Understanding and Protecting against “New” Threats to Electronic Assets using SD Technology

Vista SD Product Guide (.pdf format)

Technology is advancing and being deployed at an ever increasing rate. Have you noticed the number of people using cell phones, PDAs, and working via Wireless LANs (WLAN)? The number of cell towers, WiFi network access points, and radio/TV transmission antennas to support all the users and the variety of TV/radio channels has increased exponentially to keep pace with this explosive growth.

All of this technology is basically filling our environment with Radio Frequency or Electromagnetic energy at different frequencies across the bandwidth spectrum (Figure 1). This has the effect of disrupting, inhibiting, and in some cases shutting down basic and everyday electronic operations. This effect is called Electromagnetic Interference or EMI. Note the EMI can also occur naturally, i.e., sun storms have been historically documented for shutting down electronic communications and business functions.

Figure 1

AM – 500 KHz to 1.7 MHz FM – 88 MHz to 108 MHz TV – 174 MHz to 800 MHz CB – 26.9 MHz to 27.4 MHz Garage Doors – 40 MHz Standard Cordless Phones 40 to 50 MHz Baby Monitors 49 MHz Air Traffic Contr – 960 MHz to 1.2 GHz

Flight Radio – 133 MHz to 393 MHz Cell Phones – 824 MHz to 849 MHz Cell Phones – 850 MHz, 900 MHz, 1.8 GHz, 1.9 GHz Wireless LAN (802.11x) – 2.4 GHz & 5.6 GHz Bluetooth – 2.45 GHz dB or Decibel as RF energy – 20log Si/So dB – 3 dB for Power; 6 dB for volts (eV) for RF dB spl is for sound pressure levels not RF

Have you ever started up your computer and found yourself with access to other organizations’ wireless networks? Many IT personnel are naively convinced that the software encryption and authentication factors protecting the wireless networks are sufficient against an outside compromise or intrusion. Consider the GAO Report1, May 2005, “Federal Agencies Need to Improve Controls over Wireless Networks” which found that in a 15 block area in DC, over 1,000 private and government Wireless LANs were accessible from the STREET (Figure 2 with red dots designating WLANs compromised).

Figure 2

The report stated that the main reasons for unauthorized access to these WLAN was signal leakage (signal penetrating outside the building) and a lack of documented security policies, i.e., Wired Equivalent Privacy (WEP) was not enabled. Even with robust security controls in place, the US Government has know since the 1960’s that any “free space” electronic energy (not to be confused with cyberspace) can carry readable information right out of the building. Now with 802.11x wireless LANs, malicious or unauthorized users can utilize legitimate but poorly protected channels as the “road” out! Encryption and Authentication DO NOT provide adequate protection for wireless LANs. Historically, certain organizations within the US Government would not deploy wireless networks because the operational benefits of WLANs did not outweigh the operational risk; that is until now, with the incorporation of the latest SD Technology in the deployment.

The problems highlighted above are on the rise in the commercial and government arenas. In an effort to mitigate the risk associated with these issues let’s look at this task of protecting electronic assets from the following perspectives:

1. Electromagnetic Interference (EMI)
   • a. Electromagnetic Pulse (EMP)
2. IT Security
   • Wireless LAN’s (WLAN)
   • WiFi Security
   • Electronic Eavesdropping
   • Solution
3. Course of Action
4. Additional and Summary Benefits of SD Technology

Interesting that the insurance companies know something about EMI and understand just how susceptible an organization’s electronic assets are to EMI - so much so that they will not insure against it. Generally speaking, organizations are NOT covered for loss, damage or expenses directly or indirectly as a consequence arising from electromagnetic radiation (man made or naturally occurring). To understand this EMI issue in more common terms, note the following. Just using a cell phone induces about 3 volts/meter (V/m) of a RF field intensity level to your head. Inducing commercial grade laptops to 17-18 V/m can cause them to “blue screen” and/or magically shut down2. Please understand that there are no requirements for “hardening” IT equipment from EMI, albeit the commercial approach is generally 10 V/m to 3 V/m depending upon the equipment. For example 10 V/m seems to be the typical for office equipment like computers whereas 3 V/m is catching on because that is the field strength induced by a cell phone at 1 meter. Field testing for ambient RF intensity levels in major metropolitan cities in the US have revealed levels, in many areas, well above the 10 or 3 V/M defacto standards.

EMP
EMP can also be a natural or man made occurrence. The movie “Oceans Eleven” brought an EMP weapon into the movie theatres and the public eye; however the reality is that EMP weaponry is becoming more of a reality, especially in light of the war on terror. Also note that virtually any explosion not only releases a relative pressure wave, but also an EM pulse, i.e., potentially shutting down or disrupting electronic equipment. In short, EMP effects can erase electronic/magnetic memory, disrupt and/or shut down electronic processes.

Very little research has been done on the effects of “bathing” both people and equipment in an “RF Polluted” environment and almost no regulations exist to protect against the effects. However, you may want to review FCC OET Bulletin 65 – General population/uncontrolled exposure. Please note that we are talking about “non-ionizing energy” as opposed to ionizing, i.e., x-rays.

IT Security
With respect to IT Security, Wireless LANs (WLANs) and WiFi points for internet access are being deployed at a rapidly accelerating pace. The vast majority of the deployments rely solely upon the security offering provided by the hardware/software vendor selling the wireless equipment, i.e. Wired Enabled Privacy (WEP).

WLANs
WLANs are generally for private applications and from a deployment standpoint are a snap for the IT folks, especially with respect to cost and installation logistics. Typically, the network access point is placed and powered up to transmit and receive RF signals to clients (known computers with wireless interfaces). Depending upon placement of the WLAN access point, the client within 1500 feet may receive the signal, but the signal itself may also be broadcasting 1500 feet outside the building, making the signal available to unauthorized users and the general public. As stated earlier, even with WEP enabled, these WLANs are susceptible to flaws and vulnerabilities in configuration of network devices and various applications. Additionally people need to “see” the information in a non-encrypted, electronic form in order to process it. CRTs, LCD/Plasmas, printers, etc all act as antennas and transmit (or modulate) the readable information on to any electronic energy available, especially the intentional broadcast energy provided by WLANs, cell phones, etc.

WiFi
WiFi is generally referred to as a wireless public internet access offering. This access is offered on a “pay as you need” or free basis. A real world example of the issue occurred in February of 2006 at Logan Airport. The Massachusetts Port Authority (MPA) offered a pay as you need WiFi service at the airport and a certain frequent flyer club offered free wireless internet access for their members. Well, you can guess what happen: non-frequent flyer airport customers were bypassing the MPA network and accessing the internet via the free offering because the free network was not contained within the airline’s lounge. The same thing is true for any corporate or governmental entity with a wireless network deployed.

Eavesdropping
Additional IT Security issues include “Active” eavesdropping attempts beyond cyberspace, where firewalls, intrusion detection systems (IDS), encryption, authentication, and other methods CANNOT provide sufficient countermeasures. In contrast, passive eavesdropping is essentially receiving other electronic signals with an antenna, for example the war driving with an 802.11x card/laptop that was performed in the referenced GAO report. Active “freespace” eavesdropping includes filling the space or target with electronic energy and allowing it to be modulated (modified) by the electronic information from within the target’s location, i.e., laser microphones are an example. Granted, these threats are more sophisticated techniques, however they have become relatively low in cost and quite ubiquitous.

Solutions
The #1 rule of security is “Security by Denial”, i.e., if you can’t access it, you can’t steal, copy, read or destroy it. The solution is to create an RF barrier or “skin” around the electronic assets, which could be a room, the entire floor, or entire building environment (Figure 3). IMPORTANT: This RF barrier is always on and essentially takes the human error factor out of the security function. Both the EMI and IT Security scenarios described previously are excellent reasons to investigate how wise building design/improvements should be implemented and how they can significantly assist the IT department with securing mission critical business functions as well as critical informational assets. Interestingly enough, many common building materials provide a level of RF barrier functionality without designed intention. For example, foil back drywall and poured metal pan concrete slab floors all contribute to providing an RF barrier. Please NOTE that the most vulnerable RF “holes” are the windows and glass! Also note that this RF barrier approach to security is essentially the same as the US Government’s Secure Compartmented Information Facilities (SCIFs) and TEMPEST countermeasures type programs.

Figure 3

Here is where the patented SD Technology comes into the solution. SD Technology in its product forms can be either an optically clear coating (existing facilities) or integral glazing system (new construction or renovation) providing the highest level of both RF and IR (Infrared) attenuation available. To summarize: SD1000 and SD1010 technology provides approximately 35dB/3% RF/IR; Once SD Technology is deployed on the glass fenestrations of the facility, the RF “Skin” is contiguous to the rest of the structure; hence RF and IR energy can not pass in either direction (Figure 4). Usually the first thought here is, “will my cell phone work once SD Technology is deployed?” As robust as cell technology is (75 dB dynamic range), chances are it will not connect to an external cell tower; however internal cell antenna arrays or “managed indoor wireless services are becoming more prevalent to provide guaranteed in-building coverage.

Figure 4

As an aside, the Green Building or LEED effort to focus new construction to protect the environment both internal and external to buildings has not addressed the EMI issue at this time.

Course of Action
The initial step should be to assess your existing risk following the steps described below. Step two is to select building materials and/or improvements that will provide an RF barrier as a “skin” on the structure itself, thereby minimizing EMI/EMP effects, WLAN signal leakage and preventing electronic eavesdropping.

The plan of action may look like this:

• Understand and document the local surrounding environment (transmission towers, loading and usage, etc.).
• Understand and document the organization’s requirements (WLAN, all IT equipment deployments, and criticality).
• Conduct an assessment utilizing a qualified organization, encompassing all components above and including field EM testing and/or theoretical calculations. This assessment should match the components of protection required to the RF attenuation required for determining the materials to be deployed and the acceptable risk the organization is willing to assume.
• Identify, select, and deploy materials to meet the requirements of above.
• Upon completion, re-assess to verify the effectiveness. Additional and Summary Benefits of SD Technology The benefits are numerous and evident by deploying SD Technology on the glass:
• Highest levels of Total Solar Energy Reduction or TSER performance for any optically clear window or window coating via the SD Technology. The TSER ratings of 55% to 75% for SD Technology allow for an annual savings of 5% to 16% of cooling expenses, per US Department of Energy (DOE) modeling depending upon a number of variables. These energy savings can allow the deployment costs to be processed via Energy Savings Companies or ESCOs. Basically, the end user does not have to realize the initial capital outlay for the SD Deployment and the ESCO makes it back via the savings.
• SD Technology does come in “glass fragmentation control” window film. For a small incremental cost over safety film, all the other benefits can be acquired. SD Films have been blast tested to GSA standards and have achieved rating of 2 and 3a depending upon the glass and frame systems utilized.
• EMI – This is an issue in major metropolitan areas where many corporate HQ reside, this approach lowers the risk of residing in that area. This is especially relative to the financial industry.
• EMI in a BIG way – turns out that Electromagnetic Pulse (EMP) weaponry is becoming much more portable and less expensive, thus it is becoming more available. Building or modifying a structure to withstand an EMP could be a very attractive selling point to certain tenants, again, especially with the Critical Infrastructure organizations, i.e., finance, transportation, utilities, etc.
• Eavesdropping Countermeasures – The US Government has known since the 1960’s that any electronic device broadcast RF signals whether intentionally (cell phones, wireless microphones) or un-intentionally (CRT Displays, hard drives, etc). Whether the information is encrypted or not it provides a “road” for all RF information to ride out of the premises, making it totally available for recovery. Latest DoD reports state that 200+ countries have the capability to eavesdrop using spurious RF transmission from the target.
• WLAN – now the IT administrator can supply a strong signal to all clients without the fear of broadcasting excessively into the public domain.
• WLAN – if unauthorized clients can not access the signal, vulnerabilities due to unsecured configurations can not be exploited. It is important to note that the popular wireless Denial of Service (DoS) attacks are also thwarted. These DoS attack methods are downloadable off the internet and when used against an organization, the constant authentication requests can slow the WLAN to a crawl.
• WLAN – No/less cabling means much lower cost especially in older structures.
• WLAN & EMI – the insurance companies know that EMI is a threat however with this approach an organization can reduce this risk.