recommended reading

Encrypted Federal Radios Can Be as Revealing as Police Scanners

Ric Francis/AP file photo

Federal radios with encryption can be nearly as insecure as the Boston Police scanners that allowed the public to tune in to the hunt for a suspected bomber, research shows. The Homeland Security Department and other agencies are buying more mobile devices that use P25, a set of wireless voice communications protocols that offers encoding. But it works only if they turn it on. 

"We've collected several years’ worth of unintentionally clear federal radio traffic. Only one agency has crypto working reliably," University of Pennsylvania computer science professor Matt Blaze tweeted on Saturday, while commenting on the inadvertent transparency of the police chase. "The one fed [law enforcement] agency whose radio traffic is almost never in the clear is the Postal [Inspection Service]. Don't mess with them," he said.

Many Internet users on Friday were glued to various live streams of police transmissions broadcasting the pursuit of Boston Marathon bombing suspect Dzhokhar Tsarnaev.  Had he also been listening to the chatter, Tsarnaev possibly could have escaped. It is unclear what security configurations authorities in Boston were using. But even federal P25 communications have gaping holes, Blaze discovered during a two-year experiment. 

A significant portion of the traffic "is sent in the clear, despite the users' apparent belief that it is encrypted. We captured an average of 20 to 30 minutes per day per city of highly sensitive 'unintended' clear text," he wrote on his blog in 2011. "The clear text included all manner of highly sensitive operational details, such as identifying features of undercover operatives and informants, identities and locations of surveillance targets, plans and locations for forthcoming takedowns, and details of executive protection operations."

The 2011 findings were based on leakage from P25 systems in several metropolitan areas using frequencies assigned to federal officials. "We collected data specifically on systems carrying a high volume of sensitive traffic from trained and motivated users: the encrypted tactical two-way radio networks used by federal agencies conducting criminal and national security investigations," Blaze wrote. 

He said one problem is that the technology does not clearly notify users whether the encryption feature is on or off, "and radios set to clear mode will happily interoperate with radios set to encrypted mode."

Blaze does not blame the security weaknesses on user error. "The problem of unintended sensitive clear text rests squarely with the radios, not their users, and it is important to fix the problem rather than blame the victim," he wrote. Blaze added he is working with federal personnel to change the default features on handsets so encryption status is more visible.

The endeavor, as of Monday, had tightened controls “only to a very limited extent,” he told Nextgov in an email. “The fundamental problems are still there.”

Threatwatch Alert

Credential-stealing malware / User accounts compromised / Software vulnerability

Android Malware Infects More than 1M Phones, Adds 13,000 Devices a Day

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.


When you download a report, your information may be shared with the underwriters of that document.