GITSN, INC

The clock is ticking for federal government facilities that store and/or process highly classified information to comply with new security requirements regarding electronic device detection. Per a memo issued by Secretary of Defense Lloyd Austin (SECDEF memo), as of September 30, 2024, SCIFs (Sensitive Compartmented Information Facilities) and SAPFs (Special Access Program Facilities) must have electronic device detection systems and mitigation measures in place to combat wireless threats posed by personal or portable electronic devices. 

The SECDEF memo is part of a broader plan implementing a centralized approach to insider threats across the Department of Defense (DOD). It was initiated after the arrest of Jack Teixeira, a Massachusetts Air National Guard member charged with six counts of sharing highly classified military documents about Russia’s war in Ukraine and other top national security issues in a chat room on the online community, Discord. Teixeira ultimately pled guilty in March 2024. 

A comprehensive security review in the wake of the Teixeira incident brought to light the very real threat posed by electronic devices and unveiled the need for a more robust approach to identifying and mitigating the risk of data exfiltration from insider threats. Thus began a rollout of deadlines designed to keep SCIFs and SAPFs better protected against potential attacks, particularly from electronic devices. 

Electronic Device Threats 

Electronic devices in sensitive areas pose significant risks to national security. Any device emitting cellular, Wi-Fi, Bluetooth, or BLE signals can potentially be used for nefarious acts including espionage, data breaches, cyber threats, and more. These devices include cellular phones, laptops and tablets, smartwatches, wearable devices such as Fitbits, personal medical devices such as hearing aids, and USB cables with hidden Wi-Fi and Bluetooth data extraction capabilities, to name a few. 

Unfortunately, due to the availability and affordability of wireless devices, the invisibility of the signals they send, and increasing access to tools and code repositories instantiating wireless attack vectors, a would-be attacker’s barrier to entry has been significantly lowered. Wireless devices can be used to store, transmit and steal information, record secret conversations, conduct surveillance, introduce malware, infiltrate networks, etc. Such capabilities are increasingly accessible to less-sophisticated actors, making the risk of an attack greater than ever before. 

Of particular concern is that many of these electronic devices contain vulnerabilities allowing them to be compromised without the owner even knowing it. As a result, an employee or official with access to classified information can become an unknowing participant in enabling malicious actors to conduct their attacks. 

Achieving SECDEF Memo Compliance  

To comply with the SECDEF memo, DOD SCIFs and SAPFs must implement a Wireless Intrusion Detection System (WIDS) to monitor and detect unauthorized wireless devices and networks within an organization’s environment. By this means, organizations are enabled to identify and interdict such devices, preventing them from compromising classified information. 

A robust, effective, and comprehensive wireless detection system needs to have the following attributes to comply with the SECDEF’s memo:  

Passive radio frequency (RF) sensors to enable comprehensive coverage of missed detections that are common in lobby-based detection systems. Advanced multi-protocol decoding capabilities allow for individual device detection, whitelisting of authorized devices, and eliminating false alarms prevalent in less sophisticated power-based detection systems.

NIAP/Common Criteria certification that demonstrates compliance with the need to be able to secure classified areas from threats posed by cellular and other wireless devices.  

A WIDS system that offers a variety of tools to help security teams combat threats posed by electronic devices including spectrum analysis to gain visibility into the RF spectrum, location and geofencing capabilities, tagging and alerting of policy violations, real-time monitoring, device profiling based on a device’s behavior and characteristics, reporting and analytics, and much more. 

With these requirements in place, government agencies will be able to not only comply with the SECDEF’s memo, but also provide robust deterrence to prevent insider attacks.  

Learn more about how Bastille is leading the way in meeting the DOD’s electronic device detection needs and stands ready to help organizations achieve compliance ahead of the SECDEF memo’s Sept 30, 2024, deadline. 

출처 : Government Technology Insider