top of page
Want to get notified when I create a new blog post?

Thanks for subscribing!

  • Kyser Clark

Radio Frequency Security and OPSEC

Updated: Dec 15, 2022



RF Transmissions are Inherently Insecure

Many organizations rely heavily on Radio Frequency (RF) transmissions to conduct daily operations. Chris Risley from Security Magazine says: "[RF protocols] may have security protocols, but they don’t have the battle-hardening to properly identify and mitigate radio-borne threats. Traditional security products ignore RF protocols in the air and wait for issues to show up as symptoms on the wired network."


Listening in isn't discouraged

RF transmissions used in publicly usable ranges can be intercepted and "heard" by anyone in listening distance. Furthermore, the Federal Communications Commission (FCC) lists "Mere interception of radio communications, such as overhearing your neighbor’s conversation over a cordless telephone" and "divulgence of transmissions by amateur radio or citizen band radio operators" as legal.


Hacking Industrial Controllers is Easy

“An attacker can just be within the range of a construction site, pretend to be a bystander, hide a battery-powered, coin-sized device (with an inexpensive radio transceiver at that), and use it remotely to craft arbitrary packets to control an industrial machine or persistently simulate a malfunction" (CBR Staff Writer, 2019). This is a considerable risk since organizations can't stop people outside the property. A person on the ground with a two-way radio can transmit around 4 to 6 miles away (Intercom System and Wireless Intercom Experts, 2020).


Summary

All data that is transmitted through the air should be treated as compromised. Act as if the world is listening when your data is flying through the open air. Because of the inherent insecurity of RF, lack of legal discouragement, and the ability to easily compromise devices at long range, they very much could be! Since an attacker can piece together business operations one by one and use them to unleash the gambit of attacks, operational security (OPSEC) is important. Be mindful when you transmit information over the airwaves. Never forget, loose lips sink ships!



References

CBR Staff Writer. (2019, January 15). Hacking Industrial Controllers is Child’s Play, Can be Done by Drone. Tech Monitor. https://techmonitor.ai/techonology/cybersecurity/hacking-industrial-radio-frequencies


Federal Communications Commission. (2021, January 13). Interception and divulgence of radio communications. https://www.fcc.gov/consumers/guides/interception-and-divulgence-radio-communications


Intercom System and Wireless Intercom Experts. (2020, August 13). 2-Way radio range: How far can two-way radios communicate. https://www.intercomsonline.com/2-way-radio-range-how-far-can-two-way-radios-communicate


Risley, C. (2020, July 6). Radio frequency: An airborne threat to corporate and government networks. Security Magazine. https://www.securitymagazine.com/articles/92729-radio-frequency-an-airbone-threat-to-corporate-and-government-networks

91 views
Want to get notified when I create a new blog post?

Thanks for subscribing!

bottom of page