SCADA and Mobile Security in the IoT Era
Two years ago, we assessed 20 mobile applications that worked with ICS software and hardware. At that time, mobile technologies were widespread, but Internet of Things (IoT) mania was only starting. Our research concluded the combination of SCADA systems and mobile applications had the potential to be a very dangerous and vulnerable cocktail. In the introduction of our paper, we stated “convenience often wins over security. Nowadays, you can monitor (or even control!) your ICS from a brand-new Android [device].”
IOActive Labs: Breaking Embedded Devices (Black Hat)
IOActive researchers give you an inside view of the IOActive Labs research facilities and highlight research hacking ATMs, Segways, and skimmers.
Go Nuclear: Breaking Radiation Monitoring Devices
Radioactivity is a part of our environment; we are continuously exposed to natural radiation arising from the Earth and even from outer space. We are also exposed to artificial sources of radiation, derived from human activities. Ionizing isotopes are used across multiple sectors: agriculture, medicine, research, biochemistry, and manufacturing. The need for sophisticated devices to measure and detect the presence of radiation seems clear. Critical infrastructure, such as nuclear power plants, seaports, borders, and even hospitals, are equipped with radiation-monitoring devices. This equipment detects and prevents threats ranging from smuggling…
Hacking Robots Before Skynet
Robots are going mainstream. Similar to other new technologies, we’ve found robot technology to be insecure in a variety of ways, and that insecurity could pose serious threats to the people and organizations they operate in and around. This paper is based on our own research, in which we discovered critical cybersecurity issues in several robots from multiple vendors. We describe the currently available technology, some of the threats posed by a compromised robot, the types of cybersecurity issues we discovered, as well as security recommendations based on the findings….
Securing the Connected Car: Commonalities in Vehicle Vulnerabilities
With the Connected Car becoming commonplace in the market, vehicle cybersecurity grows more important by the year. At the forefront of this growing area of security research, IOActive has amassed real-world vulnerability data illustrating the general issues and potential solutions to the cybersecurity issues facing today’s vehicles. This paper explains the differences in testing methodologies, with recommendations on the most appropriate methods for testing connected vehicle systems. Detailed findings follow, including the impact, likelihood, overall risk, and remediation of vulnerabilities IOActive consultants have discovered over the course of thousands of…
Assessing and Exploiting XML Schema’s Vulnerabilities
Specifications for XML and XML schemas include multiple security flaws. At the same time, these specifications provide the tools required to protect XML applications. This provides a complex scenario for developers, and a fun environment for hackers. Even though we use XML schemas to define the security of XML documents, we also use them to perform a variety of attacks: file retrieval, server side request forgery, port scanning, or brute forcing. This talk will analyze how to infer new attack vectors by analyzing the current vulnerabilities, and how it is…
Remote Exploitation of an Unaltered Passenger Vehicle
Since 2010, several automotive security researchers have demonstrated the ability to inject messages into the CAN bus of a car, capable of affecting the physical systems of the vehicle. The widespread criticism of these methods as viable attack vectors was the claim that there was not a way for an attacker to inject these types of messages without close physical access to the vehicle. In this paper, Chris Valasek and Charlie Miller demonstrate that remote attacks against unaltered vehicles is possible.
An Emerging US (and World) Threat: Cities Wide Open to Cyber Attacks
Cities around the world are becoming increasingly smart, which creates huge attack surfaces for potential cyber attacks. In this paper, IOActive Labs CTO Cesar Cerrudo provides an overview of current cyber security problems affecting cities as well real threats and possible cyber attacks that could have a huge impact on cities. Cities must take defensive steps now, and Cesar offers recommendations to help them get started.
ELF Parsing Bugs by Example with Melkor Fuzzer
Too often the development community continues to blindly trust the metadata in Executable and Linking Format (ELF) files. In this paper, Alejandro Hernández walks you through the testing process for seven applications and reveals the bugs that he found. He performed the tests using Melkor, a file format fuzzer he wrote specifically for ELF files.
A Survey of Remote Automotive Attack Surfaces
By looking at each car’s remote attack surface, internal network architecture, and computer controlled features, we are able to draw some conclusions about the suitability of the vehicle to remote attack. This doesn’t mean that the most susceptible looking isn’t in fact quite secure (i.e. coded very securely) or that the most secure looking isn’t in fact trivially exploitable, but it does provide some objective measure of the security of a large number of vehicles that wouldn’t be possible to examine in detail without a massive effort. It also provides…