Bastille Unveils List of Top 10 Internet of Radios Vulnerabilities

List Coincides with New Poll that Finds a Significant Gap Between Internet of Things Security Awareness and Preparedness in the Enterprise

SAN FRANCISCO, Calif.– October 18, 2016 – Bastille, the leader in enterprise threat detection through software-defined radio, today released its list of “Top 10 Internet of Radios Vulnerabilities.” The Internet of Radios is the combination of mobile, wireless, bring your own device (BYOD), and Internet of Things (IoT) devices operating within the radio frequency (RF) spectrum. The Top 10 list coincides with National Cyber Security Awareness Month as well as the results of the recent “Bastille Internet of Radios Security Poll” that indicates widespread recognition of potential threats in the enterprise, but limited adoption and enforcement of security policies.

Comprised by Bastille’s lauded engineering and research team responsible for the MouseJack and KeySniffer discoveries, the “Top 10 Internet of Radios Vulnerabilities” are:

  1. Rogue Cell Towers (‘Stingrays’, ‘IMSI Catchers’)
  2. Rogue Wi-Fi HotSpots
  3. Bluetooth Data Exfiltration (tethering)
  4. Eavesdropping/Surveillance Devices (e.g. conference room bugs)
  5. Vulnerable Wireless Peripherals (mice/keyboard)
  6. Unapproved Cellular Device Presence
  7. Unapproved Wireless Cameras
  8. Vulnerable Wireless Building Controls
  9. Unapproved IoT Emitters
  10. Vulnerable Building Alarm Systems

In addition to the Top 10 list, Bastille has released results of the “Bastille Internet of Radios Security Poll.” Nearly 300 global professionals took part in the poll, offering a snapshot into enterprise awareness and preparedness of Internet of Radios threats in the workplace. The poll was conducted July 26–August 3, 2016 and was comprised of visitors to the Bastille, KeySniffer and MouseJack websites. The majority of respondents (69%) reported they were employed in the IT and cybersecurity industries.

Key takeaways from the poll include:

  • 78% of respondents believe the threat from the Internet of Radios will increase in the next 12 months.
  • 50% of respondents believe IoT devices are already impacting security.
  • 51% of respondents say their companies have adopted a BYOD policy, but only 24% say the policy is strictly enforced.
  • 42% of respondents say their organization has not implemented a BYOD policy at all.
  • 47% of respondents say their organization is not currently using a Mobile Device Management (MDM) system, compared to 41% that already have one in place.

“While it’s encouraging to see that so many people are aware of IoT-related threats, it’s discouraging to see that enterprises are not actively heeding the warning,” said Chris Risley, CEO, Bastille. “Awareness is only half the battle; without proper security protocols in place, enterprises leave themselves and their customers vulnerable to an IoT-related attack. As this is Cyber Security Awareness Month, we urge all enterprises to adopt a clear IoT security policy as these emerging IoT threats are simply too numerous and dangerous to continue to ignore.”

Bastille is the first cybersecurity company to detect and mitigate the rapidly emerging threats to the enterprise that are the unintended consequence of the Internet of Radios. The company’s flagship solution, Bastille Enterprise, utilizes patented software-defined radio sensors backed by machine-learning technology to sense, identify and localize radio-based threats.

For more information on Bastille, visit www.bastille.net and follow them on Twitter @bastillenet and LinkedIn.

About Bastille
Launched in 2014, Bastille is the leader in enterprise threat detection through software-defined radio. Bastille provides full visibility into the known and unknown mobile, wireless and Internet of Things devices inside an enterprise’s corporate airspace–together known as the Internet of Radios. Through its patented software-defined radio and machine learning technology, Bastille senses, identifies and localizes threats, providing security teams the ability to accurately quantify risk and mitigate airborne threats that could pose a danger to network infrastructure. For more information, visit www.bastille.net and follow them on Twitter @bastillenet and LinkedIn.

Media Contact:
Noe Sacoco
LMGPR
408.340.8130
[email protected]

Bastille Unveils Unprecedented Solution to Protect Enterprises From Internet of Radios-Based Security Threats

Company’s Patented Software-Defined Radio and Machine-Learning Technology Senses, Identifies and Localizes Threats in the Corporate Airspace

San Francisco, CA – October 18, 2016 – Bastille, the leader in enterprise threat detection through software-defined radio, today announced the General Availability of its new service to protect enterprises from information and physical security threats. Bastille’s solution utilizes patented software-defined radio sensors backed by machine-learning technology to provide enterprises with full visibility into mobile, wireless and Internet of Things (IoT) - The Internet of Radios - devices inside their corporate airspaces. The ability to sense, identify and localize potential threats enables security teams to take swift action and preemptively remove those threats before harm is done.

“Your corporate airspace can either be a hugely vulnerable attack surface or it can be a newcontributor to your security situational awareness. With the mobile world and unwired communications creating thousands of new threat vectors, enterprises have never been more vulnerable to a radio-based attack simply because you can’t protect what you can’t see,” said Chris Risley, CEO, Bastille. “At the same time, almost every person in or near your facility now carries a radio transmitter in the form of a mobile phone. The Bastille solution scans the entire corporate airspace to sense, identify and localize emerging threats and behavioral anomalies resulting in full visibility of any airborne risks in your environment.”

Bastille pairs sophisticated software-defined radio sensors with machine learning cloud analytics. It continuously scans the full spectrum from 60MHz to 6GHz, including all Wi-Fi, Bluetooth, cellular and IoT protocols, the Internet of Radios,  to provide real-time situational awareness for all wireless infrastructure in the enterprise. With two patents issued and 12 patents pending, the Bastille solution is built upon three areas of technology that result in the ability to Sense, Identify and Localize threats:

SENSE: Collaborative Bandit Sensing quickly and accurately scans the spectrum for emitters and threats. Utilizing the multi-armed bandit Prediction Algorithm and machine-learning techniques, Bastille’s sensors intelligently make distributed decisions about whether to observe a known signal versus scanning another part of the spectrum to find unknown signals.

IDENTIFY: Bayesian Device Fingerprinting is used to detect and identify devices in an enterprise’s airspace. It leverages Probabilistic Graph Models to resolve emitter, device and people-device entities to produce never-before-seen situational awareness of an enterprise’s airborne (RF) and physical space.

LOCALIZE: Distributed Tomographic Localization provides actionable position information of all emitters in the corporate airspace. This technology passively localizes any emitter within an industry-leading 1metre of accuracy, enabling customers to geo-fence emitters and set localization-based alerts for sensitive areas.

Bastille is providing three separate service offerings of its solution to meet the needs of the enterprise:

      Bastille Enterprise: This is a full solution deployment from one floor to enterprise-wide to discover and localize device/threat sources. Sensors are installed at the same density as WiFi hotspots, with 4-6 sensors minimum per area recommended for premium threat localization. The solution can determine all radio-capable devices in the environment, their threat capabilities and any active threats.

      Bastille Audit: This one-month audit focuses on the airborne threats in a single area of an enterprise’s environment up to 25,000 square feet. Utilizing a maximum of 10 sensors, Bastille provides organizations with a point-in-time detailed analysis and thorough report of the current threats in their environment.

      Bastille Desktop: This one-week audit of airborne threats in a small area gives enterprises a trial of the Bastille solution. Featuring a desktop sensor, enterprises can see the different types of radio-borne threats that enter their airspace on a daily basis.

Bastille is the first company to offer a complete security solution for the Internet of Radios, which includes the world of mobile, wireless, BYOD and the Internet of Things. Bastille has been lauded for its groundbreaking research and discoveries including MouseJack, a massive vulnerability in wireless mice and keyboards, and KeySniffer, a security flaw in low-cost wireless keyboards. The company has also received several industry honors including being named a 2016 Gartner “Cool Vendor,” a 2016 Red Herring Top 100 North America award winner, and a finalist for RSA Conference’s Innovation Sandbox Contest 2016. Bastille’s launch of its flagship solution coincides with the company’s mission to completely secure the enterprise by identifying airborne threats and allowing for a preemptive response.

For more information on Bastille, visit www.bastille.net and follow them on Twitter @bastillenet and LinkedIn.

About Bastille
Launched in 2014, Bastille is the leader in enterprise threat detection through software-defined radio. Bastille provides full visibility into the known and unknown mobile, wireless and Internet of Things devices inside an enterprise’s corporate airspace–together known as the Internet of Radios. Through its patented software-defined radio and machine learning technology, Bastille senses, identifies and localizes threats, providing security teams the ability to accurately quantify risk and mitigate airborne threats that could pose a danger to network infrastructure. For more information, visit www.bastille.net and follow them on Twitter @bastillenet and LinkedIn.

Media Contact:
Noe Sacoco
LMGPR
408.340.8130
[email protected]

Bastille To Lead Industry Discussions On Wireless Hacking At GNU Radio Conference 2016

Researchers Balint Seeber, Marc Newlin and Matt Knight to Speak and Host Wireless Hacking Challenge for Conference Attendees

ATLANTA, GA – September 12, 2016 – Bastille, the first cybersecurity company to detect and mitigate threats from the Internet of Things (IoT), today announced members of its lauded research team, Balint Seeber, Marc Newlin and Matt Knight, will be leading industry discussions on wireless hacking and emerging RF technologies as part of GNU Radio Conference 2016. Additionally, Bastille will host a Wireless Hacking Challenge made up of a multi-frequency, multi-protocol, multi-complicated series of RF puzzles for conference attendees. The GNU Radio Conference 2016 takes place September 12–16, 2016 at the University of Colorado, Boulder.

“The GNU Radio Conference comes at a time of unprecedented insecurity in wireless protocols across the radio spectrum,” said Balint Seeber, Director of Vulnerability Research, Bastille. “We look forward to leading thoughtful discussions and demonstrations that illuminate novel wireless security research utilizing Software Defined Radio and open tools. This is a good opportunity to showcase the team's talent in this space, as we continue probing for vulnerabilities that currently exist and work toward securing enterprises and individuals against these evolving wireless threats.”

Bastille will be participating in the following sessions as part of GNU Radio Conference 2016:

Hacking the Wireless World
Speaker: Balint Seeber
September 12, 2016, 2:50–3:10pm

GRCon Hacking Challenges 
Speaker: Balint Seeber
September 13, 2016, 10:45–11:00am

Hacking the Wireless World 3.0
Speaker: Balint Seeber
September 13, 2016, 4:45–5:15pm

Sniffing and Dissecting nRF24L with GNU Radio and Wireshark
Speaker: Marc Newlin
September 14, 2016, 11:15–11:45am

Reversing and Implementing the LoRa PHY with SDR
Speaker: Matt Knight
September 15, 2016, 2–2:30pm

Hacking Challenge Conclusion
Speakers: Balint Seeber, Marc Newlin, Matt Knight
September 16, 2016, 2–2:30pm

For more information on GNU Radio Conference 2016, including detailed session descriptions, visit gnuradio.org/grcon-2016.

For more information on Bastille, visit www.bastille.net and follow them on Twitter @bastillenet and LinkedIn.

About Bastille
Launched in 2014, Bastille is pioneering Internet of Things (IoT) security with next-generation security sensors and airborne emission detection, allowing corporations to accurately quantify risk and mitigate 21st century airborne threats. Through its patented proprietary technology, Bastille helps enterprise organizations protect cyber and human assets while providing unprecedented visibility of wireless IoT devices that could pose a threat to network infrastructure. For more information, visit www.bastille.net and on Twitter @bastillenet and LinkedIn.

Media Contact: 
Noe Sacoco
LMGPR
408.340.8130
[email protected]

Bastille Wins Prestigious 2016 Red Herring Top 100 North America Award

Company Recognized for its Groundbreaking Security Solution that Detects and Mitigates the Threats to Enterprises that are the Unintended Consequence of the Internet of Things

ATLANTA, GA – JUNE 10, 2016 – Bastille, the first cybersecurity company to detect and mitigate threats from the Internet of Things (IoT), today announced it has been selected as a Top 100 North America award winner. Bastille was recognized for its groundbreaking security solution that detects and analyzes all the data transmitted within the enterprise via radio frequencies (RF) at 60MHz – 6GHz, which includes cellular, Wi-Fi, and more than 100 IoT protocols. Bastille provides unparalleled situational awareness to security threats and anomalous behavior contained across the full wireless spectrum within the enterprise.

“We are honored to be recognized by Red Herring as one of the top 100 private companies in North America,” said Chris Risley, CEO, Bastille. “This esteemed industry award speaks to the importance of our ongoing work and will only fuel our mission to continue protecting enterprises across the globe from IoT threats.” 

Red Herring Top 100 America enlists outstanding entrepreneurs and promising companies. It selects the award winners from approximately 1,200 privately financed companies each year in the US and Canada. Since 1996, Red Herring has kept tabs on these up-and-comers. Red Herring editors were among the first to recognize that companies such as Facebook, Twitter, Google, Yahoo, Skype, Salesforce.com, YouTube, Palo Alto Networks and eBay would change the way we live and work. 

“In 2016, selecting the top achievers was extremely difficult,” said Alex Vieux, publisher and CEO of Red Herring. “The variety, depth, disruption and traction we saw from the early stage companies to those with significant scale made it one of the toughest vintages to judge. The North America winners are representative of the amazing ecosystem that never ceases to astound, with new and experienced entrepreneurs continuing to push the barriers of innovation. As one of the winners, Bastille should be proud of its accomplishment under such strong competition.”

Bastille is the first company to detect and mitigate the rapidly emerging threats to the enterprise that are the unintended consequence of the Internet of Things. Bastille helps enterprise security teams protect corporate airspace by scanning the entire radio frequency (RF) spectrum, gaining visibility into devices that operate on more than 100 distinct protocols. 

For more information on Bastille, visit http://www.bastille.net and follow them on Twitter @bastillenet and LinkedIn.

About Bastille
Launched in 2014, Bastille is pioneering Internet of Things (IoT) security with next-generation security sensors and airborne emission detection, allowing corporations to accurately quantify risk and mitigate 21st century airborne threats. Through its patent-pending, proprietary technology, Bastille helps enterprise organizations protect cyber and human assets while providing unprecedented visibility of wireless IoT devices that could pose a threat to network infrastructure. For more information, visit http://www.bastille.net and follow them on Twitter @bastillenet and LinkedIn.

Media Contact: 
Noe Sacoco
LMGPR
408.340.8130
[email protected]

Bastille Named a 2016 Gartner “Cool Vendor”

COMPANY RECOGNIZED IN THE CLOUD AND EMERGING TECHNOLOGY SECURITY CATEGORY FOR ITS GROUNDBREAKING INTERNET OF THINGS SECURITY SOLUTION

ATLANTA, GA – May 13, 2016 – Bastille, the first cybersecurity company to detect and mitigate threats from the Internet of Things (IoT), today announced it has been named to the list of 'Cool Vendors' in the “Gartner Cool Vendors in Cloud and Emerging Technology Security, 2016” 1 report by Gartner, Inc. Bastille was recognized for its groundbreaking IoT security solution that detects and analyzes data transmitted via radio frequencies at 60MHz – 6GHz and alerts companies of anomalous behavior.

“The Internet of Things presents a major challenge to enterprise security teams as millions of vulnerable devices are brought into the workplace each day,” said Chris Risley, CEO, Bastille. We are very honored to be recognized as a Gartner Cool Vendor and we celebrate this recognition as the company continues to strive to protect enterprises from these ongoing IoT threats."

Bastille is the first company to detect and mitigate the rapidly emerging threats to the enterprise that are the unintended consequence of the Internet of Things. Bastille helps enterprise security teams protect corporate airspace by scanning the entire radio frequency (RF) spectrum, gaining visibility into devices that operate on more than 100 distinct protocols.

Each year, Gartner identifies new Cool Vendors in key technology areas and publishes a series of research reports highlighting these innovative vendors and their products and services. The annual reports highlight emerging vendors that provide innovative technologies warranting attention from prospective customers. For more information on Bastille, visit www.bastille.net and follow them on Twitter @bastillenet and LinkedIn.

About Bastille
Launched in 2014, Bastille is pioneering Internet of Things (IoT) security with next-generation security sensors and airborne emission detection, allowing corporations to accurately quantify risk and mitigate 21st century airborne threats. Through its patent-pending, proprietary technology, Bastille helps enterprise organizations protect cyber and human assets while providing unprecedented visibility of wireless IoT devices that could pose a threat to network infrastructure. For more information, visit www.bastille.net and follow @bastillenet on Twitter and LinkedIn.

Disclaimer
Gartner does not endorse any vendor, product or service depicted in our research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

1 Gartner “Cool Vendors in Cloud and Emerging Technology Security,” 2016 report by Andrew Walls, Steve Riley, Earl Perkins, Anmol Singh, Neil MacDonald, Joerg Fritsch, and Brian Lowans

Media Contact:
Noe Sacoco
LMGPR
408.340.8130
[email protected]

"