Anti-cheating use aside, security experts say spectrum analysis tools could be a new data breach threat vector.

Mathew J. Schwartz, Contributor

January 14, 2011

2 Min Read

Top 10 Security Stories Of 2010

Top 10 Security Stories Of 2010

(click image for larger view)
Slideshow: Top 10 Security Stories Of 2010

High-tech cheats, beware: German communications equipment manufacturer Rohde & Schwarz said that Taiwanese government officials recently purchased three of its FSH4 spectrum analyzers to watch for the presence of cell phones. The goal was to monitor an exam hall filled with prospective government workers. Officials prohibit cell phones during exams, because answers could be relayed to test takers by voice or text.

The National Communications Commission, Taiwan's broadcasting regulator, also requested that the spectrum analyzers -- normally used to test cell phone signal strength -- have specific software modifications. "They didn't tell us what they were going to do. They just told us what to design, and later we found out what it was for," Rohde & Schwarz senior company engineer Lai Cheng-heng told PC World.

The modified devices were used in conjunction with earpieces, so that roving exam monitors would be quietly alerted when they were in the presence of an active cell phone. Officials said they identified at least three individuals using smartphones during the exam, though couldn't say whether they'd be formally accused of cheating.

While spectrum analyzers can watch for the presence of unapproved devices, that's not all they can do. According to a blog post by Gartner Group analyst John Pescatore, on the networking front, WLAN intrusion prevention systems (WIPS) already used spectrum analysis "to detect rogue access points in the early years of Wi-Fi use, and more recently . . . to detect misconfigured access points that might provide openings for attacks."

But he said spectrum analyzers could be used to discover much more than just misconfigured Wi-Fi networks operating in the 2.5 and 5 Ghz bands. The devices could also probe for known smartphone and mobile device vulnerabilities, especially as more and more devices -- not just smartphones but also iPads and laptops -- get equipped with high-speed 3G connections. Because of that, "cellular frequencies represent a growing wireless path for outbound data leakage and inbound attacks," he said. Not just for exam questions.

About the Author(s)

Mathew J. Schwartz


Mathew Schwartz served as the InformationWeek information security reporter from 2010 until mid-2014.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights