Hacking a Computer

Software Exploitation via Hardware Hacking

Whether you are in the financial services, health care, utilities or any other industry, this is one HOTBED issue you cannot ignore whether you are an IT, eCommerce, compliance or critical infrastructure director.  We at The Saturn Partners have many years of experience conducting testing, research, and planning for clients in the U.S. and Caribbean, staying on top of every cutting edge IT security threat since our beginnings in 2001.

The Embedded System Security effort focuses on making technologies secure from cyber threats through techniques such as penetration testing, risk management, threat analysis, and by performing applied security research. We provide embedded and wireless security testing services for customers in the areas of retail, financial services, smart grid, industrial control systems, railway control systems, mobile devices, and healthcare/medical devices.

 We specialize in embedded testing of devices and rapid development of custom testing tools for emerging communication protocols and systems. Additionally, we actively perform research in a number of security areas such as wireless protocol security, automated vulnerability testing, fuzzing, insider threats, and hardware-based-roots-of-trust. This focus ensures that we are the forefront of both offensive and defensive capabilities as it relates to secure system development and penetration testing.

Secure boot, trusted execution environments and many other security mechanisms depend on the security of the underlying hardware. What if we can break the actual hardware? And what if that’s EASIER than breaking the software?

Side channel analysis and fault injection are techniques to break various security mechanisms, allowing an attack to load arbitrary firmware code and discover secrets such as cryptographic keys and PINs from hardware and embedded software. They were first (publicly) discovered on smart cards in response to the major platforms becoming highly resistant against “software” attacks. Now that this type of security is becoming more widely understood and implemented on most embedded systems, attackers are also moving into the field of hardware attacks.

Side channel analysis is achieved by listening to and understanding the information that (hardware) channels emit when processing information. Fault injection is accomplished by forcing hardware into operating conditions outside of spec; causing a circuit to introduce errors in its computation.

Hardware Enabled Software Exploitation can be described as manipulating, modifying, debugging, reverse engineering, interacting with, and exploiting the software and hardware of embedded systems. Among other things, an intruder can, with the right skill set:

  • Conduct Bus spying, tampering, spoofing, injection (UART, SPI, I2C, USB, etc.)
  • Involve serial interfaces (UART, SPI, I2C)
  • Intruders can use JTAG surreptitiously for reverse engineering, attacks, and exploit development,   “JTAG Fuzzing”
  • They can steal Firmware non-destructively (JTAG, direct interface, serial interfaces, etc.)
  • They can Steal Firmware destructively (pulling chips from the board and reading them)
  • They can Firmware images and disassemble them
  • Conduct Firmware analysis
  • They can conduct Simple Side Channel Attacks and use them in Power Analysis and Power Side   Channel attacks.
  • They can conduct “Glitching Attacks”
  • Performa ARM Exploitation via hardware debuggers
  • Attack Low-power RF devices (Zigbee, etc.)

To speak to us about a consultation about the threats in your network or critical infrastructure environment, or to find out more about our services, visit us at www.saturnpartners.com, email us at cacrawf@saturnpartners.com

Leave a Reply