An Investigation into Long Range Detection of Passive UHF RFID Tags

Radio frequency identification tags (RFID) have been in use for a number of years, in a variety of applications. They are a small computer chip like device that can range in size from a thumbnail to a credit card size device. They consist of a small silicon chip, and an antenna used to receive and transmit data. When a tag receives a signal from a valid reader it sends a response, typically a tag ID and any other requested/available data back to the reader device. The newer range of RFID chips that are coming into use now use higher frequencies (UHF) and are able to be detected, or transmitted to, from longer distances (1 – 10 m) with a conventional handheld reader. This increased distance alone presents many opportunities for users and misusers alike. These include but are not limited to passive scanning/sniffing of information in transit, deception, disruption of signal, and injection of malicious or false data into the broadcast envelope. There is no evidence currently in the literature of long-range scans or attacks on UHF RFID tag or supporting infrastructure. Given that these tags are now being used in military applications, an improved understanding of their vulnerabilities from long range scanning techniques will contribute to national security. An understanding of the long range scanning potential of these devices also will allow further study into the possible misuse of RFID technology in society by governments, business and individuals

EAVESDROPPING ON THE SMART GRID

An in-situ deployment of smart grid technology, from meters through to access points and wider grid connectivity, was examined. The aim of the research was to determine what vulnerabilities were inherent in this deployment, and what other consideration issues may have led to further vulnerability in the system. It was determined that there were numerous vulnerabilities embedded in both hardware and software and that configuration issues further compounded these vulnerabilities. The cyber threat against critical infrastructure has been public knowledge for several years, and with increasing awareness, attention and resource being devoted to protecting critical in the structure, it is concerning that a technology with the potential to create additional attack vectors is apparently insecure