Threats in the shadows: Combatting RF attacks with geofencing

Did you miss the GamesBeat Summit 2022 session? All sessions are now available to stream. Now look.


There is no shortage of attack vectors that cybercriminals can use to infiltrate an enterprise. From phishing and malware to routers and HVAC systems, security teams have already spread thin, and now they can add shadow IT to their list of security concerns.

Shadow IT is a broad term that covers the use of systems, devices, software, applications and services without the knowledge or approval of IT departments. Bringing mobile and IoT devices to the office, facility or campus is of particular concern. Many of these devices have radio frequency (RF) vulnerabilities that can be used externally.

The dangers and threats of shadow IT

A well-publicized incident took place last year at the U.S. Embassy in Uganda when employees hacked their iPhones – largely due to a zero-click attack – and brought them into the building. With iPhones being tampered with, the bad guys had open access to the embassy and they were probably able to listen to numerous conversations, some of which could be confidential.

And it’s not just smartphones. IoT devices are vulnerable to attacks. There is also a risk of smartwatch being hacked. A hacked smartwatch could potentially allow cybercriminals to access sensitive data, track location and listen to conversations.

These are just some of the ways in which cybercriminals are using mobile and IoT devices for nefarious purposes. As these events highlight the potential dangers that mobile and IoT devices present, enterprise security teams are struggling to find a solution. With the average cost of data breaches by IBM rising to $ 4.24 million in 2021, even a single breach could have a detrimental effect on the company.

Better security: look for suspicious devices hidden in the shadows

Simply banning mobile and IoT devices from accessing the full feature is easier said than done. Many employees use their devices for work related purposes. Bring your own device (BYOD), for all its benefits, also introduces multiple security concerns, including potential breaches, network intrusions and data loss. Approved device-only policy is difficult to enforce because many security teams lack visibility to identify devices entering sensitive parts of the facility. The honors system is also problematic, with employees interpreting the “no devices” policy. Examples we always see:

  • “That’s fine, I don’t answer that.”
  • “I turned off my cell phone.”
  • “This Bluetooth device can only connect to my cell phone and I left the phone in the car.”
  • “I saw that Sam had fitbit so I thought fitbit was an exception.”

No rogue employee is needed to violate the policy, just a forgetful person who thinks their situation is specially exempt because their motive is benign. Regardless, when the device arrives, it may be handled by a bad actor who is not the employee carrying it.

To protect their features and ensure high security, it is imperative for security professionals to implement solutions that provide visibility to detect and detect all authorized and unauthorized RF devices operating on cellular, Wi-Fi, ZigBee, Bluetooth, Bluetooth Low Energy. BLE) and other RF protocols.

Benefits of Geofencing

Geofencing is the security practice of marking particularly sensitive areas of a facility and enforcing stricter policy enforcement. With geofencing, security teams can fully understand where these devices are and also create limits on where they are allowed to be on the building or campus. In addition, geofencing capabilities can alert security teams in real time about potential RF violations or threats within their protected area.

With this knowledge and the innovative solutions now available on the market, the security team can come up with automated protocols to prevent potential attacks. For example, RF geofence violation detection can trigger integration for access control of your corporate network. Therefore, entering a secure area with a connected device will automatically disconnect from that area.

By increasing their RF situational awareness, increasing visibility, and implementing a geofencing solution in their current security posture, security teams can remove devices hidden in the shadows, protecting their companies from becoming another victim of RF cyber attacks.

Chris is CEO at Risley Bastille Networks,

DataDecisionMakers

Welcome to the VentureBeat community!

DataDecisionMakers is a place where experts, including tech people working on data, can share data-related insights and innovations.

If you would like to read about the latest ideas and latest information, best practices and the future of data and data tech, join us at DataDecisionMakers.

You might even consider contributing to your own article!

Read more from DataDecisionMakers

Similar Posts

Leave a Reply

Your email address will not be published.