The Cybersecurity Information Sharing Act (CISA), a cornerstone of U.S. cybersecurity policy passed in 2015, now faces expiration on September 30, unless Congress renews it. The legislation facilitates the sharing of cyber threat intelligence (CTI) between the federal government and the private sector. It specifically provides legal cover to companies that voluntarily share threat information, encouraging collaboration and transparency without fear of regulatory or legal consequences. The faster, free exchange of information enables better detection of cyber threats, say experts, quickening response and recovery time after an attack.

In August, the FBI released a warning about two hacker groups targeting Salesforce platforms to access sensitive customer data. Over 700 companies are believed to have been affected so far. Other attacks continue to plague utilities, critical infrastructure and businesses across the private sector, with experts warning there will be no let up any time soon.

There is wide consensus of the law’s importance. The House of Representatives is considering the Widespread Information Management for the Welfare of Infrastructure and Government (WIMWIG) Act, which calls for the reauthorization of CISA 2015 for another decade.

The White House has also signaled that it is a near-term priority. National Cyber Director Sean Cairncross said earlier this month, “This law galvanized our collaboration a decade ago, and the White House understands the advantages and liability protections this legislation provides.” He added that he is “actively working” with Congress on reauthorization.

House Republicans have included a short-term extension of CISA 2015 to a stopgap government funding bill that would sustain the law through November 21, giving a little more time to finalize longer-term reauthorization.

Sign up for the Cyber Initiatives Group Sunday newsletter, delivering expert-level insights on the cyber and tech stories of the day – directly to your inbox. Sign up for the CIG newsletter today.

A Pillar to Public-Private Collaboration

A number of notable cybersecurity experts with experience spanning multiple administrations noted at this week’s Cyber Initiatives Group Fall Summit that the measure is critical to U.S. cybersecurity. Executive Assistant Director for Cyber at CISA, Nick Andersen described the legislation as “foundational” for information sharing. He warned that without the liability protections provided under the law, private companies may hesitate to share critical threat intelligence information with the government.

“[If] we’re not able to provide some assurance that somebody can share information with us, whether it is a threat indicator or as a defensive measure, that their exercise within their own environment … won’t expose them to regulatory or legal risk, that makes it a lot harder for us to all do our jobs,” Andersen said.

“Getting CISA 2015 reauthorized is such a key priority for us as an agency and should really be a priority for all of us interacting with the critical infrastructure owner and operator community day to day,” said Andersen.

The bulk of the U.S. cyberattack surface is privately owned, leaving companies on the front lines of defense. Gloria Glaubman, who served as Senior Cyber Advisor at the U.S. Embassy in Tokyo, noted that “most of the target surface is owned by private industry… So they're the ones that first detect the state sponsored campaigns and we are relying on them to have robust security architecture.”

Experts also stress that private companies are often not equipped with the cyber expertise needed to respond quickly enough to an intrusion. And the threats are getting even harder to spot. Speaking on threats from China, like Volt and Salt Typhoon, Glaubman noted: “They’re using legitimate tools, routers, vendor gear rather than noisy custom malware. And that’s completely different from what we’ve seen in the past, which allows them again to live off the land, which makes it hard to detect.”

Matt Hayden, former Assistant Secretary for Cyber, Infrastructure, Risk and Resilience Policy at DHS, said companies need to ask themselves: “Can they react when given nuanced threat intel dynamically, quickly … Can you actually generate a time to detect, a time to respond when provided with authentic CTI-based data on the enterprises you manage and control?”

“If we’re talking in days or weeks of CTI data being provided to a CISO, and they’re still checking patches and assessing their environment, they’re the ‘have nots’,” Hayden said. “You really have a preparedness challenge from the defender’s perspective.”

It is here that CISA 2015 comes in, say the experts, allowing private companies to share the needed information to enable the government to counter and publicize the threat.

Beyond Information Sharing

Experts say the conversation must extend beyond sharing threat intelligence to include rethinking how we view targeted companies. There are still fears that companies will be penalized for having systems that are vulnerable to cyber intrusions, which creates conflicting pressure that may stop them from sharing information with the government and asking for help. John Carlin, former Acting Deputy U.S. Attorney General, emphasized that when a U.S. company is targeted by a nation-state actor, “we must treat the U.S. company as a victim … but it is not baked into our legal regulatory framework.”

“It’s still too often the case that at the same time they’re getting help from some government agencies, others are looking to punish the victim,” Carlin said. “The cost of that in terms of impeding… sharing information is too high given the threat that we face.”

General Timothy Haugh (Ret.), former NSA Director and Commander of U.S. Cyber Command, argued during an interview at the summit that true cybersecurity resilience requires more than rapid information sharing, but real whole-of-society cooperation. “We need to evaluate public-private partnerships not just by how much information is shared, but by how they make us more secure as a nation,” he said. “Where can industry receive assurances that if they collaborate with the federal government for a nation state hacking activity, how can they get some form of protection when they share that information that won't be used for a response from certain regulatory bodies?”

“There's that conversation not about information sharing as a metric,” Haugh said, “but as security of our nation and security of intellectual property, denial of foreign intelligence collection, and securing our critical infrastructure.”

Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

Welcome back, my aspiring cyberwarriors!

The quick answer is “Yes!”.

It might seem like science fiction, but now we have the capability to “see” through walls and track the location and movement of targets. This is thanks to new technological developments in both artificial intelligence and SDR. Remember, Wi-Fi is simply sending and receiving radio signals at 2.45Ghz. If an object is in the way of the signal, it bounces, bends and refracts the signal. This perturbing of the signal can be very complex but advances in machine learning (ML) and AI now make it possible to to collect and track those changes in the signal and determine if it’s a human, dog, or an intruder. This is the beginning of something exciting, and quite possibly, malicious.

This is one more reason why we say that SDR (Signals Intelligence) for Hackers is the leading edge of cybersecurity!

The Science Behind Wi-Fi Sensing

How It Works

• Wi-Fi signals are electromagnetic waves that can pass through common wall materials like drywall, wood, and even concrete (with some signal loss).
• When these signals encounter objects, especially humans, they reflect, scatter, and diffract.
• By analyzing how Wi-Fi signals bounce back, it’s possible to detect the presence, movement, and even the shape of people behind walls.

Key Concepts

• Phase and Amplitude: The changes in phase and amplitude of the Wi-Fi signal carry information about what the signal has encountered.
• Multipath Propagation: Wi-Fi signals reflect off multiple surfaces, producing a complex pattern that can be decoded to reveal movement and location.
• DensePose & Neural Networks: Modern systems use AI to map Wi-Fi signal changes to specific points on the human body, reconstructing pose and movement in 3D.

The Hardware

You don’t need military-grade gear. Here’s what’s commonly used:

• Standard Wi-Fi Routers: Most experiments use commodity routers with multiple antennas.
• Software-Defined Radios (SDRs): For more control and precision, SDRs like the HackRF or USRP can be used (see our tutorials and trainings on SDR for Hackers)
• Multiple Antennas: At least two, but three or more improves accuracy and resolution.

The Software

Data Collection

• Transmit & Receive: One device sends out Wi-Fi signals, another listens for reflections.
• Channel State Information (CSI): This is the raw data showing how signals have changed after bouncing off objects.

Processing

• Signal Processing: Algorithms filter out static objects (walls, furniture) and focus on moving targets (people).
• Neural Networks: AI models such as DensePose map signal changes to body coordinates, reconstructing a “pose” for each detected person

Wi-Fi Sensing in Action

Step 1: Set Up Your Equipment

• Place a Wi-Fi transmitter and receiver on opposite sides of the wall.
• Ensure both devices can log CSI data. Some routers can be flashed with custom firmware (e.g., OpenWRT) to access this.

Step 2: Collect CSI Data

• Use tools like Atheros CSI Tool or Intel 5300 CSI Tool to capture the raw signal data.
• Move around on the far side of the wall to generate reflections.

Step 3: Process the Data

• Use Python libraries or MATLAB scripts to process the CSI data.
• Apply filters to remove noise and static reflections.
• Feed the cleaned data into a pre-trained neural network (like DensePose) to reconstruct human poses

Step 4: Visualize the Results

• The output can be a 2D or 3D “stick figure” or heatmap showing where people are and how they’re moving.
• Some setups can even distinguish between individuals based on movement patterns.

Limitations and Considerations

• Wall Material: Thicker or metal-reinforced walls reduce accuracy.
• Privacy: This technology raises major privacy concerns—anyone with the right tools could potentially “see” through your walls.
• Legality: Unauthorized use of such technology may violate laws or regulations.

Real-World Applications

• Security: Detecting intruders or monitoring restricted areas. Companies like TruShield are offering commercial home security systems based upon this technology.
• Elder Care: Monitoring movement for safety without cameras.
• Smart Homes: Automating lighting or HVAC based on occupancy.
• Law Enforcement: Law enforcement agencies can detect and track suspects in their homes
• Intelligence Agencies: Can Use this technology to track spies or other suspects.

Summary

Wi-Fi sensing is a powerful, rapidly advancing field. With basic hardware (HackRF) and open-source tools, it’s possible to experiment with through-wall detection. This opens a whole new horizon in Wi-Fi Hacking and SDR for Hackers.

For more on this technology, attend our upcoming Wi-Fi Hacking training, July 22-24. If you are interested in building this device, look for our 2026 SDR for Hackers training.

As always, use this knowledge responsibly and be aware of the ethical and legal implications.

The post Can Hackers “See” Inside Your Home Using Wi-Fi to Track Your Location and Movement? first appeared on Hackers Arise.