Bastille, the leader in enterprise threat detection through software-defined radio (SDR), today announced its new Bastille Enterprise Cellular Intrusion Detection for enterprises.
“Bastille has been doing radio frequency (RF) and Cellular Intrusion Detection and research for the Government for years” said Chris Risley, CEO at Bastille. “Only in 2020 did Bastille finally receive FCC approval for its Civilian cellular sensor array. This allows Bastille for the first time to offer accurate Cellular Intrusion Detection to the Enterprise. Now corporations can have the RF security that the DoD and Intelligence Community rely on to protect the nation’s secrets.”
Bastille provides corporations the ability to discover, locate, and mitigate radio borne threats to their assets, facilities and networks. These threats arise from managed, unmanaged and rogue wireless, IoT and Cellular devices. Bastille does this protection by using SDRs to passively observe the entire radio space in a facility from 60 MHz to 6GHz. More than 70 percent of devices connected to the network today are connected via RF & Cellular and that percentage is growing. Equally important are the radio-enabled and cellular devices in your facility which are NOT connected to your network; those which enter daily with employees and visitors, and those installed by contractors into your buildings. These devices are the ones which can be used to exfiltrate voice, video, and computer data right past your firewalls and into the unsecure world outside.
Example: a laptop legitimately connected to your network right now could also be tethered to a cell phone via Bluetooth and that cellphone can be connected via a 40 Mbps 4G Cellular data connection to a server in China which is capturing your company secrets in real time.
Covert, rogue and vulnerable wireless and cellular devices are inside the enterprise today. Suspicious equipment includes SmartTVs, security cameras, printers and peripherals, medical devices, building controls and of course, cell phones.
Only Bastille can deliver:
- COMPLETE VISIBILITY: Detect all the wireless/cellular devices and connections in corporate facilities whether or not they have connected to the corporate network,
- THREAT DETECTION: Detect that a device such as one with a Bluetooth or cellular connection is transmitting data (and is not just an employee listening to music),
- ACCURATE THREAT LOCATION: Locate both of the offending devices on your floor plan.
The whole Bastille threat detection process takes just seconds from when the wireless/cellular device first transmits until your security team receives an Alert in your existing alerting system.
A lot more than Cellular Intrusion Detection.
Though commonly thought of as Cellular Intrusion Detection, Bastille does a lot more than merely detecting the presence of cell phones. Customers can set up alerts based on wireless device behavior. Examples include:
- Compromised Devices: Bastille baselines facilities, all wireless devices (including Cellular, Wifi, Bluetooth and BLE) and their typical behavior and can alert when a device is compromised and exhibits abnormal behavior
- Secure Area Data Breaches: Alert when an allowed Bluetooth hearing aid performs an unallowed BLE pairing with a device outside the secure area. Or detect when a Company phone at a desk is joined by a personal phone at the same desk.
- MDM Enhancement: Alert when a phone which is not under Mobile Device Management is turned on, or add geo-fencing capabilities to an organization’s existing MDM solution.
- Insider Threats: Alert when a device is seen in an area where it is not allowed, or forensically investigate to understand the devices and their behavior from weeks or months ago.
Enterprise RF Vulnerabilities Increasing
In the last month, two new large scale RF vulnerabilities were announced, namely SweynTooth and the Phillips Hue vulnerability Zigbee Worm. These vulnerabilities join BleedingBit, BlueBorne, MouseJack, and KeySniffer as examples of how immature security is for Radio Frequency protocols. The Ethernet and IP Protocols have undergone decades of battle-hardening. These protocols had lots of security vulnerabilities when they were young but researchers have discovered those vulnerabilities and most have been patched. Widespread IoT protocols. Bluetooth and BLE adoption are more recent and as a result, we’re still discovering very large security holes in those protocols.
“I have no doubt that more huge security holes will be discovered in the more than 100 new radio protocols used by IoT devices,” said Bob Baxley, Chief Technology Officer at Bastille. “Bastille can tell you which devices in your facility–both on and off your network–are susceptible to RF attack. It is critical that CISOs understand their RF attack surface in order to maintain a secure perimeter.”
Bastille’s Patented Software-Defined Radio (SDR) Technology
Bastille now has 17 U.S. Patents issued and more pending. Bastille’s software-defined sensor arrays scan from 60 MHz to 6 GHz. Within that range, Bastille has more than a dozen protocol decoders, including Cellular, Wifi, Bluetooth, Bluetooth Low Energy (BLE), ZigBee, DECT and others. Using software-defined radios we see all the emitters distinctly, and then by using protocol decoders in the arrays we digitally demodulate the protocols.
Launched in 2014, Bastille is the leader in enterprise threat detection through software-defined radio. Bastille provides full visibility into the known and unknown mobile, wireless and Internet of Things devices inside an enterprise’s corporate airspace–together known as the Internet of Radios. Through its patented software-defined radio and machine learning technology, Bastille senses, identifies and localizes threats, providing security teams the ability to accurately quantify risk and mitigate airborne threats that could pose a danger to network infrastructure. For more information, visit www.bastille.net and follow them on Twitter @bastillenet and LinkedIn.