Safety-critical Nick Kofinas Devices The Stuxnet Worm(s) Most of - - PowerPoint PPT Presentation

safety critical
SMART_READER_LITE
LIVE PREVIEW

Safety-critical Nick Kofinas Devices The Stuxnet Worm(s) Most of - - PowerPoint PPT Presentation

Nov 10, 2022 177 likes •405 views

How everything can be hacked Safety-critical Nick Kofinas Devices The Stuxnet Worm(s) Most of the following are Maybes Main target: Iranian nuclear program Main physical targets Centrifuge devices PLC controllers The

slide-1
SLIDE 1

How everything can be hacked

Safety-critical Devices

Nick Kofinas

slide-2
SLIDE 2

The Stuxnet Worm(s)

  • Most of the following are “Maybes”
  • Main target: Iranian nuclear program
  • Main physical targets
  • Centrifuge devices
  • PLC controllers
slide-3
SLIDE 3

The Stuxnet Worm(s)

  • Two actual versions of the Worm
  • First: sabotage over time
  • Second: brutal sabotage
  • Most infected computers in Iran
  • Very sophisticated worm
slide-4
SLIDE 4

First variant

  • Only official report is in the article on “Foreign Policy”
  • Designed specifications:
  • Manual installation
  • Damage over time
  • Remain undetected
slide-5
SLIDE 5

Second variant

  • Spread everywhere
  • Designed specifications:
  • Copy itself
  • Immediate sabotage
slide-6
SLIDE 6

How it works

http://en.wikipedia.org/wiki/Stuxnet

slide-7
SLIDE 7

How it works

  • 4 zero-day vulnerabilities
  • All of them on windows
  • Tries to locate step-7
  • Copy itself 3 times
slide-8
SLIDE 8

Who build it?

  • Sort answer: No one knows
  • Zero-day vulnerability = thousand of $
  • Probably US or Israel
slide-9
SLIDE 9

Is their anything safe?

  • Stuxnet showed that everything can be hacked
  • Era of internet of things
  • What can an external attacker control?
  • (Sort answer: everything if he has money)
slide-10
SLIDE 10

What about our cars?

  • New car models have more and more cool “stuff”
  • ABS, ASP, DRL are standard to all models
  • Radio
  • Bluetooth
  • Navigation
  • Emergency assistance
  • A lot more
slide-11
SLIDE 11

Main bus

  • All devices connected to a single bus
  • Cars’ “brain” also in the same bus
  • Remote I/O for some devices
  • Bluetooth
  • Connectivity to iPod/iPhone
  • Remote assistance
slide-12
SLIDE 12

An example

http://blog.caranddriver.com/hacking-duo-explores-scary-potential-for-wireless-car-hacking-names-most-and-least-hackable-cars/

slide-13
SLIDE 13

Examples

  • “Direct attacks”
  • OBD-II port
  • Hacked into the equipment
  • Gain control of a PC into the service area
slide-14
SLIDE 14

Examples

  • Remote attacks
  • Malware wav file into CD
  • Overflow buffers of the Bluetooth implementation
  • Overflow buffers of the Remote assistance
  • Overflow buffers of the iPod connectivity device
slide-15
SLIDE 15

Lessons Learned

  • If some students can do that then the problem is serious
  • Most of the fixes were straightforward
  • Most of the bugs were in Glue Code
slide-16
SLIDE 16

What about Pacemakers

  • Pacemakers help patients to have a normal life
  • Older models required surgery to be reprogrammed
  • Newer ones capable of remote reprogramming
slide-17
SLIDE 17

What can go wrong?

  • An attacker can take full control of it
  • Aquire personal information
  • Change the behavior of the pacemaker
  • Initiate fatal accident
slide-18
SLIDE 18

Remote access protection

  • Common solution: Passwords
  • What problems can you think?
  • Ideas to solve these problems?
slide-19
SLIDE 19

Proposed Solutions

Patients, Pacemakers, and Implantable Defibrillators: Human Values and Security for Wireless Implantable Medical Devices

slide-20
SLIDE 20

Interviews

  • Interviewed 11 people
  • None of the solutions where favored
  • They provide interesting counter-ideas
  • “I’m not gonna-, I think it’s ridiculous to worry about the security of it...Anybody that wants to

get to me that bad, be my guest.”

slide-21
SLIDE 21

Conclusion

  • Security against hacking is difficult
  • Programmers of sensitive devises must be careful