In previous blog posts, we’ve explored the challenges associated with defending secure areas from pervasive connected devices and how next-generation wireless detection offers full-spectrum coverage for beyond just Wi-Fi® and Bluetooth®. In this post, we’re going to single out cellular threat detection and look at some of the unique risks and opportunities it presents.
We’ve long lived in a world where connectivity has become so much a part of our daily lives that it’s virtually forgotten until it’s not available. First it was Wi-Fi that kept us online at the coffee shop, then we blinked, and suddenly Wi-Fi was everywhere. A little bit later, as smart devices became so useful, Bluetooth blossomed as the method for how they all talked to each other. All along, cellular was there in the background, relegated to phones and not much else. Now, as LTE service is creeping into other smart products and with the growth in 5G, cellular is now making its way into places we might not expect.
This means that no wireless detection plan is truly complete without taking cellular into account.
An Emerging Threat
From a threat perspective, cellular wireless detection is just as serious as Wi-Fi and Bluetooth; more so, in some respects. Like everything else, portable electronic devices (PEDs) are becoming increasingly small, with new LTE-enabled devices beyond just cell phones becoming more widely adopted. There are fewer of them, but cellular devices connect to wide area networks, not just to some other device in the room, so they can connect directly to the Internet, making them potentially more of security threat than Bluetooth.
A Pervasive and Invisible Vulnerability
If you are a facility director responsible for keeping sensitive compartmented information facilities (SCIFs) secure, gaining situational awareness for the myriad of devices coming in and out of your area can be daunting. Virtually everyone owns a cell phone, and other types of cellular devices are gaining popularity. IoT wearables, industrial applications, and asset tracking are all areas adopting cellular technology, increasing the proliferation of devices and signals.
Protecting SCIFs from unauthorized PEDs is a growing concern for facility directors and others responsible for keeping information secure.
In addition to being virtually everywhere, cellular devices present unique challenges for intrusion detection because not only is it difficult to detect cellular signals, but most smartphones today come equipped with cameras, microphones, and recorders that can be used to exfiltrate sensitive information. Furthermore, unlike Wi-Fi and Bluetooth, there hasn’t been a viable commercial solution for cellular detection. You can use off-the-shelf hardware to scan unlicensed wireless spectrum for Wi-Fi and Bluetooth signals, but cellular frequencies require specialized hardware and are much more numerous, with thousands of channels. Monitoring all that spectrum with any level of confidence requires a specialized approach beyond what commercial-off-the-shelf (COTS) equipment offers.
COTS wireless energy detectors look for cellular emissions by focusing on very specific frequencies and monitoring for energy increases. Because it is focused on looking at energy, these types of detectors result in a significant number of false positives because anything generating an RF signal triggers a notification. This approach is just not operationally practical in real-world situations because virtually everything is emitting energy, resulting in a lot of wasted time trying to search out a potential threat that turns out to be a microwave or a server room.
A Challenge Requiring a New Approach
Cellular detection is hard, but necessary. Traditional wireless intrusion detection systems with a myopic focus on Wi-Fi networks just isn’t enough anymore. At Epiq Solutions, we set out to solve this problem by leveraging our expertise in software-defined radio (SDR).
To address the challenge of covering all the bands and channels in the cellular spectrum, we had four criteria in mind for our solution. First, we wanted a solution that could locate and identify wireless threats. Second, it needed to be fully passive, meaning our sensors would not transmit. Third, it had to be able to cover a very large amount of spectrum. Finally, it had to be able to collect data from device and base station transmissions in order to get anonymized identifying information and provide accurate location information.
With these criteria in mind, coupled with an SDR-based approach, we developed Flying Fox Enterprise, which decodes and analyzes actual signals – not energy - in both directions between cell phone and base station. By providing insight into both sending and receiving signals, Flying Fox Enterprise reliably captures device information that can be used to detect and locate potential cellular threats.
The wireless landscape is changing so fast that it’s almost unrecognizable from one day to the next. But an SDR-based approach to wireless detection will help keep pace with an evolving suite of threats. To learn more about how Flying Fox Enterprise is a trusted solution in the real world, check out this case study. If you’re interested in learning more about achieving full-spectrum insight into your wireless environment with integrated, flexible RF sensing tools we’d love to hear from you.