Light Dark
August 5, 2013 By Chris Poulin 3 min read
Advanced Threats
Endpoint
Healthcare

Security Vulnerabilities that Cross the Physical Divide to Compromise Cars, Pacemakers, Mobile Phones, and ATMs

With Blackhat USA behind us and Defcon in its full throes, there seems to be a trend away from purely digital hacks and toward physical devices. These include cars and implantable medical devices. To be fair, physical world security has been trending for a few years, including demonstrations of how to hack an ATM and smart meters.

I’ve been interested in the intersection of digital and physical security for over a decade and hacked into my BMW in 2008, partly to troubleshoot a problem with my navigation system, but also just to scope out the landscape. I had to build a serial (RS 232) adapter with a breadboard and solid state components to jack my laptop into the wiring harness, and my soldering iron skills leave one with the impression of kindergarten artwork, but it worked. And yet my project was completely occluded by much of the research you can find with a simple Google search.

In that spirit, I’ve assembled nineteen links to research that cross the divide from some guy at the keyboard of his Linux PC in his parent’s basement, dressed in only flip-flops and pajama bottoms, and rebuilding his Linux pentesting platform for the hundredth time this month, to those pioneers with the  smarts to break out oscilloscopes and the dexterity to disassemble the dashboard of a Prius. Please to enjoy this smorgasbord of articles, research papers, and videos:

 

Automobile Hacking / Vulnerabilities

1. Watch Hackers Hack into Toyota Prius, Ford Escape

2. Hacking into cars via the wireless Tire Pressure Monitoring System (TPMS)

3. Comprehensive Experimental Analyses of Automotive Attack Surfaces

4. Police ‘stumped’ by car thefts using electronic skeleton key

The following is not technically automobile hacking—nor marine craft hacking—but it vaguely fits into the category of how to compromise a technology, navigation, that transportation systems of all types have come to rely on.

5. Texas students fake GPS signals and take control of an $80 million yacht

 

Medical Device Hacking / Vulnerabilities

6. Black hat hacker can remotely attack insulin pumps and kill people

7. Yes, You Can Hack A Pacemaker (And Other Medical Devices Too)

8. FDA Safety Communication: Cybersecurity for Medical Devices and Hospital Networks

9. Medical Devices Hard-Coded Passwords

As a side note, Barnaby Jack, security researcher for IOActive, was a star in hacking physical devices, including medical implants and ATMs. His recent death at the age of 35 is sad and a great loss for the security community.

 

Misc Device Hacking / Vulnerabilities

10. ATM hack gives cash on demand

11. IOActive Smart Meter Worm PoC

12. Remotely listen in via hacked VoIP phones

13. Your Smartphone Can Photograph You, and Share the Pictures, Without Your Knowledge

14. Rooting exploit could turn Google Glass into secret surveillance tool

 

Microchip Hacking /  Vulnerabilities / Backdoors

15. SIM Cards Have Finally Been Hacked, And The Flaw Could Affect Millions Of Phones

16. Backdoor found in popular FPGA chip

 

And Old School Lock Picking + A Vulnerability in Card Key Hotel-Style Locks

17. Lock Picking 101 • Forum for Lock Picking, Locks, Safes, Picks and Locksmiths

18. Reverse engineer the master key given access to a single tenant (sub-key) lock and key

19. Hotel Lock Hack Still Being Used In Burglaries, Months After Lock Firm’s Fix

 

This is just a sampler buffet of physical security goodness. Please share your links in the comments below and I’ll assemble a web page with as complete a set of listings as I can.

 

 |  |  |  |  |  | 
Chris Poulin
Research Strategist, X-Force R&D, IBM

More from Advanced Threats
November 6, 2023

GootBot – Gootloader’s new approach to post-exploitation

8 min read - IBM X-Force discovered a new variant of Gootloader — the "GootBot" implant — which facilitates stealthy lateral movement and makes detection and blocking of Gootloader campaigns more difficult within enterprise environments. X-Force observed these campaigns leveraging SEO poisoning, wagering on unsuspecting victims' search activity, which we analyze further in the blog. The Gootloader group’s introduction of their own custom bot into the late stages of their attack chain is an attempt to avoid detections when using off-the-shelf tools for C2…

August 2, 2022

Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

4 min read - You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s network, unbeknownst to the security team. The post highlighted why threat hunting should be a baseline activity in any environment. Before you can embark on a threat hunting exercise, however, it’s important to understand how to build, implement and mature a repeatable, internal threat hunting program. What are the components…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature