Hello,

We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not a subscriber? Subscribe now for unlimited access to online articles.

Connectivity

Sniffing Radio-Frequency Emissions to Secure the Internet of Things

Monitoring the usual behavior of Internet-connected devices could make it possible to detect malicious activity.

Market researcher IDC estimates that there will be 30 billion connected devices by 2020.

A startup called Bastille says it can help companies detect the hacking of devices connected to the so-called Internet of things, which is looming larger as a target for computer crimes.

Bastille Networks measures the typical radio-frequency signature of all the devices in an office—sensors, industrial control systems, employees’ phones, their fitness bands, Wi-Fi routers, and so on. If anything unusual develops, because a sniffing device has been placed in the office, for example, or because someone appears to be remotely accessing an Internet-of-things-connected device for malicious purposes, Bastille can tell the IT staff. Bastille has been testing its technology with some financial services companies since December and plans to make its technology available to other companies in late 2015.

Atlanta-based Bastille, founded last year, can spread its radio-frequency sensors throughout an office to monitor connected devices that operate over communication protocols like Wi-Fi, Zigbee, and Bluetooth low-energy, as well as over cellular networks. The company’s software can determine where these devices are located to within three meters. In the pilot test, CEO Chris Rouland says, the sensors are being placed in areas considered most important to secure, like data centers and executive offices.

Matt Reynolds, an associate professor at the University of Washington who researches radio-frequency technologies, says that one challenge in using radio-frequency monitoring is that not all devices advertise their presence by emitting signals. Some could be set to wake up only when triggered by an attacker. “The mere fact that the device is not advertising its presence doesn’t mean it’s not present and listening,” he says (see “Internet of Treacherous Things”).

“Just like the rest of the Internet, the advantage is on the attacker,” Reynolds says.

Keep up with the latest in Security at Business of Blockchain 2019.

May 2, 2019
Cambridge, MA

Register now
More from Connectivity

What it means to be constantly connected with each other and vast sources of information.

Want more award-winning journalism? Subscribe to Print Subscription.
  • Print Subscription {! insider.prices.print_only !}*

    {! insider.display.menuOptionsLabel !}

    Six print issues per year plus The Download delivered to your email in-box each weekday.

    See details+

    12-month subscription

    Print magazine (6 bi-monthly issues)

    The Download: newsletter delivered daily

/3
You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.