Security considerations for exposure of classified IT systems to mobile devices and wireless signals - ITSB-104

2 Impact

Mobile devices contain powerful computing capabilities and have the ability to communicate with Wi-Fi® , cellular networks, or with other devices via protocols such as Bluetooth. Mobile devices are also vulnerable to the same cyber threats as traditional computers, including malware MalwareMalicious software designed to infiltrate or damage a computer system, without the owner's consent. Common forms of malware include computer viruses, worms, Trojans, spyware, and adware. , spyware, or Trojan TrojanA malicious program that is disguised as or embedded within legitimate software. horses. Allowing wireless capable devices in areas that host sensitive or classified information Classified informationA Government of Canada label for specific types of sensitive data that, if compromised, could cause harm to the national interest (e.g. national defence, relationships with other countries, economic interests). creates a conduit for exfiltration ExfiltrationThe unauthorized removal of data or files from a system by an intruder. (leakage) of data or voice via these devices. Exfiltration can be intentional or unintentional, and could be facilitated by a threat actor’s implant on the device. Video, photography, voice recording, or connecting the device directly to a wired infrastructure are potential avenues for a threat actor to acquire GC information.

The exfiltration threat is enhanced when a wireless signal from a non-GC wireless network (e.g., free Wi-Fi® from a local coffee shop) is within range of a GC wireless network or GC owned mobile device. A GC device could inadvertently or intentionally become connected to a non-GC network, or act as a bridge between an external wireless network and a GC network, thus providing an exfiltration route.

Locating classified IT systems in close proximity to radio frequency (RF) transmitters may also cause unintentional information leakage.

3 Mitigation strategies

To mitigate the risks to sensitive or classified information from mobile devices or wireless signals, it is important that GC departments implement sound security practices and ensure employees are aware of the security implications. When implemented together, the following can help reduce the risk of the compromise CompromiseThe intentional or unintentional disclosure of information, which adversely impacts its confidentiality, integrity, or availability. of information.

3.1 Policies and procedures

Clear departmental-level policies and procedural rules should be developed on the use of wireless capable devices in, or close to, areas that process sensitive or classified information. Departments must consider the Royal Canadian Mounted Police (RCMP) G1-026 - Guide to the Application of Physical Security Zones as an element of the overall risk management strategy.

For departments implementing a Mobile Device Management (MDM) solution, security configurations should be clearly articulated in departmental policies and procedures. CSE’s publication, ITSB-64 - MDM Solutions, can aid in the selection of an MDM solution.

Regular awareness activities on the related vulnerabilities and proper usage behaviours should be made available to all users with access to departmental systems.

3.2 Technology

GC departments and agencies should consider adopting the following security controls on their mobile device resources:

• Using whitelisting to impose enterprise wide application restrictions;
• Controlling camera and wireless transmitter use; and
• Restricting Wi-Fi® connections to GC authorized access points.

4 Implementation

To avoid unintentional information leakage, classified IT systems should be located as far away as possible from RF transmitters such as Wi-Fi® access points, signal repeaters, portable end user devices (e.g., laptops, tablets, or mobile phones), and supporting wireless technologies (e.g., Wi-Fi® or cellular). It should be noted that stationary RF transmitters introduce a greater risk than portable mobile devices. Consult ITSG-11 - COMSEC Installation Planning – Guidance and Criteria for further guidance related to the installation of classified IT systems in close proximity to RF transmitters.

5 Conclusion

It is essential that GC departments implement protective measures to secure the confidentiality ConfidentialityThe ability to protect sensitive information from being accessed by unauthorized people. , availability AvailabilityThe ability for the right people to access the right information or systems when needed. Availability is applied to information assets, software, and hardware (infrastructure and its components). Implied in its definition is that availability includes the protection of assets from unauthorized access and compromise. and integrity IntegrityThe ability to protect information from being modified or deleted unintentionally or when it’s not supposed to be. Integrity helps determine that information is what it claims to be. Integrity also applies to business processes, software application logic, hardware, and personnel. of their IT information and assets. Allowing the use of mobile devices and wireless signals in close proximity to IT systems that handle sensitive or classified information poses a risk to GC information and assets. Departments can enhance the security features of their networks and provide protection against data exfiltration threats through the use of strong security policies, training and awareness programs, tailored security controls and a robust risk management process.

6 Contacts and assistance

For more information, email, or phone our Contact Centre:

email contact@cyber.gc.ca |Mobile 613-949-7048 or 1‑833‑CYBER‑88