The Enemy is Listening

So great is the threat to unsecured communications that any risk assessment ought not to be considering whether someone is listening-in, but should start with the premise that someone is.

The evidence for the above statements can be best understood by looking at the general threat to radio interception. The means for an unauthorised person to listen into private radio transmissions have been commercially available for many years. The equipment used to carry out this interception of communications are called scanning receivers or simply 'scanners'.

Although scanners capable of picking up radio communications have long been available, particular factors mean that the monitoring of business radio communications is now less of a possibility and more of a certainty.

The first of these factors is hardware availability.

Scanners

A scanner is a communication receiver which, besides the public broadcast stations (Radio One, etc.), can also receive signals outside the range of a household radio frequencies. These frequency bands include aircraft communications, emergency services, government and business radio signals. Thousands of scanners are sold to the public every year — no licence is required.

As with mobile phones and personal computers, the average specification of a scanner is improving, while at the same time the cost is reducing. This has made a reasonably expensive item, beyond the budget of many, affordable and prolific. A full range scanner once cost £300 or more. An equivalent scanner today will often cost £180 or less and a limited function set can be bought for as little as £70.

The personal computer is also relevant with regard to the operation of scanners. When linked to a personal computer the processing ability of a scanning receiver is comparable to the equipment which once only military and government security agencies possessed.

Disclosing sensitive information

The implications are that if your network has no security features then any information transmitted may be intercepted by two sorts of individuals.

• The casual listener with harmless intent.
• Persons who are listening with a purpose and who are prepared to act upon what they hear.

An example of a disclosed weakness could be the radio reporting, by a security patrol, of the fact that "the back door to dispatch has been left open again". Messages may also include commercially sensitive information, such as, "The MD will be in at ten o'clock for a full board meeting... it looks like the German take-over rumour is true." Clearly, correct radio procedures should dictate that such messages are not transmitted in clear speech. Even with a supposedly 'secure' system, correct radio discipline should form the first line of radio security. Inevitably, though, bad practice and mistakes will occur during crises, just when the most sensitive information is being transmitted! Managing a crisis is difficulty enough, but an unsecured radio network may compound the problem through unwanted or negative media attention.

Among those who use scanners are most probably the media, and if they aren't listening, then someone may be listening who is prepared to contact them if they chance upon some exclusive and sensitive information. Good media relations form a vital part of crisis management, but to unwittingly leak embarrassing or confidential details could turn a crisis into a disaster.

Data protection act

If an employee discloses a third party's personal data over a radio then this is sufficient to bring it within the terms of the new Data Protection Act 1998.

The police, for instance, have addressed this issue through use of the 10s code system. When an officer is about to be passed information that contains personal data, then the message is preceded by the phrase 10 - 8. This code alerts the officer to take precautions, turning the volume down or moving to a position of privacy, in order that the message is not overheard.

Releasing information unwittingly — because your transmissions were illegally scanned — would not be likely to be considered a breach of the Data Protection Act. However, how easy would it be to prove that the information had been obtained by scanning, and if the information was particularly embarrassing, would not the damage already have been done?

Your Defence

Correct radio discipline should form the first line of radio security. Inevitably, though, bad practice and mistakes will occur during crises, just when the most sensitive information is being transmitted!

To plan your defence from radio interception you first need to carry out a risk assessment, addressing these points: 1) The sensitivity of information likely to be transmitted (and the impact of disclosure) 2) Who are and how sophisticated are your potential adversaries? 3) How long your information needs to be protected 4) The availability of financial resources Having completed your risk assessment then you can plan your defence. Remember that the single most important aid to radio security is the discipline of the radio operator. Consequently, a cornerstone of your defence plan should be the delivery of suitable instruction and practice for all radio operators (see Best Practice).

Based upon the results of your risk assessment, what may be suggested is an improvement to the security of your network.

Jargon busting

What follows is a brief (jargon reduced!) description of the methods to improve radio security. Most standard (unsecured) radio systems use analogue radio signals and these types of transmission are the most susceptible to interception. One method of improving the security of analogue transmissions is through analogue inversion.

Analogue inversion

— Analogue or speech inversion works on the principle that the user's signal is inverted (at a fixed rate). Thus low frequencies come out as high frequencies and high frequencies come out as low frequencies, rendering it unintelligible to the unauthorised listener. When the signal reaches a similarly specified radio the signal is simply re-inverted. This sounds a worthy method of securing communications, yet many scanners have the ability to decode this type of signal.

Rolling code scrambler

— This method of speech security is based upon the same technique as used in analogue inversion, but it has an additional coded security feature. In this type of radio the signal is inverted not at a fixed rate but, with the use of programmable chips, at a rate which varies over time. In principle, only a radio with a compatible decoding chip can re-invert the signal correctly.

Analogue radio with encrypted digital transmission

— This type of radio is unique to the Maxon SL55 and PM 160/PM 100 range as fitted with the Marconi DM 8000 module. Based upon an analogue radio, the signals are first encrypted (by an encoder/decoder chip embedded into the radio) and then are sent out as digital transmissions. Such radios offer an economic but high degree of security.

Digital Radio Encryption

— This type of radio produces encrypted digital radio transmissions, which provide the highest form of radio security. But they are only available for government and military use.

Who's listening?

If there are thousands of 'scanners' within the public domain, and the frequency data is readily available in books and on the internet, then it stands to reason that your radio communications are being listened into as a matter of routine.

If your organisation does not implement proper procedures and/or invest in secure radios, it opens itself up to the risks mentioned above. Even if they had the required resources, current legislation does not allow the authorities (principally the Radiocommunications Agency) to act with great influence.

Recognising that the problem exists and assessing your exposure, the next step is to plan and implement your defence.

On a positive note, we should point out that investing in a scanner may be a prudent purchase for your organisation — the monitoring of your organisation's communications, for bad radio discipline and procedures, is both a legitimate and beneficial practice. For the multi-site security manager, a scanner may be a cost-effective means to accomplish this task.