SIGINT: Commercial Primer Part 1
In the weeks after the recent RSAC event, we decided to it was time to develop content peripheral but critical to the cyber realm. We are in the process of writing a three-part mini-series about signals intelligence (SIGINT), which is an area that is becoming increasingly important in the commercial space. This piece is the first part of the series and will provide an executive brief on what SIGINT is and what it is not. The following articles will focus on more technical details such as off-the-shelf and open-sourced tools, market changes of the past decade, defensive considerations, and commonly asked questions.
When it comes to signals intelligence, or SIGINT (1), most people imagine James Bond in a high-tech spy van or military personnel intercepting radio communications from a C-130. However, SIGINT has become increasingly important in the commercial space, where technology advancements and the blurred lines between the military-industrial complex and commercial industries have created significant risks. Intercepting and analyzing electronic signals to extract valuable information is at the heart of SIGINT, and this field of intelligence gathering is injecting additional risk into the commercial environment, particularly in the finance, biotech, and medical industries.
SIGINT refers to the collection, analysis, and interpretation of signals and communications, typically for intelligence or military purposes. Radio Frequency Intercept (RFI) is a specific type of SIGINT that involves intercepting and analyzing radio transmissions, including both voice and data signals, to gather information about a target’s, or opponent's activities, capabilities, and intentions. Most people think of their cell phone or email when they consider SIGINT risks, however researchers (2) have demonstrated that by analyzing the electromagnetic radiation emitted by a light bulb in response to a nearby keyboard, they can recover keystrokes with a high degree of accuracy. Once the playground of governments and nation-states, now SIGINT is anyone’s playground. We must take steps to mitigate these risks.
For example, in the finance industry, sophisticated RFI techniques can be used to eavesdrop on communications between traders and executives, potentially exposing sensitive information such as investment strategies or confidential business deals. In biotech and medical fields, RF interception can compromise patient data or the confidentiality of clinical trials, resulting in significant losses in both the short and long term.?
In the late 1990s, U.S. companies began to complain about Chinese companies producing counterfeit products using their technology. In response, the U.S. government launched an investigation and discovered that Chinese intelligence agencies had been intercepting communications between U.S. companies and their Chinese partners, stealing trade secrets and intellectual property. This allowed Chinese companies to produce knock-off products at a much lower cost, undercutting U.S. businesses. Having had professional experiences with these issues, we can affirm they are neither exaggerated nor hyperbolic. As a result, the U.S. government began to impose sanctions and restrictions on Chinese imports, affecting the commercial relationship between the two countries.
In another example, the Australian Signals Directorate (ASD) (3) intercepted Indonesian communications in 2012, including the phones of the Indonesian president and his inner circle. The diplomatic fallout between the two countries had commercial implications as well, with Indonesian companies accusing Australian firms of using intelligence gathered through RFI to gain an unfair advantage in business dealings, particularly in the?mining industry. Competitive intelligence gathering is continuing to grow and mature in the commercial space, and it is imperative that forward thinking executives plan strategies to counter this threat.
In high-security environments, the use of pattern-of-life technology (4) presents a significant risk. This technology leverages the tracking capabilities of HID badges, Near Field Communication (NFC), Bluetooth (BT), and Wi-Fi beacons to monitor both?physical and digital access. The data collected from these sources can be used to create detailed profiles of individuals, including their daily routines and physical locations.
For example, a biotech company that develops a new drug with significant potential may rely on pattern-of-life technology to monitor access to the labs and data centers to protect the research and intellectual property. However, a malicious actor could use this technology to track the movements of key researchers, identifying times when they are not on company property and vulnerable to attack. This information could be used to kidnap or recruit a researcher or even steal intellectual property. It is important to bear in mind that, with the democratization of technology, these types of attacks do not necessarily require Nation-state capability – they can be waged by motivated or well-funded adversaries with access to Amazon, AdaFruit, and a mix of Alibaba with a sprinkle of CrowdSupply. Tech is no longer the obstacle; it is only subject to the funding & motivation level of the attacker.?
Given the increase in the use of wireless technologies and the growing complexity of the electromagnetic spectrum, traditional security measures alone are no longer enough. Commercial enterprises need skilled professionals with expertise in SIGINT to defend against these types of attacks. A SIGINT professional can analyze and understand the complex electromagnetic spectrum, provide insight into the RF environment, and identify potential vulnerabilities. They can use specialized equipment and techniques to detect, intercept, and analyze wireless transmissions, allowing them to identify and neutralize potential threats. As the use of wireless technologies continues to expand, having SIGINT professionals on staff will become increasingly critical for the protection of high-security environments. As the world, current political climate, and EARN IT act (5) brings us flashbacks of the CryptoWars (6) of the 1990s, we have faith those who promulgated the concept of the Clipper chip (7) are pleased with the current state of affairs.?
Yesterday’s concepts from the defense industrial base, are today's leading risk mitigation frameworks. At one time, Zero Trust was considered too advanced and niche for corporations when it was first brought to life in the 90s. Now, it is a core competency of any cyber risk management program. As the line between government and commercial enterprises continues to blur, corporate entities must take proactive steps to secure their environments from SIGINT and RFI threats. By thinking outside of the box as defenders, we can raise the collective security posture for all and bring the next generation of advanced risks into our modern-day defensive planning and strategy.
Written as a collaboration by
------------
1)?????SIGINT: https://en.wikipedia.org/wiki/Signals_intelligence
2)?????How Hackers Use An Ordinary Light Bulb To Spy On Conversations 80 Feet Away:?https://www.forbes.com/sites/daveywinder/2020/06/14/how-to-use-an-ordinary-light-bulb-to-spy-on-conversation-80-feet-away-security-research-lamphone-hack/
3)?????ASD: https://en.wikipedia.org/wiki/Australian_Signals_Directorate
4)?????Forensic Pattern Of Life Analysis?https://www.forensicfocus.com/articles/forensic-pattern-of-life-analysis/????????????
5)?????EARN IT Act:?https://reclaimthenet.org/senate-judiciary-committee-advances-bill-that-would-end-private-messaging
6)?????CryptoWars: https://www.cs.columbia.edu/~smb/classes/f21/l_cryptowars.pdf
7)?????Clipper Chip: https://en.wikipedia.org/wiki/Clipper_chip