SafetyDetectives spoke with Dr. Brett Walkenhorst, CTO at Bastille, about a wide range of topics, including popular methods hackers use to access wireless devices, how the government handles cybersecurity, and the challenge of rogue employees.
Can you tell me a bit about your background and your role at Bastille?
For most of my career, I’ve worked in wireless technology. I spent some time at Lucent Bell Labs as an RF engineer, designing base stations. I then got my Ph.D. at Georgia Tech and worked for several years at the Georgia Tech Research Institute on various wireless, RF, and signal processing R&D projects. I’ve also spent time working in antenna measurements, radar technology, electronic warfare, signals intelligence, and other related areas.
I joined Bastille about a year ago as the Chief Technology Officer, where I lead the R&D and threat research efforts of the company. I also support the company’s sales and marketing efforts as well as company strategy.
Who is Bastille?
Bastille helps commercial and government organizations evolve and enforce their wireless policies in the face of 24 billion wireless devices worldwide. The signals from these devices are invisible to us as humans, and over 2000 wireless vulnerabilities have been discovered and published as CVEs. Bastille helps our customers secure this vast, invisible wireless attack surface.
Bastille is designed to seamlessly integrate with third-party security systems. Security in Depth is a team sport. No wireline Threat Intelligence Platform, Managed Detection and Response System, or Extended Detection and Response System can be complete without the information from a Wireless Threat Intelligence Platform like Bastille.
What is your flagship product?
Bastille Enterprise detects and analyzes wireless device data including cellular, Wi-Fi, Bluetooth (BT), BT Low Energy (BLE), and IoT protocols. It detects wireless emissions, extracts their metadata, and calculates the devices’ locations. Bastille Enterprise provides real-time feeds of this enriched device data, enabling users to make security decisions by leveraging the real-time wireless intelligence thatBastille Enterprise provides based on site policies of the organization.
Bastille bases its platform on software defined radios so that it can readily evolve as new protocols and new threats emerge in the future.
Bastille Enterprise is trusted by Fortune 500 customers, military, and government organizations to secure the wireless environment in their offices, production facilities, remote and temporary locations, and events.
What are some of the more common ways that hackers gain access to wireless devices, and how can they be prevented?
Every wireless protocol has different vulnerabilities, but a common theme among all protocols is the presence of weak passwords and/or default credentials. The simplest thing we can do in our security infrastructure is to enforce good security practices by ensuring the use of strong, unique passwords.
For Wi-Fi, the use of rogue access points is a powerful way of compromising credentials and gleaning other information that can help an attacker penetrate a network. An example of this was seen in Oct 2022 in a drone-based attack on a financial services firm. The drone carried a device that likely emulated a known access point, captured an unwitting device, and tricked its user into giving up their credentials. The pairing of such an attack with a drone platform represents an interesting new attack path for wireless intrusion. These types of attacks can be detected and quickly mitigated by monitoring the wireless activity in sensitive facilities.
Various penetration testing tools and exploitation toolkits are available for different wireless protocols that seek to exploit a number of known vulnerabilities. Over 2000 wireless-related CVEs have been published in the last 10 years, so there are many to choose from. The best defense against these various threats includes:
- Patching software/firmware often to ensure known vulnerability fixes are applied as soon as possible
- Monitoring the wireless activity in and around your facilities.
Seeing as Bastille has experience working with government and military entities, what’s your stance on how the government is handling cybersecurity?
The federal government is seeking to provide guidance and resources to help government agencies and corporate entities navigate the complex cyber landscape. The challenges are many and diverse, and we are all learning and adapting to new threats on an ongoing basis. I believe the government is doing the best it can in the current environment, and we at Bastille appreciate the guidance that comes in the form of threat information, best practices, and cybersecurity standards.
Our work with specific government organizations suggests that more work is needed in the form of awareness, training, and tools for monitoring networks and responding to threats. Bastille is pleased to be part of the ecosystem providing these resources and securing the systems and data in these government and military organizations as well as many commercial entities.
Let’s dive more into the government sector and explore rogue employees. Recently, a national guardsman was arrested for leaking classified Pentagon docs. Why are rogue employees a threat?
The insider threat has always been an area of concern when it comes to security. In the cyber domain, an outside attacker has to find a way to penetrate a network. An insider already has access. The recent Pentagon leak of classified documents and subsequent arrest of Jack Teixeira has government agencies reevaluating their security postures. While potentially limiting access to sensitive and top-secret information is one avenue being explored, government facilities face more than just the threat of a rogue employee.
The new “insider threat” is the trustworthy employee carrying a compromised device. IT departments, already stretched thin, are tasked with protecting their facilities against mobile and IoT devices that use radio frequencies to communicate. Many of these devices contain radio vulnerabilities that can be exploited from outside the facility. Worse, since many security teams lack the visibility to identify these devices, they are entering these facilities without their knowledge.
The government sector needs tools to enable them to enforce electronic device policies and accurately distinguish between approved and unapproved electronic devices in secure areas.
Brett, thanks for your time today! Is there anything that you’d like to cover that’s noteworthy for our SafetyDetectives readers?
Wireless devices are ubiquitous. They emit signals that are invisible, penetrate physical objects, and travel at the speed of light. The data they carry is sometimes precious and sometimes dangerous, and the protocols they use are vulnerable to attack. While wireless technology can improve our lives in many ways, these devices are more vulnerable than we like to think. Bringing visibility to this invisible attack surface is a critical element of any organization’s security posture.