Emerging Tech: Security — The Need for Wireless Airspace Defense
Download now▶Explore the fascinating evolution of wireless and RF threats from their earliest origins to today’s sophisticated cyber landscape in this comprehensive webinar led by Bastille’s CTO Brett Walkenhorst and former CIA executive Rodney Alto. The presentation traces key historical milestones including Marconi’s first wireless hack in the early 1900s, the ingenious Soviet “Thing” listening device planted in the US Ambassador’s residence in 1945, and the shocking discovery of hundreds of RF bugs embedded throughout the US Embassy building in Moscow during the Cold War era.
Discover how wireless threats have transformed from rare, nation-state capabilities requiring significant resources to democratized tools accessible to anyone with a modest budget. Today’s landscape features everything from $200 Flipper devices that can crash iPhones to sophisticated software-defined radios that put advanced RF manipulation capabilities in the hands of everyday hackers. As our world becomes increasingly connected with tens of billions of wireless devices, understanding this historical progression becomes crucial for recognizing current vulnerabilities and preparing for emerging threats in our wirelessly-saturated environment.
Dr. Brett Walkenhorst has over 20 years of experience as a technology leader in RF systems and signal processing. Prior to Bastille, he led and executed R&D efforts at Lucent Bell Labs, GTRI, NSI-MI Technologies, Silvus Technologies, and Raytheon Technologies. He is a senior member of IEEE and has served as the Chair of the Atlanta Chapter of the IEEE Communications Society.
Rodney Alto is a retired CIA Director of the Global Infrastructure Office with over 35 years of federal strategy and security experience spanning Asia, Latin America, the Middle East, Africa, Europe, and conflict zones. Currently serving as CEO of Bear River Consulting LLC and Federal Strategy and Security at Forward Networks, Inc., Rodney specializes in helping organizations navigate government mission drivers and risk factors that influence federal decisions. He holds executive education credentials from Harvard Kennedy School, University of Maryland, and University of Michigan Ross School of Business.
Thank you so much for your interest in Bastille. This focuses on the timeline of wireless and RF threats, key milestones, and notable events. This is part of a multi part series. My name is Justin Fry. I’m the CMO here at Bastille.
Today, we are lucky enough to be joined by Rodney Alto, one of our advisers and a former senior executive at the CIA, and also Brett Walkenhorst, our CTO.
Some housekeeping issues while people join the event today. Questions. We’ll have a q and a session at the end of the webinar. You can ask questions at any time using the q and a button in the middle of the Zoom interface.
Polls during the webinar, we may hold some polls, and we’d very much appreciate your participation.
If you have any technical issues with the webinar, please use the chat button to let us know, and we’ll do our best to resolve those issues. As always, a recording event will be made available later on.
Now over to Rodney and Brett who can introduce themselves before going to the core of the presentation. Thank you so much.
Justin, thank you. I’m happy to be here today. My name is Rodney Alto. For those who don’t know me, I retired from the Central Intelligence Agency in twenty twenty two as an executive officer there after thirty five plus years.
After departing CIA, I have served as an adviser to a multitude of companies, focused in the national security space and in the technology space as a whole. Happy to be here, and I will turn it over to Brett for an introduction.
Yeah. Thanks, Rodney. Thanks, Justin.
Brett Wackenhorst. I’m the CTO at Bastille. Background in electrical engineering, signal processing, RF systems, in charge of wireless threat research, as well as some other R and D efforts and product development.
I’m interested in this topic because I think historically we haven’t paid a lot of attention to how wireless threats affect the overall ecosystem.
And we’ve done a lot of research at Bastille, both on current threats as well as historical. So this gives us a chance to kind of go back in time and review some history and look at trends to see, where things are going.
So with that, I think we’ll just jump right in, as just sort of a high level overview.
We have this graphic that kind of shows some highlights of some interesting historical items. We’ll be hitting on several of these as we go through the timeline, but just know we’ve tried to sample this in a way that makes sense that we can, that allows us to tell a story.
But there’s way more going on than we can possibly talk about in a short webinar like this.
So hopefully this gets you an interesting sample.
To set the stage, I want to talk about trends in general and the wireless problem at a high level as well.
One of the big issues with wireless is that it’s everywhere. It’s all around us. There are tens of billions of devices that utilize one or more wireless protocols throughout the world today. And those numbers continue to grow. And the signals that they emit are likewise everywhere because the devices are everywhere, but also because the signals propagate, and penetrate physical objects readily, which should come as no surprise if you’re able to get a cell phone call while you’re inside of a building.
Then you know that those waves that are propagating through the air are able to penetrate the walls of that building.
These waves travel at the speed of light and they just sail right through all of our physical obstructions, including physical security mechanisms.
So one of the issues here is the ubiquity of the wireless devices and their signals that are all around.
And we cannot see them. These signals that are traveling at the speed of light are the same basic phenomenon that we see in sunlight.
So we have, the only problem is unlike sunlight, which occupies the visible light spectrum that we can actually see that occupies a very narrow band of the electromagnetic spectrum, these these signals that our wireless devices use, we can’t see them. So we require some kind of instrumentation to bring those signals into view, so that we can make sense out of what’s happening. So their invisibility is part of the problem and their vulnerability to exploitation is another part. You know, there’s, there’s several thousand, CVEs that have been published to date, related to wireless technologies.
And you can see the trend here in this chart is one of exponential growth in part, because over time we realized that this is more of a problem, so we pay more attention to it. But in part also, because as these systems and the protocols that they utilize to support them, as they grow in complexity to support ever increasing complex use cases, that complexity breeds vulnerability. And so we see this trend, which is a worrisome trend, partly because of the availability of technology, partly because of the complexity of the protocols and partly because we’re paying attention and we’re trying to find ways to break these things so that we can harden our systems.
Unfortunately, this is only the tip of the iceberg because the bad guys are doing the same thing and we don’t know of how the research they’re doing.
So when they find something, we may not know about it, but this shows the trend. And I think you’ll, you’ll notice that this trend bears out in the historical story that we tell. We have some data points from early on, around the pre and post World War II era.
And then we have increasing numbers of events that are important to this timeline in recent years because the technology has begun to to, propagate through the ecosystem and really take over our lives.
So those are some of the issues that we have that make wireless a problem.
The ubiquity of devices and signals, the invisibility of those signals, and the vulnerability of them to exploitation.
So let’s dive into the history a little bit.
The first story that we’re going to tell has to do with, the father of radio.
Guglielmo Marconi was an inventor who is credited with transmitting, you know, some of the first examples of communication signals, without wires.
And he was he was ready to perform a demonstration of this capability, over a significant distance. And it was supposed to be a, you know, an impressive PR stunt. He’d done this before.
He had made a claim that his system would avoid interference through tuning the signal and that it wouldn’t that it was impossible to, to break it.
Unfortunately, in this demonstration, it was shown, and this is the first example that I know of of what I would call a wireless hack.
It was shown that, someone could hack it and someone was able to overpower the signal and send, a telegraph that, basically spoofed, Marconi and made fun of him indicating that someone had taken over the system.
So I always get a little bit concerned anytime someone makes a claim of invulnerability, because that’s basically a challenge to all the hackers out there. And so we had one, hacker who was a bit of a, of a bit of a maverick, bit of a trickster who was able to overcome that signal and, and embarrass Marconi publicly.
For our next story, this goes to World War two or post World War two. Rodney, I think maybe your perspective would be good to to have here on this one.
Yeah. Brett, happy to talk about this. And and for our audience, I encourage you to go out and research the thing, and you can find a lot of information, on the thing from the Department of State, from NSA, and other sources that have have looked at this this bug that was presented to the United States in nineteen forty five, the great seal, presented by the Soviet Union to the American ambassador in Moscow, at the end of World War two.
And, you know, it was one of those things that was presented in good faith, and, you know, we’ve had this partnership and and, and all of these things that that had come out of World War two. However, when they presented that to the American ambassador, little did the American ambassador know that that this great seal, which was wooden in nature, contained a passive listening device, that was, placed inside of it.
And so, ultimately, this this device ended up at the ambassador’s residence in Moscow.
And, it really wasn’t it wasn’t identified until the the early nineteen fifties, in part because of of a transmission that, a radio operator over in the British Embassy had picked up. And then ultimately, two American Department of State engineers went over and visited with the embassy over there, and finally were able to track the bug down located in this great seal in the ambassador’s residence.
And the device is ingenious in the fact that it is a non powered massive listening device that’s commonly referred to as a resonator.
And so you typically have an external RF frequency that that resonates this, this device.
And through that resonation, resonance can actually capture audio, and be able to transmit that out.
Quite ingenious. I I would tell you that, at the time, those entities around the globe that were focused on intelligence gathering activities were were stunned by the simplicity and the capabilities of a non powered listening device, and we’re concerned about the the complexity or time it took to actually identify it, within the ambassador’s residence. So this is a an excellent example of of a very simple technology that was expertly deployed, by the Soviet Union to, you know, commit espionage against the United States, and capture private conversations within the ambassador’s residence.
And so I encourage you to go out and take a look at it. I I would add that the story of the thing, really continued through the nineteen fifties.
And for those who are history buffs, it it sort of came back up again in response to the nineteen sixties nineteen sixty Gary Powers u two incident, and and the American ambassador to the United Nations literally raised, I think it was on day four of his his presentation to the United Nations, spent time talking about the thing and showed all the members of the UN at the time, if that the Russians had in fact, been actively engaged in espionage, and we’re using it as a an example of their capabilities to steal secrets.
So it’s a fascinating story. It certainly shares, the early history of both, you know, collecting from an RF perspective, how adversaries used RF to steal information of interest to them, and how you can deploy that sort of technology inside of what would appear to be an innocuous, great seal of the United States. So, Brett, with that, back to you.
Yeah. Thanks. I just wanna comment on this. I it really is a fascinating story. The the fact that the fact that the Russians were able to implant this in a way that, the Americans weren’t able to discover for well over a decade is pretty amazing by itself. But the technology that was deployed is, is still quite amazing. It’s often seen as a precursor to today’s RFID technologies.
You have this, a truly passive device. It’s just a physical structure, but it was tuned in such a way that the resonances from acoustic signals nearby could be picked up by an RF beacon. So this is truly a wireless listening device, but a completely passive one. So I think this sets the stage well for other things that we see later on because, of course, nations have reasons to want to know about the secrets of other nations. And so the technology continued to evolve, from this kind of thing to to becoming, you know, miniaturized, covert, highly capable devices that, proliferated and, and are still a problem today.
Absolutely. I I couldn’t agree more with that, Brett.
Yeah. So let let’s go ahead and talk about some of that. And, yeah, Randy, we can go ahead and do that.
Yeah. I think this, you know, is an excellent, entry point into what did we start to see in the fifties and sixties, with regards to espionage and, quite frankly, RF wireless espionage being conducted all over the globe, by both Western and Eastern, intelligence organizations, that were, you know, engaged in this cold war.
So, Brett, as you start to allude to, you know, we’ve we’ve seen repetitively, the Soviet Union facing implants in furniture, that was either added to the furniture inside of a residence or was added to the furniture before it arrived to the residence that were compact in nature that in times could last for significant periods of time. So capabilities regarding batteries and all of this were rapidly growing, and and miniaturization became a a facet of how do I, you know, put these devices inside of these innocuous you know, your your chair, your table, you know, all of these things that that you would seem to have in everybody’s residence or office building.
And and so we sort of went through the fifties, sixties, and quite frankly, even through the seventies where all of this technology just sort of incrementally built on itself.
These wireless transmitters got smaller. We could conceal them easier. You know, think about all those movies you watched where something was hidden in a in a wall or in a picture or in a clock or whatever.
And we’ve seen that all exponentially grow. The numbers continue to grow. But, really, then you get to I I think, which is the epitome of cold war espionage, and it was the Soviet Union bugging the new embassy building inside of Moscow.
And, you know, when we talk about this building, it wasn’t a singular, RF device that was placed in there.
Best estimates by CIA and NSA and Department of State and others, that was publicly released was hundreds of devices were found inside of the new Moscow Embassy building.
And the devices were installed in a way that it was clear to the engineers who discovered the devices that the whole building was built as a listening device, which is shocking that you could, you know, build that into the concrete and the metal frame of a building.
But it really takes us from where we were with the thing, and how do you put in both active and passive devices inside of common building materials, and how do you leverage, you know, vibrations and and sort of the things that come out of RF, to amplify those singles and exfil them out of there.
The compromise of the American Embassy in Moscow was of such a nature that the Senate Select Committee on Intelligence actually recommended that the entire building be torn down and and built over. And so the implications of these sorts of espionage cases from the fifties all the way to the early eighties is significant, in in both what the capabilities of of adversarial intelligence organizations around the globe are able to do, the scope and magnitude of which they are able to build these programs, and then the complexity of executing them in a construction environment, such as a new embassy building. And it’s not a singular, you know, bug that was being placed or a listening device that was being placed. It was hundreds of them.
And so fortunately for for the United States, we were able to identify and and mitigate the concerns around the the, you know, embassy building out there.
However, the question remains is, you know, where else were these listening devices placed, and are they still active today?
And I think there’s many that would surmise that they likely are, And then when you think about then the exponential growth in technology, and the capabilities and capacity, it’s sort of the commercialization of much of this sort of technology.
I think it affects all of us, and it shows the ease of which this sort of technology could be deployed.
And it shows over time how much we’ve, you know, seen the technology modernize, shrink in size, cost comes down. When we go back to the nineteen fifties, sixties, up through the eighties, there were only a handful of intelligence services on in the globe that could do this sort of work.
Today, because of the commoditization of technology, many of these devices are readily available for, you know, less than a couple of hundred dollars to be deployed, in an adversarial RF attack.
So I think I’ll stop there, Brett. I’ll pivot it back over to you.
That that is fascinating, Rodney. I mean, your story about the embassy is mind boggling in that it would became so bad that the recommendation was to tear down the entire building.
Yeah. It’s about It’s it’s Yeah. Got it.
It’s no. It’s it’s just utterly shocking. I mean, think of the complexity of putting a single listening device, an RF listening device into a building, then exponentially grow that by estimates of three to five hundred devices put into the building. And being able to exploit them all continuously is is is shocking.
So Yeah.
It’s, it’s mind boggling for sure. So when I think about that, a couple of thoughts come to mind. One is, the complexity of that deployment, and what we discovered is amazing. And yet we we can’t imagine that we discovered every usage of these kinds of technologies against, against our personnel.
So when we see mind boggling discoveries like that, I have to think how much more of that was going on at the time.
And then I also think about, as you pointed to Rodney, the evolution of technology has been toward miniaturization efficiency, longer hauls for less power.
And while we don’t see much in terms of, passive forms like we talked about with the thing, the world has changed in a way that makes it so much easier to hide the active presence of a transmitter because there is so much going on in the spectrum.
So the the availability and advancements of the technology point to the fact that this is an either an even bigger problem today than it was then. And in some ways, harder to find just because it’s like trying to find a needle in a needle stack.
Yeah. But yeah. Let me jump in there. I’d offer that. I think you’re spot on. I think, as I said, there were really only handfuls of of entities from the fifties through the eighties that possessed the technical capability to mount these sort of operations.
But today, as you rightly highlighted in the opening of this webinar, we live in a world that is now wirelessly connected everywhere.
And and so the number of devices, the, you know, the cost of devices are are almost insignificant today. You can buy a thermometer to monitor the temperature of your your on your grill if that’s what you like for for really, you know, a few dollars and and sort of track those things. But they’re all generating some sort of, you know, RF single, whether it be Bluetooth or something else.
And so it’s all readily available, and it really gets back to, you know, how do we make this easily detectable, and how do we identify those, you know, unauthorized signals that are out there and and sort of rationalize and make sense of all of this information that we see day in and day out.
So Yeah. Absolutely.
Okay. So this is a challenging area, and it still is. I guess it might be good to point out that there are ways to bring visibility to these kinds of signals to fare it through all of the noise, And that’s one of the things that that we do at Bastille. So if you’re interested in that, happy to chat more at some point, but feel free to to go to our web page and look for resources there on more details of how that works. But the points that we wanna make here are that there are trends here about about the threats that originated decades ago.
And those trends point to continuing problems in this area today.
So, let’s move forward and talk about the trend of the explosion of technology. So one of the things that happened, in the mid eighties was that the FCC, the Federal Communications Commission, opened up a portion of the RF spectrum for, use in scientific, research and other things where the the regulatory framework was vastly simplified and basically made the spectrum available to anyone for any purpose as long as they abide by certain restrictions in terms of spectral mask, power emitted.
From a technical perspective, that would be a limit on the EIRP or effective isotropic radiated power.
But basically, it opened up the use of spectrum for a lot of different uses.
And, there were there were several efforts in the commercial world that sought to take advantage of of those new regulations.
And we saw the beginnings of the definition of protocols and the, the promulgation of devices based on those protocol definitions that started to take over the world. So this was, I mean, this is now several decades in the making, but at the time this was very nascent, and it began to set the stage for standards like Bluetooth and Wi Fi, to become ubiquitous because because of the lower bar in terms of regulatory compliance, and the ease with which they could deploy systems for local cost.
And as technology evolved over time, that that became easier and easier.
So this is an important point in history where we begin to see what I was talking about before as we’ve flooded the airwaves. There’s so many signals out there that it can be challenging to see. This is part of the reason for that. And it opened the doors, initially in one band and then started to expand to other bands as well. It opened the doors to, an explosion of technology and wireless devices and signals.
So one of the things that that came out of that fairly quickly, in nineteen ninety nine, there was an encryption scheme introduced for Wi Fi that was called WEP or wired equivalent privacy.
And, it was intended to secure communications so that payload data couldn’t be sniffed by anyone.
We haven’t really mentioned this before, but maybe it’s worth pointing out that in a wireless communication system, you can’t exactly control who hears what you’re saying.
If you broadcast something, it literally is a broadcast. There’s no way to direct it solely to an intended receiver. Anyone within earshot can hear what you’re saying.
So, privacy is, is a big deal And and people recognize that very early on. We send a signal. Anyone might be able to pick that up. We need a way to protect the information that we’re sharing. Otherwise, this technology won’t really won’t really take off. It’ll be too limited by the needs of privacy.
So encryption was, implemented early on.
Unfortunately, it did not take long.
I think it was just a couple of years after WEP was introduced when the WEP protocol was broken. And, today, you can hack a WEP, inner a WEP protocol within a matter of seconds, with with the right, with the right system.
So there are weaknesses in that implementation that were exploited, that represent I think one of the early the early pieces of excitement in the wireless hacking world where people jumped all over this, they developed tools to to break WEP. And very quickly, the Wi Fi Alliance got together.
And, and I don’t want to say patched it. They, they tried to figure out a fix as quickly as possible and very quickly rolled out a new standard for encryption WPA, which later had other issues, but, but at least it would it didn’t have the weaknesses of the reuse of certain keys that allowed us to crack web.
This has been a cat and mouse game ever since, really. So there’s all kinds of ways for people to hack Wi Fi and there’s all kinds of weaknesses associated with different cryptographic implementations.
But WEP is probably the most glaring example that kind of kicked off this cat and mouse game in terms of trying to crack encryption in wireless systems.
So it’s it’s a bit of a watershed moment for us, I think.
Yeah. Brett, I I would I would add to that and say that, it is a watershed moment to us, and it’s also a key indicator on the fact that, you know, with all new technologies comes risk, and unanticipated vulnerabilities.
You know? And so when you hear us talk about, you know, patching your devices, you know, recapitalizing your legacy infrastructure, unfortunately, you know, we we continue to believe that there are still WEP active devices out across the globe.
And the wake up call should be, as Brett alluded to, that today, WEP can be broke within seconds, not hours, literally in seconds, simply because it’s that easy to break.
And so the message from my perspective is, you know, things that you’ve seen from CISA and other organizations is, you know, keep your infrastructure patched, replace your outdated legacy infrastructure with modern infrastructure that comes with better security protocols and and processes, that are being deployed out there. The the lack of doing that puts your, wireless experience at risk. So back to you, Brett.
Yeah. Thanks, Robbie.
So we’ve been starting to address a trend in the pro about, of the proliferation of technology and the democratization of capabilities.
We’re going to touch on a few different examples of how that has affected the hacker world. So as as a start, we have the Wi Fi pineapple, which is an example of a device that’s been used on the offensive side.
And, Rodney, maybe maybe you could give us an introduction to this device.
Yeah. I’m happy to talk about, the pineapple. And and for those, you know, that are out there that may be unfamiliar with, you know, think of the pineapple as, a rogue access point that’s, intentionally placed in your environment, whether it’s in your office space or building or, you know, your personal residence or or wherever, that is there to emulate your current Wi Fi environment.
And there’s lots of really good reasons to have that to to do pen testing, to determine how how secure your your wireless environments are. But more importantly, in this case, from our adversarial perspective, you know, if you’ve got a home Wi Fi or an office Wi Fi and you know the name is a b c and you see it and you connect to it and and, you you know, you get online and you’re off and running. However, in this case, you know, as we talk about here, the evil twin, that Wi Fi access point may no longer be, part of your your organization and controlled infrastructure. It could be a rogue access point that is intentionally placed there to steal your credentials, to monitor what information you’re you’re seeking out to access, and use that to to mount a exploitation of your operating environment.
And so these things, again, are incredibly inexpensive.
Unfortunately, you know, we’re all connecting to to Wi Fi devices around the globe.
And, you know, there’s lots of concerns about somebody standing up a a pineapple in a public environment.
You know, whether you’re you see things crazy as as being at an airport, everybody’s online at an airport, or, you know, if you’re in a shopping environment and there’s an open and and accessible Wi Fi environment, somebody is accessing that. Unfortunately, there’s a a a a likelihood of somewhere in the world active at this moment is is a pineapple device out there that’s intentionally hoping that you connect to it to allow them to steal your credentials, which may allow them access to your banking information or your personal information or or things of that nature that these, bad actors are looking to exploit and and, quite frankly, use it to generate income for their illicit activities.
So they do exist out there. They’re inexpensive, and we’ll talk a little more about some of the other capabilities that we’re seeing coming with Pineapple.
But, Brett, I’d I’d pivot back to you for a moment if you wanna talk a little bit more maybe about the Pineapple technology or add to the competition.
Yeah. I’ll just add quickly that, this idea of an evil twin attack and the pineapple as a mechanism for instantiating such an attack is not theoretical at all. These these are things that have been discovered as bad actors using these devices and, evil twin methodology in general, in the wild to conduct actual attacks.
And again, we only know what we know.
So the fact that we know about any of this indicates that it’s it’s a likely thing to be happening much more than what we know.
But but it’s happened it’s happened multiple times in different ways with some stories having attribution to, like, a nation state level APT, some stories, without attribution, sometimes it’s, corporate espionage, sometimes it’s non government organizations, and sometimes it’s government focused.
So this is not theoretical. It has been around for a long time.
It’s still very effective, and the pineapple is one example of a tool that makes it readily accessible to a much broader audience.
So Yeah. I’m afraid, but I I I couldn’t agree more. And I think, you know, I I think the people who are listening in on the webinar today just need to know that, you know, when you see or hear concerns about just connecting to open wireless devices, or access points, there is real reason to be concerned about it.
The various actors are out there looking to exploit these sorts of capabilities. As you said, it’s not theoretical. It is happening today.
Yeah. Absolutely.
So along the same lines of democratization of offensive capabilities, Rodney, why don’t you talk to us a little bit about the flipper?
So so let’s fast forward to today. We’ve talked to, about, a number of devices that that, I don’t know, for lots of people may seem like it’s not in the realm of their day to day lives. However, the flipper is a denial of service attack on iPhones.
That’s still relevant today. It first highlighted in twenty twenty three, was highlighted in iOS seventeen.
And, really, what it does, as we all know, we’ve all probably used Bluetooth within our iPhones, to connect to external devices.
And if you have a flipper device, which costs less than two hundred dollars, you can go out there, and the flipper device will attempt or generate, sort of rogue pairing requests that go to any iPhone within the range of the flipper device.
So you can only imagine if you’re in a, you know, shopping area where there’s lots and lots of, people and you were carrying this device, you would literally be able to disrupt all of the Apple devices within that environment.
It does cause the phone to to literally crash, and become, unusable while it’s in proximity to that because of the denial of service attack.
So this is happening. It’s out there now. Again, this is not theoretical. You can go out and buy the flipper, today, and with a little bit of technical capability, loading the right operating system on it, for less than two hundred dollars, you could amount a denial of service attack, in any location, quite frankly, across the globe to deny users the ability to use their iPhone.
And so that’s the flipper.
It’s real. It’s inexpensive.
It is is a very capable device, and it’s meant simply to disrupt services.
And, you know, people will often ask, well, how do I how do I stop this from happening?
Two things. We we know that Apple released an update in iOS. I think it was seventeen dot two that that was able to mitigate the concerns that came with this.
I think the other opportunity that for those who who focus on this heavily, you know, if you don’t need to use your Bluetooth, turn it off. Only use it when you really need to be able to use it.
It does prevent a vector, for for, you know, bad actors to, you know, attack your device. In this case, we’re specifically talking about Apple devices.
So that’s what I’d offer on the Flipper. It’s an interesting product. It’s, inexpensive, it’s capable, and it’s, very disruptive to those who are using Apple phones out in the ecosystem today.
Yeah. So let me just broaden that a little bit, if I could. The the flipper the flipper is a multi protocol device. So it does a lot of stuff with Bluetooth as Rodney talked about. One specific thing that is particularly damaging is this denial of service capability.
But it can also do weird things like, you know, capture, capture a code of a remote, and replay it.
It can do various Wi Fi attacks with, a daughter card.
So it it speaks a number of different, communications protocols and has, as you can see, sort of a cutesy interface.
But it, it does make it easy to implement a handful of different kinds of attacks, that puts a lot of capabilities at the hands of an unsophisticated user.
So again, this trend that we see of the democratization of offensive capabilities when it comes to wireless, it’s a concerning trend. You put stuff in people’s hands and it gives them capabilities immediately for very little cost. And if they’re interested, it’s fun to them. They get smarter and they become more sophisticated and we grow the ranks of, of wireless hackers throughout the world. So, so that’s a trend that that causes us concern and points to the need for us to grow our awareness of the overall threat, considering the democratization of these capabilities.
So, one last item on along that theme is that of software defined radios.
SDRs have been around for quite some time.
And by quite some time, I mean, around the turn of the century, but the concept was defined even before then.
But they started to become more, capable and, you know, we had instantiations of them and hardware and people were using them for research purposes.
But, some years later around twenty ten and, and to some extent before, but I think twenty ten is when this particular SDR came out called the hack RF one.
There are other examples of low cost SDRs, but this is one really common example that shows that for a relatively low price, you can have access to a radio module that allows you to, very flexibly interact with the wireless environment. So what I mean by that is where previously radios were built dedicated hardware to operate on dedicated frequencies very often with, with ASIC chips that were hardwired for specific functions.
The concept of a software defined radio began to make all of that much more flexible and put the intelligence into a flexible processing unit, such as, an FPGA or a CPU or GPU that allowed you to control the radio resources themselves. So now you can stimulate signals and be very flexible about how you do that. You can program them to to do different things. You can hop to different frequencies. You can modify the protocol, modify the way that the signal is modulated. And the same thing on the receive end. You can change the way that behaves.
So the reason we’re talking about this is that it provides a level of flexibility to mess with wireless signals and to leverage a platform like this to conduct sophisticated wireless attacks.
Now, admittedly, this is going to be a little more challenging to operate than the flipper that we just talked about, or even than the wifi pineapple, but it’s not that difficult. So a little bit of work and you get up to speed and you’re able to use a very flexible platform like this and, and be very, strategic in the way that you attack and exploit wireless systems. So this, this is a trend that has been going on for a number of years now, And we now have a whole host of low cost software defined radios that are readily available. And of course, the propagation of all kinds of code bases that people can access online, and modify as they like to implement various forms of attack using a very flexible platform like this for low cost.
Rodney, anything you do would like to add to that?
No. I think, Brett, you really, you know, addressed this one.
It’s really about cost.
It’s, you know, sort of the natural evolution from a hardware based technology that came with complexities to a software based technology. As you alluded, that if you if you can program, and we have a lot of programmers across the globe these days, you can do things in RF that that just were not possible in a hardware based environment based on cost and complexity to implement those things.
And so what we’re seeing here is is similar in many ways to cloud computing.
We’ve gone from physical computers to, cloud computers, and capabilities and capacities have changed dramatically. Cost has come down.
In the RF world, we’ve seen the move from hardware based technology that was quite expensive, and didn’t change, as often as as many would have needed or wanted to now this software defined, radio that, allows, as you said, people with reasonable skills to go out and manipulate within the RF environment to to do things that I I think that’s only constrained by one individual’s imagination.
So Yeah.
Good. Good. Thank you, Rodney. So that that wraps up, the story that we wanted to tell today. Again, there is more to the story, and we’ll continue to talk about some of these threats that have been seen throughout, throughout the history of wireless technology.
If you’re interested in learning more, I’d encourage you to connect with us, ask us questions.
We’ve we’ve got a lot of insight into this world, and we’re happy to share what we’ve learned.
At this point, I’ll turn it back to Justin to wrap us up.
Thanks so much, Rodney. Thank you, Brett. Totally fascinating presentation. During the course of the event today, we had a number of questions sent in by people listening and also sent by some of the colleagues who couldn’t come to the event. One of the first questions is, were there any other devices similar to the thing that had been recently found?
Was this the only one of that type? Obviously, people were fascinated about it. A few people asked a similar question.
Yeah. I’ll I’ll jump in on that, Justin. That’s a great question. I I would say that, throughout the fifties and early sixties, intelligence services across the globe, put a lot of effort into recreating and understanding the technology that was employed through the thing.
It is ingenious. It’s it’s a very capable yet simple technology, very difficult to find. And I would argue in in today’s world, it would be still difficult to find if you didn’t have the right sort of defensive technology pushed out there. So, without getting any things that I shouldn’t talk about, I would say that, you know, once you’ve seen a successful technology deployed, even though it was deployed in the late forties, if it works, I would I would say that there were likely others today trying to employ, you know, similar technologies to acquire information.
Thank you. Thank you, Rodney. Thank you so much.
Another question. Which RF threats pose the greatest risk to national security infrastructure today?
Good question.
Yeah. That’s a good question. There there’s so many.
I think that the ones that we should be concerned about are the ones that are most accessible. We’ve seen a number of examples in in the news in recent years of insiders using their cell phones to capture and relay information classified information and expose that to adversaries.
That’s a threat simply because it’s easy to get, and anyone who has a motivation to take advantage of their position and, compromise classified information can do so pretty readily with a very this very capable device.
So I don’t know. There there’s there’s so many answers, I guess, I could give, but that would be my biggest concern is just what’s available and and what’s capable of doing the job.
Yeah. You know, Brett, I would add to that. I I I, first of all, I hundred percent agree.
You know, the fact is that our cell phones are are becoming the, you know, the the first choice of those who are looking to commit espionage because everybody has a cell phone.
As we’ve seen with the recent arrest of a Department of State officer, this person was allegedly using their cell phone to simply take pictures of their classified screen and then was relaying that classified information to to an adversary.
And, you know, it doesn’t get much simpler than that.
You know, our phones are very capable. They’re high resolution cameras.
They’re ridiculous. Lots of people would probably not be, think twice about the fact that somebody had a cell phone on them. However, the fact remains that that cell phone shouldn’t have been in that location.
The technology exists today that steel cells to highlight and identify cell phones that are not authorized to be in those localities.
And if that technology had been deployed, it would, likely have presented a significant obstacle to that person’s attempt to commit espionage.
And one would only hope that they would have maybe thought twice about it before actually doing it. So, yeah, it’s a complex discussion, and we could have an entire webinar around that single question, I think.
Yeah.
Another question here. To what extent are contractors and third parties creating exposure to our threats within federal networks or facilities?
So I’ll I’ll jump in a little bit here. First of all, you know, the guidance and policies that we see at federal facilities today to apply to all, people entering, that compound. It does not distinguish between contractor or government staff employees. They’re all legally bound to adhere to the policies and laws that govern access to particularly national security facilities.
However, a lot of our technology, the maintenance and support of it has been outsourced to contractors.
And and so, contractors by default are are often bringing technology in a building to go fix other technology.
And the key in all of that is having the right systems in place to detect what is authorized and what is not authorized.
And so today, we have that capability within the Bastille platform to discern, what is an an approved device that’s authorized to bring into a facility, what is a nonapproved device.
We can track that unapproved device, from entry point into the facility to where that device may, you know, move throughout the building.
We typically think about that as cell phones. But as as Brett and I have discussed, that can be, it could be a laptop. It could be, a replacement printer with Wi Fi enabled that’s not authorized in a national security building.
It could be any you know, it could be a smartwatch that that, the contractor, had on them and inadvertently brought in the building.
But in general context, the rules and policies that govern access to a building, in the national security space apply to all people, whether you’re a contractor or a staff government employee officer.
Rodning, thank you so much. This is the end of the presentation for today. Very much appreciate all the work that went into this, Brett and Rodney. And we’ll see everyone on part two of this series in the near future. Thanks very much.
Learn how Bastille can help you prepare you for today’s ever-growing wireless threat landscape, and schedule a demo and we’ll be in touch shortly.