129 views

Software Defined Radio – A Security Threat

Radio Frequency Range has been widely used for various wirelessly operated devices ranging from remote keyless systems for car to the mobile communication signals, and these signals have been hard to exploit due to the sophistication of the devices required to intercept them.

With the introduction of Software Defined Radios (SDRs) it has now become a cakewalk for hackers to hack into any radio frequency operated device just by using a cheap $15 dongle also known as RTL-SDR dongle to gain illegitimate access to the personal belongings of an individual ranging from their cars to their offices as well. The devices that have the capability to receive as well as transit are on the higher end in terms of cost.

All one needs to set up a unit to transmit and receive signals using SDR is a System with a processor capable of processing a relatively large amount of data and a SDR Receiver (RTL-SDR Dongle). A raspberry pi board is also capable of acting as an independent system all by itself.

The radio operated devices constitute a large pool of Personal Area Network (PAN) which although have a certain level of security layer embedded onto the devices are yet not capable of preventing attacks by means of SDRs.

The various threats that the SDR poses are:

  1. Keyless Car Hacking
  2. Wireless door lock hacks
  3. GSM Hacking – SMS Eavesdropping
  4. Identity Theft
  5. Illegal access to Automated Homes

The Military and Government organisations such as Police are also vulnerable to the threats of SDR Attacks as the mode of communication that these organisations use are also based on Radio Frequency Bandwidth. India has the frequency range between 76MHz – 86MHz which has been specially allocated only to the government organisations for traffic free communication and this bandwidth is out of bound to the civilian population. Although an attacker can still receive signals from the given frequency range using an RTL-SDR dongle compromising the confidentiality of communication. This can also prove out to be a risk to the government organisations from the anti-national elements such as Terrorist Outfits and neighbouring nations that don’t seem to have a friendly relation with india.

The SDR Dongle surprisingly also lets any owner track aircrafts flying within the range of his/her antenna’s receiver making it a huge security threat to the airline industry. India which is already a vulnerable nation to terrorism and maoism should take necessary actions to counter such threats. The tracking is achieved intercepting the information transmitted by aircrafts to the ground stations, these signals consists of vital data about any aircraft ranging from its altitude, longitude, latitude and the speed of the aircraft as well.

The telecom industry is also vulnerable to attacks using SDR as the bandwidth used by them lied under the umbrella of frequencies that a SDR device can catch, putting their customer’s information at potential risk of being stolen or misused. The 2G bandwidth being the most vulnerable of all because of the low level of encryption of voice as well as data in the form of SMS.

Although the SDR can also be used for the good of the society. It has the capability to fetch information from satellites and can therefore be used to establish weather stations in remote locations with limited resources. It could turn out to be very useful for people living in remote locations such as himalayan ranges, lakshadweep or the andaman and nicobar islands where communication is hard to reach by having a weather station to provide the people with an early warning. All this has been made possible due to the Software Defined Radio concept that has eliminated the dependability on hardware components that existed a few years back.

The various tools available to use a SDR device along with the system are:

  1. SDRSharp (Windows)
  2. GQRX (LINUX)
  3. DSD (Digital Speech Decoder)
  4. Gr-GSM
  5. OSMODR

There are many things that one can achieve in this field, and there seems to be a lot of potential both in terms of development and security that would demand a person skilled in Wireless Networks and Network Security.

I hope this piece of information turns out to be of some use to all the viewers. Keep Striving!

[Total: 2    Average: 4/5]

Leave a Reply