How everything can be hacked Safety-critical Nick Kofinas Devices
The Stuxnet Worm(s) • Most of the following are “Maybes” • Main target: Iranian nuclear program • Main physical targets • Centrifuge devices • PLC controllers
The Stuxnet Worm(s) • Two actual versions of the Worm • First: sabotage over time • Second: brutal sabotage • Most infected computers in Iran • Very sophisticated worm
First variant • Only official report is in the article on “Foreign Policy” • Designed specifications: • Manual installation • Damage over time • Remain undetected
Second variant • Spread everywhere • Designed specifications: • Copy itself • Immediate sabotage
How it works http://en.wikipedia.org/wiki/Stuxnet
How it works • 4 zero-day vulnerabilities • All of them on windows • Tries to locate step-7 • Copy itself 3 times
Who build it? • Sort answer: No one knows • Zero-day vulnerability = thousand of $ • Probably US or Israel
Is their anything safe? • Stuxnet showed that everything can be hacked • Era of internet of things • What can an external attacker control? • (Sort answer: everything if he has money)
What about our cars? • New car models have more and more cool “stuff” • ABS, ASP, DRL are standard to all models • Radio • Bluetooth • Navigation • Emergency assistance • A lot more
Main bus • All devices connected to a single bus • Cars’ “brain” also in the same bus • Remote I/O for some devices • Bluetooth • Connectivity to iPod/iPhone • Remote assistance
An example http://blog.caranddriver.com/hacking-duo-explores-scary-potential-for-wireless-car-hacking-names-most-and-least-hackable-cars/
Examples • “Direct attacks” • OBD-II port • Hacked into the equipment • Gain control of a PC into the service area
Examples • Remote attacks • Malware wav file into CD • Overflow buffers of the Bluetooth implementation • Overflow buffers of the Remote assistance • Overflow buffers of the iPod connectivity device
Lessons Learned • If some students can do that then the problem is serious • Most of the fixes were straightforward • Most of the bugs were in Glue Code
What about Pacemakers • Pacemakers help patients to have a normal life • Older models required surgery to be reprogrammed • Newer ones capable of remote reprogramming
What can go wrong? • An attacker can take full control of it • Aquire personal information • Change the behavior of the pacemaker • Initiate fatal accident
Remote access protection • Common solution: Passwords • What problems can you think? • Ideas to solve these problems?
Proposed Solutions Patients, Pacemakers, and Implantable Defibrillators: Human Values and Security for Wireless Implantable Medical Devices
Interviews • Interviewed 11 people • None of the solutions where favored • They provide interesting counter-ideas “I’m not gonna-, I think it’s ridiculous to worry about the security of it...Anybody that wants to • get to me that bad, be my guest.”
Conclusion • Security against hacking is difficult • Programmers of sensitive devises must be careful
Recommend
More recommend
