Wireless security is one of the most important, yet most overlooked, threat in commercial and government environments. With the constant barrage of hacks and phishing attacks against U.S. government agencies, an area that seems to be wide open and nearly ignored is the wireless vector. Some would suggest that data pipes on wireless are too slow to be an effective means of hacking. Others suggest that their campus is protected by physical isolation and “no wireless” policies. History shows that vulnerabilities are always exploited and there are ways around these perceived protections, making wireless attacks an “invisible” threat and a complete blind spot to most security detection solutions.
The wireless environment required by consumers, commercial and government workers is currently more than 18 billion (Wi-Fi Alliance) devices worldwide in 2021 and is expected to grow over 20% annually with no end in sight. Wi-Fi 6 reached 50 percent market adoption more quickly than previous Wi-Fi generations, fueled by demand for high quality Wi-Fi and more efficient, reliable connectivity in phones, tablets, and access points (AP). The number of devices and use cases is extensive and includes:
The wireless market is expected to increase 25% annually; the largest increase coming from IoT devices- patient monitoring, door locks, thermostats, doorbells, cameras, lighting controllers, alarms for security and fire, voice controllers, and other sensors. These use a variety of wireless signaling such as BLE, Wi-Fi, Z-Wave, Zigbee, etc. With so many different devices, across many different protocols spanning the breadth of the radio frequency spectrum, the threat surface to wireless technologies is increasing at a dramatic rate.
The Invisible Threat
In traditional networking environment using cabled solutions to include copper and glass, the end points are secured behind locked doors, in buildings that generally have guarded entrance, locks etc. The threat to those end points and systems come from the Internet or from physical access. In the case of these wireless technologies, the threat to wireless transport can come from anywhere that wireless signal is accessible, no matter the technology. Private LTE, Public Cellular, Wi-Fi or mmWave provide any bad actor with access to like technology an ability to attack from anywhere that signal can be seen. A typical outdoor access point signal can be seen from up to 800 meters. IoT devices operating in the 900MHz range can reach over 100 meters. This means the threat surface can extend to a park bench, a moving car, a roof top or a coffee shop without ever having been seen by the traditional intrusion detection.
There are many ways of penetrating networks via the wireless network, but the most common include:
Many commercial and government agencies have no wireless intrusion detection (WIDs) or protection beyond the Wi-Fi vendor’s 2.4GHz and 5GHz their proprietary WIDs applications. Certified Wi-Fi solutions on the DOD APL and NIST include Cisco, Aruba and Ruckus, which do not have any detection beyond their Wi-Fi radios, nor are they built to detect 802.15.4 the protocol used by IoT devices.
Although there is security for payload over the RF spectrum, there is inadequate protection from adversarial or general RF interference, jamming. If the wireless connection gets interrupted, it does not matter how secure the data payload is, the data will not get to its destination and that could compromise mission success.
Without real-time visibility, monitoring, and active management of wireless devices, enterprises have no way of managing the risk and costs associated with them. There is no way, for example, to predict data usage, monitor device policy and behavior, or detect and remediate real-time threats to the environment.
The Wireless Shield
ID Technologies (IDT) has developed the Archon encrypted solution for mobile access (Wi-Fi and LTE) using CSfC (Commercial Solutions for Classified) as dictated by the federal government as an alternative for the Type 1 encryption. The advantage of the Archon CSfC solution is the use of COTS (commercial/consumer off-the-shelf) products in a fast-changing environment, better equipped to adapt and blend into the normal everyday electronics all consumers use. In conjunction with the Archon CSfC solution suite, IDT is now offering a comprehensive Wireless Intrusion Detection Solution (WIDS), tracking and remediation solution. The IDT WIDS solution is a deployment of AirShield radio frequencies (RF) sensors.
Once installed, AirShield sensors are capable to sampling radio frequencies from 100MHz to 6GHz- capturing licensed and unlicensed spectrum. These RF sensors identify and locate devices for Wi-Fi, Cellular, Bluetooth and LPWAN amongst other protocols. Each AirShield sensor has a detection capacity of over 20k square foot depending on the environment. Wireless Deep Packet Inspection (WDPI) capabilities, AirShield monitors an organization’s entire airspace to ensure the environment is protected against rogue devices, misconfigured devices, and previously undetected wireless threats.
AirShield sensors transmit data to a central repository for analysis. The Wireless Machine Vision platform provides proactive management and security for all wireless, operational technology (OT), and IoT environments. The Wireless Machine Vision Platform monitors everything in the RF environment and makes all the previously invisible activity surrounding your campus wireless infrastructure visible. You have a complete asset inventory and classification with real-time view of every device, its performance, and overall security posture. This also helps to enable Zero Trust access control through behavioral analysis, anomaly detection, threat ranking, air isolation, and policy management.
It is all well and good we are gathering this information, but now what do we do with it? Once we reveal these devices and threats, you can begin to manage them. Within the Machine Vision Platform, you can create and enforce policies to protect your most critical assets.
As wireless devices continue to grow in number, form, and function across all the various frequencies and protocols, the wireless threat surface becomes a crucial intersection in your cyber-security plan. ID Technologies can advise and architect solutions to ensure mission success through data payload encryption and Wireless Intrusion Detection.
Leveraging our Archon portfolio, we can secure the data payload over several mediums to include the Internet at large. But the threat to wireless transport is invisible. AirShield enables us to protect against the invisible threat to wireless technologies to include private LTE / 5G using CBRS, public switched telephone networks, IoT 802.15.4 or Wi-Fi. The combination of these technologies provides you the best opportunity for mission success.
Wireless devices continue to grow in popularity around the world with endless innovations. The developments in the RF and protocols multiplied by the IoT devices has become staggering, making the wireless threat surface infinite and paramount to cyber security. By leveraging the Archon portfolio and the IDT AirShield solution, security in the wireless environment can be achieved and managed like the wired environment.