& cplSiteName &

Malware in the Air?

Light Reading
LR Mobile News Analysis
Light Reading
3/15/2006
50%
50%

For the first time, researchers have raised the possibility of RFID tags being infected by viruses and worms.

In a paper being presented today at the Pervasive Computing and Communications Conference in Pisa, Italy, sponsored by the Institute of Electrical and Electronics Engineers Inc. (IEEE) , a group of computer scientists show just how susceptible radio-frequency tags may be to malware.

"Up until now, everyone working on RFID technology has tacitly assumed that the mere act of scanning an RFID tag cannot modify backend software, and certainly not in a malicious way," the paper's authors write. "Unfortunately, they are wrong."

Under certain conditions, they say, RFID tags can be intentionally infected with viruses that can then find their way into the backend databases used by the RFID software.

As RFID spreads from retail supply-chain applications to a host of uses in logistics, warehousing, and other businesses, the specter of viruses spread from tiny tags via handheld scanners into enterprise software platforms could significantly slow the technology's spread. (See DHL Chips in on RFID.)

Today's presentation in Pisa provides details on how to spread viruses via RFID as well as how to defend against them. The paper is being published, the authors, say, to warn the designers and users of RFID not to deploy vulnerable systems.

"By making code for RFID 'malware' publicly available, we hope to convince them that the problem is serious and had better be dealt with, and fast," said author Andrew Tanenbaum and his colleagues, in a statement.

"Viruses on RFID tags present two issues," comments David Adams, senior vice president for corporate strategy and technology at Denver-based Trenstar, which manages thousands of beer kegs in the United Kingdom using RFID tags. "How to protect the flow of information on the tag itself and how to prevent any virus from making from the tag to our application level that is fed from the RFID network." (See Brewers Tap Into RFID.)

Trenstar, Adams adds, has created a proprietary data structure for information, which searches for corrupted data at each stage in the supply chain where the tags are scanned. The company also analyzes all data flowing into its application layer for known viruses, including RFID-generated data.

"Any good data collection system has to be set up so that it's very specific in what sort of data it's looking to collect," adds Dan Mullen, executive director of AIM Global, a trade association for the barcode and RFID industries. "That's just good practice, and it's been around for a long time."

The paper outlines three scenarios: a prankster who replaces an RFID tag on a jar of peanut butter with an infected tag to infect a supermarket chain's database; a subdermal (i.e., under-the-skin) RFID tag on a pet used to upload a virus into a veterinarian or ASPCA computer system; and, most alarmingly, a radio-frequency bag tag used to infect an airport baggage-handling system. A virus in an airport database could re-infect other bags as they are scanned, which in turn could spread the virus to hub airports as the traveler changes planes.

"Within a day, hundreds of airport databases all over the world could be infected," the authors write. "Merely infecting other tags is the most benign case. An RFID virus could also carry a payload that did other damage to the database -- for example, helping drug smugglers or terrorists hide their baggage from airline and government officials."

The broadness of the authors' claims, however, betrays a lack of understanding of how specific RFID systems are designed, says Mullen.

"If you're looking at an airport baggage system, for instance, you have to know what sort of tag's being used, the structure of the data being collected, and what the scanners are set up to gather," he explains. "Look at it in a vertical application fashion to see what specific concerns might be present there."

A renowned computer scientist, Tanenbaum developed the Minix operating system, a precursor to Linux.

— Richard Martin, Senior Editor, Unstrung

(0)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
From The Founder
The independent evaluation of Nokia's key virtual network functions (VNFs) was a defining moment for the Finnish giant.
Flash Poll
Live Streaming Video
Charting the CSP’s Future
Six different communications service providers join to debate their visions of the future CSP, following a landmark presentation from AT&T on its massive virtualization efforts and a look back on where the telecom industry has been and where it’s going from two industry veterans.
LRTV Custom TV
Cisco's Innovations in Cable

5|26|16   |   03:18   |   (0) comments


Marc Aldrich from Cisco discusses the latest in security, the evolution and momentum for CCAP and what the industry will be seeing next from Cisco.
LRTV Documentaries
Leading Lights 2016 Highlights

5|25|16   |   02:26   |   (1) comment


Some of the high points from this year's Leading Lights awards dinner at the Hotel Ella in Austin, Texas.
LRTV Documentaries
Light Reading Hall of Fame 2016

5|23|16   |   05:43   |   (0) comments


Find out who has been welcomed into Light Reading's Hall of Fame this year.
LRTV Custom TV
ZTE TM Forum Highlights

5|23|16   |     |   (0) comments


ZTE showcased its new ICT solutions at TM Forum in Nice.
LRTV Interviews
Gamma's MD on the Emergence of UC2

5|20|16   |     |   (0) comments


Gamma Communications Managing Director David Macfarlane believes the unified communications (UC) market has reached a tipping point.
LRTV Custom TV
The Ultimate 5-Minute Guide to Digital Customer Engagement

5|20|16   |     |   (0) comments


In this short video, you will hear all about how Digital Customer Engagement is the key to meeting customer expectations, keeping them happy, and maximizing revenue. VP Product & Marketing at Pontis, Ofer Razon, breaks down for us the five essential capabilities for successful Digital Customer Engagement. Don’t miss!
LRTV Custom TV
NFV in 2016: Part 1 – NFV Use Cases Get Real

5|19|16   |   05:57   |   (0) comments


Consensus is building around the key use cases for NFV, including managed IP services at the network edge and on customer premises, which can generate new revenues from enterprises/SMBs and consumers; Evolved Packet Core to support LTE migration; and adjacent technologies, such as TAS and IMS, to support VoLTE and next-generation charging and policy control ...
LRTV Custom TV
Nokia's Steve Vogelsang on NFV – Part 3

5|19|16   |     |   (0) comments


Steve Vogelsang discusses the challenges of operational transformation and how Nokia helps its customers. Join Steve at the Big Communications Event in Austin the morning of May 24, on his keynote and optical networking panel.
LRTV Interviews
Level 3: Why UC Is In Demand

5|17|16   |   04:12   |   (1) comment


Andrew Edison, Level 3's senior VP of sales, EMEA region, talks about the drivers of growth in the unified communications services market.
LRTV Custom TV
ARM's OPNFV Action

5|17|16   |     |   (0) comments


At the ARM booth at MWC 2016, Joe Kidder and Bob Monkman speak to Light Reading about OPNFV and their upcoming action.
LRTV Custom TV
Nokia's Steve Vogelsang on NFV – Part 2

5|16|16   |     |   (0) comments


Steve Vogelsang gives advice to service providers on how to move to NFV. Join Steve at the Big Communications Event in Austin the morning of May 24, on his keynote and optical networking panel.
LRTV Interviews
Interoute CTO on NFV's Maturity

5|13|16   |   06:46   |   (1) comment


Matt Finnie, CTO at international operator Interoute, explains how NFV has made life easier in terms of logistics and how Interoute can now enable a 'software-defined moment' for its customers.
Upcoming Live Events
September 13-14, 2016, The Curtis Hotel, Denver, CO
December 6-8, 2016,
June 16-18, 2017, Austin Convention Center, Austin, TX
All Upcoming Live Events
Infographics
A new survey conducted by Heavy Reading and TM Forum shows that CSPs around the world see the move to digital operations as a necessary part of their overall virtualization strategies.
Hot Topics
DT: Telcos Must Escape Vendor Prison
Iain Morris, News Editor, 5/24/2016
AT&T to Start 5G 'Friendly' Trial by 2016 End
Dan Jones, Mobile Editor, 5/24/2016
Cisco's Patel Hails 'Microculture' Successes
Iain Morris, News Editor, 5/26/2016
Cable Is Eyeing Its Retail Options
Mari Silbey, Senior Editor, Cable/Video, 5/25/2016
AT&T's Margaret Chiosi Retires
Ray Le Maistre, Editor-in-chief, 5/25/2016
Like Us on Facebook
Twitter Feed
BETWEEN THE CEOs - Executive Interviews
In this latest installment of the CEO Chat series, Craig Labovitz, co-founder and CEO of Deepfield, sits down with Light Reading's Steve Saunders in Light Reading's New York City office to discuss how Deepfield fits in with the big data trend and more.
Grant van Rooyen, president and CEO of Cologix, sits down with Steve Saunders, founder and CEO of Light Reading, in the vendor's New Jersey facility to offer an inside look at the company's success story and discuss the importance of security in the telecom industry.
Animals with Phones
Live Digital Audio

Our world has evolved through innovation from the Industrial Revolution of the 1740s to the information age, and it is now entering the Fourth Industrial Revolution, driven by technology. Technology is driving a paradigm shift in the way digital solutions deliver a connected world, changing the way we live, communicate and provide solutions. It can have a powerful impact on how we tackle some of the world’s most pressing problems. In this radio show, Caroline Dowling, President of Communications Infrastructure & Enterprise Computing at Flex, will join Women in Comms Director Sarah Thomas to discuss the impact technology has on society and how it can be a game-changer across the globe; improving lives and creating a smarter world. Dowling, a Cork, Ireland, native and graduate of Harvard Business School's Advanced Management Program, will also discuss her experience managing an international team focused on innovation in an age of high-speed change.