Malicious Reconfigurable Intelligent Surfaces: How Impactful can Destructive Beamforming be?

Reconfigurable intelligent surfaces (RISs) have demonstrated significant potential for enhancing communication system performance if properly configured. However, a RIS might also pose a risk to the network security. In this letter, we explore the impact of a malicious RIS on a multi-user multiple-input single-output (MISO) system when the system is unaware of the RIS's malicious intentions. The objective of the malicious RIS is to degrade the \ac{SNR} of a specific \ac{UE}, with the option of preserving the SNR of the other UEs, making the attack harder to detect. To achieve this goal, we derive the optimal RIS phase-shift pattern, assuming perfect channel state information (CSI) at the hacker. We then relax this assumption by introducing CSI uncertainties and subsequently determine the RIS's phase-shift pattern using a robust optimization approach. Our simulations reveal a direct proportionality between the performance degradation caused by the malicious RIS and the number of reflective elements, along with resilience toward CSI uncertainties.