Skip to footer
Passcode
Modern field guide to security and privacy

Opinion: Timing is everything for securing wireless communications

Even though disrupting wireless communications – whether cellphone networks or GPS – could harm the US economy and put lives at risk, these networks remain far too vulnerable to attacks.

|
Reuters/File
A TomTom navigation device is seen in this photo illustration taken in Amsterdam.
  • By Steven Chabinsky Contributor

If you think that computer intrusions are the main thing we need to worry about when it comes to cybersecurity, think again. There's growing concern about the implications of our increasingly wireless world and how readily it can be disrupted.

When it comes to our reliance on the electromagnetic spectrum for communication, I’m reminded of the lyrics from "The air that I breathe" by the Hollies: "Sometimes, all I need is the air that I breathe and to love you."

Today, the air that we breathe also serves as a primary conduit for transmitting voice communications, establishing network connectivity, and enabling remote control over physical objects that run the gamut from military drones over Afghanistan to local traffic light signals.

But the downside to this high tech phenomenon lies in the potential for individuals, terrorist groups, or nations to intentionally deny, degrade, or alter our wireless signals. While it’s taken as a given that our traditional international sparring partners such as Russia have advanced electronic warfare jamming capabilities, individuals can also cause harm by using handheld equipment costing less than $500.

It’s true that “jammers,” the name given to those devices that are designed to deny or degrade wireless signals, are illegal to market, sell, or use in the US. Yet, despite a string of enforcement actions, there remains no shortage of websites offering this equipment for sale, including this one hiding in plain sight at jammer-store.com.

A few years back, US Navy Adm. Jonathan Greenert recognized our growing wireless vulnerability, writing, “Inexpensive jammers, signal detectors, computer processors, and communication systems make it easier today for unfriendly states, terrorists, and criminals to affect our ability to use the EM-cyber environment.” With this in mind, the Admiral concluded that “[f]uture conflicts will be won in a new arena – that of the electromagnetic spectrum and cyberspace. We must merge, then master those realms.”

And there’s the rub. What if we don’t master those realms, but somebody else does? What if everyone masters those realms?

Disruption capabilities, such as through radio frequency jammers, could create “quiet” zones that prevent vital, wireless voice communications (including those of first responders like police, paramedics, and firefighters) and remote data commands (including those that exist across our financial services, transportation, and energy sectors). 

Then there’s the threat of interference with space-based global position system technology. GPS is one of the most significant, ubiquitous, and taken-for-granted technologies of our era. Many of our nation’s essential functions are highly dependent upon GPS, which transmits not merely location data but also timing information.

Location is essential for vehicle tracking and navigation, the coordinated movement of people and cargoes, geological surveying, precision agriculture – and the list goes on, reflecting an amazingly diverse set of interests at stake.

What some don't appreciate, however, is the role the GPS timing signal plays in our lives. GPS timing is becoming the go-to measure, either directly or indirectly, for allowing computers to synchronize with one another and form networks, such as the Internet itself.

Making all of these matters worse, interference doesn’t simply mean that signals are denied or degraded, which results in communications becoming unavailable. Wireless signals also can be spoofed, thereby fooling recipients into believing that inaccurate messages are legitimate and calling into question the integrity of wireless-dependent operations. For example, research done by students at the University of Texas-Austin while aboard a luxury yacht a couple of years ago, showed that spoofing GPS signals could guide an $80 million vessel wildly off course.

So, what are we doing to study, analyze, and respond to intentional interference with our wireless communications? Surprisingly little.

Within the US government, the Department of Homeland Security is a likely leader, as is the multiagency Purposeful Interference Response Team (PIRT), managed by the Department of Defense. Yet, there is no national, cross-government initiative to detect, collect, centralize, analyze, or respond to purposeful spoofing or disruptions of wireless communications. In the private sector, it similarly appears that no sector or cross-sector leads have taken to gather industry data or develop a research agenda to counter the expanding business risk of intentional interference. 

In terms of mitigating and deterring the threat, federal enforcement efforts are grossly under-resourced, and those that exist are primarily civil rather than criminal in nature and reside in the Federal Communications Commission. Federal law enforcement, including the FBI, have no known national efforts in place to train and equip federal agents or local police to rapidly identify, locate, and disrupt those behind jamming events. As a result, stopping the source of interference typically takes days, or even months, rather than minutes or hours.

Although we can’t change the past, we can build a stronger future. We have been fortunate to date in our having faced relatively unsophisticated adversaries, with either limited access or limited desire to routinely employ interference or disruption technologies. Nonetheless, the intent and capabilities to disrupt networks certainly exist. All of which brings to mind the 9/11 Commission, which famously reported its belief that the 2001 terrorist attacks revealed four kinds of US government failures: "imagination, policy, capabilities, and management."

I think we can rule out lack of imagination as being part of the problem. Instead, it’s past time to get serious about being proactive rather than reactive. As a good starting point, our national cybersecurity efforts should be reviewed and revised to include a focus on threats against the electromagnetic spectrum.

We have a window of opportunity to be prepared for wireless interference. Let’s not continue to squander it, lest we lose precious time – and perhaps even the timing signal itself.

Steven Chabinsky is General Counsel and Chief Risk Officer for CrowdStrike, a cybersecurity technology firm, and the cyber columnist for Security Magazine. He previously served as Deputy Assistant Director of the FBI’s Cyber Division. You can follow him on Twitter @StevenChabinsky.

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.
editor@csmonitor.com
Subscribe
Mark Sappenfield
Editor

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

Subscribe to insightful journalism

QR Code to Opinion: Timing is everything for securing wireless communications
Read this article in
https://www.csmonitor.com/World/Passcode/Passcode-Voices/2015/0713/Opinion-Timing-is-everything-for-securing-wireless-communications
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe