In a recent security audit of a typical American company, investigators found it to be child's play to obtain confidential information about the company's secrets. Positioned across the street, they intercepted a large number of telephone conversations transmitted in the clear because a significant number of employees were using wireless headsets.
To perform the work, we purchased a commercially available radio scanner. These devices are available at any local electronics retailer at prices ranging from $80 to several thousand dollars. We chose a scanner capable of monitoring frequencies from 900 to 928MHz and the 1.2GHz ranges, which is where many of the popular hands-free headsets operate. We took a position across the street from the facility and started up the scanner. Within seconds of turning on the device, we were able to listen to conversations that appeared to be coming from our client's employees. Several of these conversations discussed the business in detail, as well as very sensitive topics... Within minutes of this discovery, we contacted our customer and explained the vulnerability... To demonstrate the sensitivity of what we discovered, we used the conversations we recorded to social engineer our way into the facility.
Transcript of Episode 130, Security Now
Category: Security
| 
