The GNU Radio Foundation recently teamed up with the UC Berkeley SETI Research Center and the Breakthrough Listen project to sponsor the SETI RF Hackathon, an unprecedented wireless hackathon event. Encompassing the ultimate in Internet-of-Things (IoT) and signals hacking, professionals specializing in machine learning, radio frequency (RF), and cyber security converged at the Allen Telescope Array in California in May. The focus of this unique hackathon was to solve several challenges in the wireless signal space, and I was fortunate to get an invite for this year’s event.
We were given full access to the Allen Telescope Array of 42 six-meter dishes used for deep space radio astronomy and separated into teams to tackle cutting-edge issues. These topics included signal characterization and data storage formats, real-time and offline processing of high-bandwidth feeds, antenna control, and interfacing the latest software-defined radio hardware with the telescope array.
The Link Between Radio Astronomy and Cyber Security
You might be asking what radio astronomy and machine learning have to do with cyber security. The short answer is that many of the experts in those fields use their skills to help test new wireless and IoT solutions.
Some of these solutions are moving at a very rapid pace, like Google and Amazon’s automation solutions, interconnected medical devices, car automation, and even drones. For instance, Amazon recently announced that its Alexa platform is now Health Insurance Portability and Accountability Act (HIPAA) compliant and has new medical skills.
Cyber Security, IoT, and the Healthcare Industry
As a consultant at Delta Risk, I’ve seen more and more inquiries lately related to cyber security, technology, and healthcare. Clients want to know what possible risks there are when bringing technologies like Alexa into healthcare facilities and how they can test for vulnerabilities.
It’s an age-old problem: new technological solutions are rushed to market to create revenue and generate consumer interest. But many of those solutions ultimately have major security issues. Those issues often end up becoming very costly both from a dollar and reputation perspective to fix.
For example, companies including Johnson & Johnson have publicly issued warnings about cyber security vulnerabilities for some of their insulin pumps and pacemakers. Security shortfalls like this can have a very real and serious impact on actual people.
Cyber Security, IoT, and the Automotive Industry
There have also been a number of high-profile cyber security issues in the automotive industry related to IoT and automated driving solutions. In 2018, for example, hackers found 14 vulnerabilities in BMW vehicles, including the head unit, telematics control unit, and the vehicle’s control bus. In 2016, hackers demonstrated how they could remotely shut down a vehicle or take control of vehicle control systems on the highway.
Malicious hackers have also used software-defined radio in two-person repeater attacks, also known as relay attacks, to steal cars by extending the range on wireless key fobs. Now, they’re targeting new autopilot features with simple attacksthat could make cars incorrectly switch lanes.
Summary
Many penetration testers with traditional training don’t have the engineering or signals background to address issues like these in the new complex world of radio signals analysis. Some testers have embraced it, but most haven’t and will have a steep learning curve to really dig into these new paradigms. There’s a significant difference between testing wireless networks (802.11) and true RF signals testing. And if you have solutions using innovative or proprietary signals solutions, traditional IT penetration testers will typically not have the right skills to fully test a solution.
Whether you’re a cyber security professional, an organization using these technologies, or a manufacturer, here are a few tips for how to protect yourself from these threats:
- Engage security experts early in your design process. If you’re a manufacturer, ensure that you’re consulting with security professionals at the earliest stages of development. Have them talk through threat models with the engineering teams.
- Enlist help from qualified researchers and pen testers. Get researchers and pen testers with demonstrated wireless and signals backgrounds involved. Have them perform real-world testing on prototypes or existing products.
- Apply known security processes. If your organization is using these new technologies for your business, your teams can apply strong security processes that they already know. If you don’t have the in-house expertise you need, bring in outside resources to help.
- This might sound obvious, but make sure anyone performing security tests for you is able to review both the results and the process.
While the technologies are new, the processes to combat the threats are familiar to many security professionals. That’s why events like this hackathon that bring multidisciplinary security and RF signals professionals together to collaborate and share information are so important.