Bastille recently launched Bastille Enterprise Cellular Intrusion Detection for enterprises. Previously only available to its military and law enforcement customers, Bastille Enterprise Cellular Intrusion Detection is the only solution that can accurately locate cell phones indoors using only cellular signals
“Bastille has been doing radio frequency (RF) and Cellular Intrusion Detection and research for the Government for years” said Chris Risley, CEO at Bastille. “Only in 2020 did Bastille finally receive FCC approval for its Civilian cellular sensor array. This allows Bastille for the first time to offer accurate Cellular Intrusion Detection to the Enterprise. Now corporations can have the RF security that the DoD and Intelligence Community rely on to protect the nation’s secrets.”
Bastille provides corporations the ability to discover, locate and mitigate radio borne threats to their assets, facilities and networks. These threats arise from managed, unmanaged and rogue wireless, IoT and Cellular devices. Bastille does this protection by using SDRs to passively observe the entire radio space in a facility from 60 MHz to 6GHz. More than 70% of devices connected to the network today are connected via RF & Cellular and that percentage is growing. Equally important are the radio-enabled and cellular devices in your facility which are NOT connected to your network; those which enter daily with employees and visitors and those installed by contractors into your buildings. These devices are the ones which can be used to exfiltrate voice, video and computer data right past your firewalls and into the unsecure world outside.
Covert, rogue and vulnerable wireless and cellular devices are inside the enterprise today. Suspicious equipment includes SmartTVs, security cameras, printers and peripherals, medical devices, building controls and of course, cell phones.
The whole Bastille threat detection process takes just seconds from when the wireless/cellular device first transmits until your security team receives an alert in the existing alerting system.
A lot more than Cellular Intrusion Detection.
Though commonly thought of as Cellular Intrusion Detection, Bastille does a lot more than merely detecting the presence of cell phones. Customers can set up alerts based on wireless device behaviour. Examples include:
Compromised Devices: Bastille baselines facilities, all wireless devices (including Cellular, Wifi, Bluetooth and BLE) and their typical behaviour and can alert when a device is compromised and exhibits abnormal behaviour
Secure Area Data Breaches: Alert when an allowed Bluetooth hearing aid performs an unallowed BLE pairing with a device outside the secure area. Or detect when a company phone at a desk is joined by a personal phone at the same desk
MDM Enhancement: Alert when a phone which is not under Mobile Device Management is turned on, or add geo-fencing capabilities to an organisation’s existing MDM solution
Insider Threats: Alert when a device is seen in an area where it is not allowed, or forensically investigate to understand the devices and their behaviour from weeks or months ago
Enterprise RF vulnerabilities increasing
In the last month, two new large-scale RF vulnerabilities were announced, namely SweynTooth and the Phillips Hue vulnerability Zigbee Worm. These vulnerabilities join BleedingBit, BlueBorne, MouseJack and KeySniffer as examples of how immature security is for Radio Frequency protocols. The Ethernet and IP Protocols have undergone decades of battle-hardening. These protocols had lots of security vulnerabilities when they were young but researchers have discovered those vulnerabilities and most have been patched. Widespread IoT protocols. Bluetooth and BLE adoption are more recent and as a result, we’re still discovering very large security holes in those protocols.
“I have no doubt that more huge security holes will be discovered in the more than 100 new radio protocols used by IoT devices,” said Bob Baxley, Chief Technology Officer at Bastille. “Bastille can tell you which devices in your facility–both on and off your network–are susceptible to RF attack. It is critical that CISOs understand their RF attack surface in order to maintain a secure perimeter.”
For more information on Bastille, visit bastille.net and follow them on Twitter @bastillenet and LinkedIn.