Hiding in Plain Sight: The Security Risks of Pervasive IoT Devices

When Kevin Ashton coined the term “Internet of Things” in 1999, not many of us could envision exactly how connected the world would become. According to Statista, by 2025 there will be nearly six billion IoT connections in North America alone. The vast majority of these connections use BluetoothⓇ, Wi-FiⓇ, or cellular connectivity, so if part of your mission requirements is to understand and interact with your wireless environments, these are the protocols you need insight into.

Keeping unauthorized wireless devices out of prohibited areas becomes exponentially harder when virtually everyone is at the very least carrying a cell phone, and probably has other connected devices like watches or fitness trackers that have become such passive tools we hardly think of them at all – let alone as a potential security threat. Accidentally walking into a sensitive compartmented information facility (SCIF) and intentionally using connectivity for nefarious purposes start the same way – by generating a signal in an area where that’s not allowed. And because of the ubiquitous nature of these connected devices, they’re hiding in plain sight. 

Keeping sensitive areas safe is difficult when so many of our devices offer connectivity. 

A cell phone is obviously designed to generate and receive signals, while a watch might go unnoticed. But all kinds of consumer devices that ten years ago were single-function tools are now outfitted with microphones and speakers for voice control features or cameras for gesture recognition. Virtual assistants like Alexa and Google Nest have displaced household stereos and the wireless connectivity they bring is so integrated into our daily lives that they kind of disappear into the background like so many other devices. For example, we’ve identified unsecured access points in sensitive areas coming from the monitors or ceiling projectors in conference rooms.

During a recent Flying Fox Enterprise project in a secure area, several unexpected cellular IoT transmitters were detected in shipping containers, which were using GPS to monitor and track shipments. These are examples of devices that are so ubiquitous that we often overlook their existence. Having full spectrum visibility helps identify potential threats even where you might not be looking. For every accidental unauthorized wireless device, there’s always the potential for bad actors to exploit that for their gain. As connected devices increase in their usefulness, they are going to be pervasive in the areas where we work, and government-focused organizations need to remain diligent in this area.

SCIF security requirements are outlined in the Intelligence Community Directive (ICD) 705/ IC Technical Specification, but no standard exists for exactly how to identify and take action against potential threats. There are many threat vectors that come with personal electronic devices (PEDs) and before you can determine if there’s a problem, you first have to be able to have awareness of the wireless environment. Knowing where those unauthorized devices are, what they are doing, and having visibility across wireless protocols and cellular is the only way to get the full picture. 

Keeping situationally aware of an evolving device landscape is a challenge on numerous fronts. Wireless device standards are always changing, making solutions that are unable to adapt to these changes quickly obsolete. Cellular presents a unique challenge because there currently are no off-the-shelf detection systems to monitor the large range of frequencies,channels, and protocols cellular devices are making use of. To help security professionals address these challenges, Epiq Solutions created a software-defined radio (SDR)-based device detection and location technology called Flying Fox Enterprise. Developed in partnership with the Naval Research Laboratory (NRL), SDR-based sensors can be upgraded quickly as standards evolve as well as be configured to monitor large frequency ranges to scan the full spectrum of cellular transmissions with zero false positives. Flying Fox Enterprise makes further use of  its SDR technology to enable a fully passive monitoring solution for Bluetooth that makes it possible to detect transmissions even after the device is paired.

Full-spectrum, SDR PED detection of Flying Fox Enterprise offers:

• Comprehensive detection and location of wireless threats including Bluetooth, cellular, and Wi-Fi
• Specialized hardware to overcome the unique challenges of cellular and Bluetooth detection
• Fully passive 24x7 monitoring
• Zero false positives through full decoding of transmissions
• Our experience designing tools that provide situational awareness in the RF domain for federal users

Learn more about Flying Fox Enterprise here, or if you’re interested in speaking with an RF expert contact us here.