-business agenda of the current administration? It may be too early to tell, but many believe the answer will be “no” – especially as the government zeroes in on cybersecurity.Another area of particular focus is electronic communications (or e-comms), which touches virtually every aspect of buy and sell-side activities.Just ask FINRA. Last December, the agency…
Dallas Siren Attack — Bastille
In light of recent events, particularly the Dallas siren hack we'd like to go through a couple of plausible scenarios that might explain this attack and how they relate to the need for more security when designing RF-enabled devices and implementing RF-enabled networks.For now, let’s look at the Dallas incident to examine how some public safety and large-scale RF networks work, how they might be vulnerable to such attacks, and what you should take into account when designing and securing such…