Thought leaders in information security, we conduct radical, world-changing research and deliver renowned presentations around the world.
Library | COLLATERAL, RESEARCH | September 20, 2023

Commonalities in Vehicle Vulnerabilities | 2022 Decade Examination | Samantha Beaumont

With the connected car now commonplace in the market, automotive cybersecurity has become the vanguard of importance as it relates to road user safety. At the forefront of transportation cybersecurity research, IOActive has amassed over a decade of real-world vulnerability data illustrating the issues and potential solutions to cybersecurity threats today’s vehicles face. This analysis is a major update and follow-up to IOActive’s paper on vehicle vulnerabilities originally published in 2016 and updated in 2018. The goal of…

Library | COLLATERAL | August 28, 2023

IOActive Silicon Security Services

Our silicon security team helps risk managers, product owners, designers, and cybersecurity professionals understand and manage the emerging risks of silicon-level and hardware-based supply chain attacks.  IOActive has spent over two decades at the forefront of cybersecurity research and providing critical security services fueled by the research. As the security of systems (and systems of systems) increasingly depends upon proper hardware security design and implementation, we have invested in honing silicon-level attack techniques that complement the advanced expertise we have long developed in identifying the embedded-device, side-channel, and fault-injection attacks. …

Launch PDF
Library | COLLATERAL, WHITEPAPER | August 8, 2023

Shuffle Up and Deal: Analyzing the Security of Automated Card Shufflers | Joseph Tartaro, Enrique Nissim, Ethan Shackelford

Joseph Tartaro, Principal Security Consultant, Enrique Nissim, Principal Security Consultant, and Ethan Shackelford, Associate Principal Security Consultant, conducted a comprehensive analysis of the security aspects of ShuffleMaster’s Deck Mate 1 (DM1) and Deck Mate 2 (DM2) automated shuffler machines. Primarily used at poker tables, these machines are widely adopted by casinos and cardrooms and are commonly used in private games. While the primary objective of these devices is to enhance game speed by assisting dealers in shuffling, they also ensure security through various deck checks, and their control over the…

Open Whitepaper
Joseph Tartaro Enrique Nissim & Ethan Shackelford
Library | WHITEPAPER | June 13, 2023

Drone Security and Fault Injection Attacks | Gabriel Gonzalez

Gabriel Gonzalez, IOActive Director of Hardware Security presents full technical detail of his research into drone security and side-channel/fault injection attacks in this whitepaper. The use of Unmanned Aerial Vehicles (UAVs), commonly referred to as drones, continues to grow. Drones implement varying levels of security, with more advanced modules being resistant to typical embedded device attacks. IOActive’s interest is in developing one or more viable Fault Injection attacks against hardened UAVs. This paper covers IOActive’s work in setting up a platform for launching side-channel and fault injection attacks using a…

Gabriel Gonzalez
Library | WHITEPAPER | September 9, 2022

NFC Relay Attack on Tesla Model Y

Josep Pi Rodriguez, Principal Security Consultant, walks you through the proof-of-concept and technical details of exploitation for IOActive’s recent NFC relay attack research on the newest Tesla vehicle, the Model Y. To successfully carry out the attack, IOActive reverse-engineered the NFC protocol Tesla uses between the NFC card and the vehicle, and we then created custom firmware modifications that allowed a Proxmark RDV4.0 device to relay NFC communications over Bluetooth/Wi -Fi using the Proxmark’s BlueShark module. It’s well-known in the vehicle security industry that NFC relay attacks (as well as…

Launch PDF
Josep Pi Rodriguez
Library | PRESENTATION | August 17, 2022

Vulnerability and Patch Management: Every Day is a Zero Day

SC Media on-demand presentation | John Sheehy, SVP of Research and Strategy, participated as a panelist on the CyberRisk Alliance’s eSummit live broadcast.Patch management can be an especially precarious proposition when you’re operating in a work environment where machines and devices must constantly remain operational. Hospitals, factories and power plants are among the many examples of settings where security professionals need to “keep the lights on,” even as they strive to ensure that software and hardware are hardened against the latest vulnerabilities and exploits. The discussion focused on the…

Register to access
John Sheehy
Library | WHITEPAPER | April 19, 2022

Reverse Engineering of DAL-A Certified Avionics: Collins’ Pro Line Fusion—AFD-3700

Ruben Santamarta, IOActive Security Researcher, presents a highly technical and detailed look into reverse engineering the DAL-A Certified Avionics: Collins’ Pro Line Fusion—AFD-3700. Modern avionic systems are designed according to the Integrated Modular Avionics concept. Under this paradigm, safety-certified avionic applications and non-critical airborne software share the same computing platform but are running at different partitions. In this context the underlying safety-critical certified RTOS provides the logical isolation, which should prevent unintended interactions between software with different criticalities. This paper provides a comprehensive analysis of the architecture and vulnerabilities found…

Launch PDF
Ruben Santamarta
Library | WHITEPAPER | April 5, 2022

Cyberattacks on SATCOM: Understanding the Threat

In 2014, Ruben Santamarta, Principal Security Consultant with IOActive, published a whitepaper titled “A Wake-up Call for SATCOM Security.” It detailed the discovery of an exceptionally weak security posture across a number of SATCOM terminals from a range of manufacturers. Four years later in 2018, Ruben published a follow up titled “Last Call for SATCOM Security” which detailed a thorough investigation into the security of SATCOM equipment across the Aviation, Maritime, and Military industries. In light of the cyberattacks at the start of the war…

Launch PDF
Ethan Shackelford
Library | WHITEPAPER | February 7, 2022

Facial Recognition Security Research

IOActive, Inc. (IOActive) has conducted extensive research and testing of facial recognition systems on commercial mobile devices. Our testing lab includes testing setups for 2D- and 3D-based algorithms, including technologies using stereo IR cameras. For each of the different technologies, we first try to understand the underlying algorithms and then come up with creative and innovative setups to bypass them. Once an unlock is achieved, we calculate the Spoof Acceptance Rate (SAR), as described in the Measuring Biometric Unlock Security” section of the Android Compatibility Definition Document.1 This metric allows…

Launch PDF
Gabriel Gonzalez & Alejo Moles

Commonalities in Vehicle Vulnerabilities

2022 Decade Examination Update | With the connected car now commonplace in the market, automotive cybersecurity has become the vanguard of importance as it relates to road user safety. IOActive has amassed over a decade of real-world vulnerability data illustrating the issues and potential solutions to cybersecurity threats today’s vehicles face.

This analysis is a major update and follow-up to the vehicle vulnerabilities report originally published in 2016 and updated in 2018. The goal of this 2022 update is to deliver current data and discuss how the state of automotive cybersecurity has progressed over the course of 10 years, making note of overall trends and their causes.