Sensitive Compartmented Information Facilities (SCIFs) represent some of the most secure environments in government, defense, and intelligence operations. These facilities are specifically designed to store, process, and discuss classified information whose compromise could result in significant national security consequences. Because of this mission, SCIFs rely on layered security controls that address not only physical access, but also acoustic, electromagnetic, and radio frequency (RF) threats that are often invisible to the naked eye.

Wireless Devices: A Persistent and Growing Threat

One of the most significant and persistent risks to SCIF security is wireless communication. Modern wireless technologies are pervasive, low-power, and highly capable. Cell phones, smart watches, tablets, laptops, and other personal electronic devices (PEDs) are prohibited inside accredited SCIFs because they continuously emit RF energy, even when they appear to be idle.

Cellular registration traffic, Bluetooth advertisements, Wi-Fi probing, and background system telemetry can all occur without user interaction. In addition, these devices contain microphones, cameras, and sensors that can be remotely activated if compromised, turning an otherwise harmless object into a covert surveillance or data exfiltration tool.

How Classified Information Can Leak Wirelessly

The danger is amplified by the fact that classified information within a SCIF is often discussed verbally and displayed visually. A single unauthorized wireless device, or an unintended RF leakage path, can allow sensitive information to escape the facility or enable adversaries to monitor activity from outside the secure perimeter. For this reason, SCIF security policies treat wireless emissions as a critical threat vector rather than a convenience tradeoff.

Why RF Leakage Is Hard to Detect

RF energy does not stop at walls or doors. Signals can leak through seams in shielding, cable penetrations, ventilation paths, power lines, or improperly bonded structural elements. Even well-designed shielding systems can develop weaknesses if installation details are overlooked.

These vulnerabilities are particularly dangerous because they are rarely obvious and may only become apparent under specific frequency or power conditions. Without deliberate testing, RF leakage can remain undetected until after a facility is occupied and operational.

The Construction Phase: The Best Time to Find Problems

The construction phase of a new SCIF is therefore the most important opportunity to identify and mitigate RF vulnerabilities. During construction or major renovation, shielding materials are accessible, penetrations can be redesigned or sealed, grounding and bonding can be corrected, and remediation can be performed at a fraction of the cost and disruption required after accreditation.

RF testing at this stage helps security teams understand what signals may unintentionally enter or exit the space, whether shielding performs as designed across relevant threat bands, and whether resonant or coupling paths exist that could be exploited.

What Is an RF Stimulus Source?

A key tool used in this process is the RF stimulus source. A stimulus source is a controlled transmitter that intentionally generates RF signals across specific frequency ranges and power levels so that shielding effectiveness and leakage paths can be evaluated.

Unlike single-frequency generators, modern wideband stimulus sources allow testing across the same diverse spectrum used by real-world wireless threats. This enables more realistic validation of SCIF defenses against contemporary espionage techniques.

The Lizard Dual-Band 1-Watt Stimulus Source

One commonly used platform is the Lizard dual-band 1-watt stimulus source. This system provides two transmit paths, with the first covering 100 to 620 MHz and the second covering 540 to 6000 MHz, both with fine 2.5 kHz tuning resolution.

The wide frequency coverage allows testing of traditional VHF and UHF threats as well as modern microwave-band technologies such as Wi-Fi, Bluetooth, and ISM-band devices. The 1-watt output level is well suited for controlled testing during construction, enabling precise leakage mapping and validation of shielding continuity without introducing unnecessary risk or interference.

The Dragon Dual-Band 5-Watt Stimulus Source

For more demanding environments, the Dragon dual-band 5-watt stimulus source is often employed. This platform also uses a two-transmitter architecture, with one transmitter covering 100 to 620 MHz and the second covering 620 to 2700 MHz, again with 2.5 kHz tuning steps.

The higher output power allows security teams to stress the shielding system more aggressively, exposing marginal seams, penetrations, or coupling paths that may not appear under lower-power conditions. This makes the Dragon particularly valuable for final pre-accreditation testing, large or complex SCIFs, and scenarios where signals must be driven through multiple barriers or across greater distances.

Why Wideband Testing Reflects Real-World Threats

Wideband stimulus sources like the Lizard and Dragon are effective because they reflect the reality of modern wireless threats. Adversaries no longer rely on a narrow set of frequencies; instead, they exploit a broad spectrum ranging from sub-GHz bands through cellular and into microwave frequencies.

Fine frequency resolution allows testers to identify narrowband devices, frequency-hopping signals, and subtle leakage paths that could otherwise be missed. The ability to transmit multiple test signals further enhances realism and confidence in the results.

Conclusion: Building RF Security In From the Start

Ultimately, SCIF security depends on more than policies and physical barriers. It requires deliberate, technically rigorous RF validation to ensure that classified information cannot be compromised through unintended wireless paths.

Conducting comprehensive RF testing during construction is one of the most effective ways to reduce long-term risk and avoid costly remediation later. Wideband stimulus sources such as the Lizard dual-band 1-watt and Dragon dual-band 5-watt platforms play a critical role in this effort, enabling security teams to identify vulnerabilities, verify shielding performance, and protect the sensitive information entrusted to SCIF environments.

The post Wireless Threats: Inside & Outside The Box appeared first on Berkeley Varitronics Systems.

In today’s hyper-connected world, where convenience and connectivity dominate both personal and professional spaces, personal electronic devices (PEDs) such as AirPods, smartphones, smart tags, and IoT gadgets have become part of our daily routine. While these devices provide productivity and ease of access in everyday life, they also pose serious security threats when introduced into environments designed to handle sensitive or classified information.

Sensitive Compartmented Information Facilities (SCIFs) and secure data centers exist to protect national secrets, critical infrastructure data, intellectual property, and confidential communications. Unfortunately, these highly protected zones are vulnerable to the silent and often underestimated threat posed by modern PEDs. What appears to be a harmless accessory—like a Bluetooth earbud—can actually be a covert surveillance tool, a wireless exfiltration device, or even a location-tracking beacon. This threat is not theoretical; it is real, growing, and requires immediate and proactive countermeasures.

SCIFs are meant to be airtight information vaults. Yet even the most secure facilities face insider risks—contractors, employees, or visitors unintentionally (or maliciously) carrying devices that can transmit wireless signals or record sensitive conversations. AirPods and similar Bluetooth-enabled devices are particularly concerning. These products contain built-in microphones that, if hijacked by malware, can secretly record and transmit audio. They also maintain Bluetooth Low Energy (BLE) connections that can facilitate data leakage, even when the devices seem dormant. In some cases, they remain invisibly connected to smartphones or tablets nearby, forming a covert link to the outside world. A June 2025 study demonstrated that smartwatches can be used to exfiltrate data from air‑gapped systems via ultrasonic channels.

Lawmakers warn of mobile phone threats in SCIFs as well. A CyberScoop article reported concerns from a bipartisan pair of lawmakers about mobile phones entering SCIFs—prompting the Senate Sergeant at Arms to track breaches. One representative recounted his phone returning from Eastern Europe with Russian malware, forcing a full wipe of the device.

Another growing concern is the rise of location-tracking tags such as Apple AirTags and Tile devices. These small gadgets continuously emit BLE signals and are commonly used for asset tracking. However, they can be exploited to track personnel, map facility layouts, or monitor patterns of movement within restricted zones. Malicious actors can discreetly place one of these tags near or on a target and gain real-time intelligence without ever setting foot inside a secure facility.

Wi-Fi and cellular-enabled devices like smartphones, tablets, and smartwatches introduce additional risk. These devices often operate across multiple frequencies, including 2.4 GHz, 5 GHz, and sub-6 GHz bands, and are capable of connecting to rogue access points or cellular networks. Even innocuous devices like fitness trackers can open side channels for information leakage via passive syncing or unauthorized data transfers.

Wearables devices such as Apple Watches are also slipping into SCIFs. Even well‑meaning cleared professionals have triggered violations simply by forgetting to remove them. An industry article highlighted how military and cleared personnel frequently enter secure zones with Apple Watches inadvertently—triggering security violations.

Thankfully, the threat posed by PEDs has not gone unnoticed at the highest levels of government and defense. A series of federal directives and compliance requirements have been enacted to mitigate these risks. The Intelligence Community Directive 705 (ICD 705) sets the physical and technical standards for SCIFs, explicitly prohibiting unauthorized PEDs and requiring strict control and monitoring of all wireless activity. The Department of Defense Manual 5200.01 reinforces the need for Technical Surveillance Countermeasures (TSCM) to detect and eliminate any devices capable of emitting or receiving unauthorized signals. Moreover, emission security guidelines from the Committee on National Security Systems (CNSS) emphasize the need to control even unintentional RF emissions, which can be just as dangerous.

These regulations make one point abundantly clear: It is not enough to ban devices by policy alone. Facilities must actively monitor, detect, and neutralize unauthorized transmissions. Security isn’t just about locking doors; it’s about being aware of what’s happening in the invisible RF spectrum all around us.

Unfortunately, ignorance isn’t a valid defense. A contractor walking into a SCIF with active AirPods or a synced smartwatch—whether knowingly or not—represents a breach. Whether data is actually leaked or not, the violation of protocol is grounds for investigation and could open the door to catastrophic losses.

This is why proactive wireless monitoring is not just useful—it’s essential. Enter the Yorkie-Pro and WallHound-Pro from Berkeley Varitronics Systems, two purpose-built tools that empower security teams to detect, identify, and respond to threats from PEDs before damage is done.

The Yorkie-Pro is a portable RF detection device that scans for Wi-Fi, Bluetooth (both BLE and classic), and cellular signals. It acts like a digital bloodhound, pinpointing the exact location of unauthorized devices using direction-finding antennas and real-time signal analysis. It doesn’t just tell you that something is wrong—it tells you where and what it is. Whether you’re conducting a routine sweep of a SCIF or investigating a suspected leak, the Yorkie-Pro provides the actionable intelligence needed to secure the environment.

On the other hand, the WallHound-Pro is designed for real-time, automated detection. Installed at entry points or high-security areas, it continuously monitors for rogue devices. When a prohibited device is detected—whether it’s BLE from a smart tag, a cellular ping from a smartwatch, or Wi-Fi emissions from a mobile hotspot—it triggers audible and visual alerts. This instant feedback allows staff to intervene immediately, preventing unauthorized devices from entering sensitive areas.

To understand the impact of these tools, imagine a scenario in which an employee unknowingly walks into a SCIF with a smartwatch still connected to their phone. That BLE connection is a live transmission that violates SCIF policy. Without monitoring tools, the violation goes undetected. But with WallHound-Pro at the door, an alert is triggered. Security staff are notified, and the device is removed before it poses a threat. Multiply this situation across hundreds of entries per day, and the value of real-time detection becomes undeniable.

In today’s threat landscape, where even the smallest device can be weaponized to steal secrets or disrupt operations, vigilance is not optional. It’s imperative. Policies are a starting point, but they must be enforced with visibility and actionable intelligence. The threats are evolving. So too must our defenses.

Tools like the Yorkie-Pro and WallHound-Pro don’t just fill a gap—they establish a new standard for proactive security. They offer SCIF managers, IT teams, and security professionals a reliable way to enforce compliance, mitigate risk, and protect what matters most.

In high-security environments, you don’t get a second chance. Once data is lost, there’s no getting it back. Don’t leave security to chance—monitor, detect, and act before it’s too late.

Want to see how these tools can protect your facility? Contact Berkeley Varitronics Systems today for a live demo at 732-548-3737 or sales@bvsystems.com.

The post PEDs: The Silent Threat to SCIFs and Secure Data Centers — And How to Fight Back appeared first on Berkeley Varitronics Systems.

On March 25, 2025, President Trump and US Secretary of Defense Pete Hegseth both denied that any classified information was leaked through the use of the Signal app, although they do not provide any evidence to explain their positions. Meanwhile, editors at The Atlantic have published the chats containing many names, places, aircraft and military targets before they were set to engage. This would obviously put US lives and strategy in danger if it were leaked into the wrong hands. At this time, it appears that only a journalist was mistakenly included in the chats and that no other non-invited parties had access to the content, but calls for a formal investigation into the matter have begun. Earlier this month, Hegseth ordered suspension of Pentagon’s offensive cyberoperations against Russia which also seemed to raise more than a few eyebrows in the security community.

Since this story is still unfolding, I feel it is more important to underline the technology in question here rather than keeping political score. However, I will say that this is not a surprise when considering past incidents involving Trump and his administration. You may recall back in 2018 when Trump posted images onto Twitter that he took with his smartphone during a classified meeting concerning Iran’s failed rocket launch. When anyone becomes comfortable with technology that is so easy to operate and share, breaks in confidentiality are inevitable. We develop, manufacture and sell wireless security tools (including cell phone detectors) to many government agencies precisely for this reason, but if best practices are not adhered to by our top leaders, it’s understandable when others also fail to adopt them.

Could this leak have been much worse than it was? Absolutely, but let’s use this security failure as a teaching moment to review the messaging platforms available to the public, US intelligence and our enemies as well. As secure messaging becomes a growing concern, it’s important to compare Signal with other major platforms like WhatsApp, Telegram, and iMessage. Each offers encryption, but their security models, metadata policies, and potential vulnerabilities vary significantly. Here’s what you need to know before choosing the right messaging app for privacy and security.

WhatsApp: The Pros and Pitfalls

WhatsApp is one of the most widely used messaging platforms, leveraging the Signal Protocol for end-to-end encryption (E2EE). Its vast user base makes global communication easy, and features like two-step verification add an extra layer of security. However, WhatsApp’s ownership by Meta raises concerns. The platform collects metadata on communication patterns and has been susceptible to spyware attacks. Additionally, backup encryption is optional, which means stored messages could be at risk if not properly secured.

Telegram: Secure or Just Convenient?

Telegram is known for its cloud-based functionality, allowing seamless access across multiple devices. It offers features like Secret Chats with E2EE, though this setting is not enabled by default. Users can also sign up anonymously with a username instead of a phone number. Despite these benefits, Telegram has significant security drawbacks. Standard chats lack end-to-end encryption, and the app relies on proprietary encryption that has not undergone extensive independent audits. Furthermore, Telegram stores metadata that could potentially be accessed by authorities.

iMessage: Apple’s Walled Garden

Apple’s iMessage provides end-to-end encryption for messages sent between Apple devices, ensuring security in transit and at rest. Two-factor authentication (2FA) enhances account protection, making it a strong choice for Apple users. However, the encryption does not extend to messages sent to non-Apple devices, which default to standard SMS. Additionally, iCloud backups can store message data unless users disable this feature. The closed-source nature of iMessage also limits external security audits, leaving some uncertainty about its overall security posture.

Signal: The Gold Standard or a Flawed Solution?

Signal is widely regarded as the most secure messaging app available today. It employs industry-leading encryption using the Signal Protocol, which ensures forward secrecy through advanced cryptographic techniques. Unlike other platforms, Signal retains minimal metadata, making it nearly impossible for third parties to trace communication patterns. As an open-source application, it is regularly audited by security professionals, further strengthening its reputation.

Despite these advantages, Signal has limitations that cybersecurity professionals should consider. One major drawback is its reliance on phone number-based registration, which makes users vulnerable to SIM-swapping attacks unless they enable Registration Lock. Additionally, while Signal’s encryption is strong, endpoint security remains a risk—if a device is compromised through malware or phishing attacks, encrypted messages can still be accessed. The app also lacks formal government security certifications such as FIPS 140-2 and Common Criteria validation, making it unsuitable for classified communications. Moreover, Signal does not offer enterprise-level features like centralized administration or compliance logging, which are essential for corporate use.

Should Cybersecurity-Focused Organizations Use Signal?

For personal use and general privacy, Signal remains one of the best choices due to its encryption, transparency, and nonprofit business model. However, organizations with strict compliance requirements should proceed with caution. Companies bound by regulations such as FISMA or NIST 800-53 may need enterprise-grade messaging solutions like Wickr, Threema, or Matrix-based platforms. Additionally, encryption alone is not enough—organizations must implement strong endpoint security policies to protect against device compromises.

The U.S. government’s recent hesitation regarding Signal underscores concerns about its suitability for classified or highly sensitive communications. While Signal offers robust privacy protections for individuals, cybersecurity professionals must weigh its vulnerabilities before adopting it as an official communication tool. As the secure messaging landscape continues to evolve, organizations should carefully assess their specific needs to choose the most appropriate platform.

The post Signals Crossed: US War Strategy Sent Directly To Journalist appeared first on Berkeley Varitronics Systems.