No Skynet is not here, not yet…
If you haven’t heard or seen the news lately, MGM Resorts in Las Vegas was attacked by a hacking group. This group compromised many of MGM’s systems with a ransomware attack resulting in 52 million dollars in lost revenue and counting. Why am I sharing this with all of you and what does this have to do with LMR systems? Two words “Social Engineering”. The Webster Dictionary defines social engineering as “social methods (such as phishing) that are used to obtain personal or confidential information which can then be used illicitly”. So, in a nutshell this multi-billion-dollar organization was brought to its knees by a 10-minute phone call, to technical support. They found an employee on LinkedIn and called the help desk, asking to have their password changed. This then gave the threat actors their way into the network, and it was only a matter of time before they were able to find a vulnerability and exploit it (If you want to geek out, ask me what the vulnerability is, I am more than happy to tell you). I know you are saying “Again Rick, what’s up with this? What does this have to do with LMR systems?” I will tell you if you hold your horses for a moment!
We have talked about how in many companies and agencies are moving their traditionally air gapped LMR networks to data networks, leaving the systems open for all sorts of threat actor hijinks (Please, I cannot stress this enough VLANS!). But what if the attack was not some guy in his mother’s basement wearing a black hoodie and a “Guy Fawkes” mask but a legit actor who gains access to the LMR through a data network and compromises a system, not to take it down or ransom it but to send false information over the air waves? I know you are now saying “But Rick, how is that possible, can that really be done?”
Back in late August, the Polish railway system was compromised. Someone spoofed a simple radio command that shut down trains by triggering their emergency stop function (Article Here). Now while this type of attack is very creative it does have limitations, it goes to show you what threat actors are capable of, especially state-sponsored actors. In this case they sent “tones” over radio waves that the trains systems recognized as stop commands. This type of attack has many limitations, one of the biggest is the attacker has to be within a short distance of the trains. But what if they found a way onto the LMR system that the Polish railway uses? And sent those shutdown tones across the entire network? That would effectively shut down all the trains that had radios attached to that network.
Let’s take it a step further and introduce AI. Specifically, voice AI, the kind that is being developed by many companies including Microsoft and Meta. This AI technology can imitate people, not just the voice but the vocal timber and emotional tone! (Social Engineering! See? We have come full circle!) Give this article a read, ArsTechnica did a good job of explaining this type of technology. Now take that technology and impersonate a manager or an engineer on the same train system or send the wrong information about a train stopped ahead, causing a major accident (I know my mind goes in dark directions, but that’s what happens when you think about security constantly).
Now this technology is way off but not that far off, AI is evolving very quickly. Now is the time to prepare for the advent of AI and threats. Make sure that your hand and base systems are using proper encryption, make sure that you are securing access to the LMR sub systems and towers that power the communications. Make sure that if you must put your LMR system on a data network that you work with your companies IT department so that your system is segmented from the rest of the network. TXRX Systems can help assist in many facets of security as well as updating older unsecure technology, check them out. But if you don’t want to talk to our brilliant team (shameless plug), drop me a line, I am more than willing to chat about this and what I have learned and how I would work to secure an LMR system that was assigned to my stewardship.