UCF STIG Viewer Logo

SC-40 WIRELESS LINK PROTECTION


Overview

Number Title Impact Priority Subject Area
SC-40 Wireless Link Protection P0 System And Communications Protection

Instructions
The information system protects external and internal Assignment: organization-defined wireless links from Assignment: organization-defined types of signal parameter attacks or references to sources for such attacks.
Guidance
This control applies to internal and external wireless communication links that may be visible to individuals who are not authorized information system users. Adversaries can exploit the signal parameters of wireless links if such links are not adequately protected. There are many ways to exploit the signal parameters of wireless links to gain intelligence, deny service, or to spoof users of organizational information systems. This control reduces the impact of attacks that are unique to wireless systems. If organizations rely on commercial service providers for transmission services as commodity items rather than as fully dedicated services, it may not be possible to implement this control.

Enhancements
SC-40 (1) Electromagnetic Interference
This control enhancement protects against intentional jamming that might deny or impair communications by ensuring that wireless spread spectrum waveforms used to provide anti-jam protection are not predictable by unauthorized individuals. The control enhancement may also coincidentally help to mitigate the effects of unintentional jamming due to interference from legitimate transmitters sharing the same spectrum. Mission requirements, projected threats, concept of operations, and applicable legislation, directives, regulations, policies, standards, and guidelines determine levels of wireless link availability and performance/cryptography needed.

The information system implements cryptographic mechanisms that achieve Assignment: organization-defined level of protection against the effects of intentional electromagnetic interference.

SC-40 (2) Reduce Detection Potential
This control enhancement is needed for covert communications and protecting wireless transmitters from being geo-located by their transmissions. The control enhancement ensures that spread spectrum waveforms used to achieve low probability of detection are not predictable by unauthorized individuals. Mission requirements, projected threats, concept of operations, and applicable legislation, directives, regulations, policies, standards, and guidelines determine the levels to which wireless links should be undetectable.

The information system implements cryptographic mechanisms to reduce the detection potential of wireless links to Assignment: organization-defined level of reduction.

SC-40 (3) Imitative Or Manipulative Communications Deception
This control enhancement ensures that the signal parameters of wireless transmissions are not predictable by unauthorized individuals. Such unpredictability reduces the probability of imitative or manipulative communications deception based upon signal parameters alone.

The information system implements cryptographic mechanisms to identify and reject wireless transmissions that are deliberate attempts to achieve imitative or manipulative communications deception based on signal parameters.

SC-40 (4) Signal Parameter Identification
Radio fingerprinting techniques identify the unique signal parameters of transmitters to fingerprint such transmitters for purposes of tracking and mission/user identification. This control enhancement protects against the unique identification of wireless transmitters for purposes of intelligence exploitation by ensuring that anti-fingerprinting alterations to signal parameters are not predictable by unauthorized individuals. This control enhancement helps assure mission success when anonymity is required.

The information system implements cryptographic mechanisms to prevent the identification of Assignment: organization-defined wireless transmitters by using the transmitter signal parameters.