Following the news that Rapid7 announced an extension for Metasploit’s hardware bridge for radio frequency testing, giving security teams the ability to perform broader assessment of a company’s true security posture. Craig Smith, Transportation Research Lead at Rapid7 commented below.
Craig Smith, Transportation Research Lead at Rapid7:
“With the latest addition to Metasploit – the RFTransceiver – teams can test physical security controls to better understand foreign IoT devices. The importance of RF testing will continue to escalate as the IoT ecosystem further expands.
As IoT devices continue to permeate our lives, it is becoming inevitable that they are finding their way onto corporate networks. These devices can be plagued with vulnerabilities and aren’t always easiest to find and test. Furthermore, thinking of today’s wireless spectrum, testing only by Ethernet connection increases the risk in missing wireless vulnerabilities. Chances are companies and their employees are using many other radio frequencies (RFs) outside of the standard 802.11 network for various reasons, which begs the question around what about the rest of the wireless spectrum?”