Hack the police (at least their radios)


Critical infrastructure, cybercrime

Hiding behind a black box and hoping no one will hack it is consistently proven to be unwise and less secure.

Black Hat 2023: hack the police (at least their radios)

We read about hacking into law enforcement radio systems, then attended the session at Black Hat and questioned the motivation for this type of attack. Years ago, and probably still at DEF CON, breaking things was a priority, maybe just lol. But nation-state antennae will almost certainly be relayed by this news. Expect more attacks soon – ones you may not hear about.

Attacks on critical infrastructure

Years ago, we were asked if the first attacks on critical infrastructure were one-offs or if we could expect to see more. Later, everyone understands that the threat is real, especially for attackers motivated by ideologies, such as in war operations.

Ransomware was a natural extension, but it raises a different question regarding domestically motivated attackers who simply want to collect information undetected for as long as possible. By extension, this also raises the question of who is already part of law enforcement networks.

Existing networks used in many robust communications environments are expected to operate – even in the event of a natural disaster – for decades, as are dams, water treatment plants, etc. They care most about reliability, but much less about security. Even if their security were suddenly made a priority, it is not clear that these systems would have the capabilities to meaningfully implement security at any meaningful level, especially legacy legacy systems.

Reluctant sellers

One of the presenters cited the general reluctance of the Tetra Proprietary Radio Systems team to use anything other than proprietary encryption – which the presenters broke down in several ways. THE European Telecommunications Standards Institute (ETSI) think that have obscure, proprietary encryption seemed much safer than using an open and widely approved algorithm, even when presented with multiple weaknesses.

They also presented evidence at the conference that nation states had already shown considerable interest in, and perhaps even access to, Tetra-based equipment in national security contexts. So this is nothing new, it’s just obscure.

One of the obstacles preventing researchers from examining the equipment is the extreme reluctance of hardware vendors to access hardware and software. Few researchers have the budget to spend large sums to have a chance to prove that there are problems, then there is not. This means that only nation states – those with the most potential interest – would be sufficiently motivated… but capable of being exploited, not repaired.

Moreover, with the development of more and more scary global environment surrounding the export of technology that could be used by a future enemy, there is a chilling effect effect on capacity and likelihood of better encryption being widely used (since Tetra radios are virtually everywhere in the world in one form or another) due to export restrictions, which could further reduce future security .

Part of Black Hat is studying to understand problems so you can fix them, helping us all to be safer. Hiding behind a black box and hoping no one will hack it is consistently proven to be unwise and less secure; we hope that the emergency communications managers we all rely on to support us during critical events are not simply unwitting victims.

Leave a comment