There have been a number of DIY projects documented recently that transform inexpensive TV tuner dongles into software defined radios (SDRs) capable of receiving a wide range of broadcasts. While this potentially allows someone access to frequencies used for security equipment/communications, our concerns are primarily limited to the interception of data – which can be addressed in a variety of ways.
Now, some projects – like this one – are taking the concept further and adding the ability to transmit. As the hardware becomes more affordable, the likelihood of misuse will rise. These systems could, for example, transmit false GPS information, replay wireless transmitter signals, or mimic a wireless host or monitoring system. Many older wireless platforms use little or no security for transmission validation, and even those that do may be susceptible to certain types of attacks – such as brute forcing and jamming. Of course, the technology to interfere with wireless transmissions is already available, but it is generally cost prohibitive and complicated to operate.
Software projects like GNU Radio promise to simplify the user interface for those exploring SDR, and we will undoubtedly see a range of purpose-built attack tools in the future that can break or compromise various wireless systems. Many of these will be useful to pen-testers, but like all such tools, their existence in the wild must be considered when selecting wireless equipment or evaluating an existing infrastructure.