Category Archives for "Technology"

Software Exploitation via Hardware Hacking

Whether you are in the financial services, health care, utilities or any other industry, this is one HOTBED issue you cannot ignore whether you are an IT, eCommerce, compliance or critical infrastructure director.  We at The Saturn Partners have many years of experience conducting testing, research, and planning for clients in the U.S. and Caribbean, staying on top of every cutting edge IT security threat since our beginnings in 2001.

The Embedded System Security effort focuses on making technologies secure from cyber threats through techniques such as penetration testing, risk management, threat analysis, and by performing applied security research. We provide embedded and wireless security testing services for customers in the areas of retail, financial services, smart grid, industrial control systems, railway control systems, mobile devices, and healthcare/medical devices.

 We specialize in embedded testing of devices and rapid development of custom testing tools for emerging communication protocols and systems. Additionally, we actively perform research in a number of security areas such as wireless protocol security, automated vulnerability testing, fuzzing, insider threats, and hardware-based-roots-of-trust. This focus ensures that we are the forefront of both offensive and defensive capabilities as it relates to secure system development and penetration testing.

Secure boot, trusted execution environments and many other security mechanisms depend on the security of the underlying hardware. What if we can break the actual hardware? And what if that’s EASIER than breaking the software?

Side channel analysis and fault injection are techniques to break various security mechanisms, allowing an attack to load arbitrary firmware code and discover secrets such as cryptographic keys and PINs from hardware and embedded software. They were first (publicly) discovered on smart cards in response to the major platforms becoming highly resistant against “software” attacks. Now that this type of security is becoming more widely understood and implemented on most embedded systems, attackers are also moving into the field of hardware attacks.

Side channel analysis is achieved by listening to and understanding the information that (hardware) channels emit when processing information. Fault injection is accomplished by forcing hardware into operating conditions outside of spec; causing a circuit to introduce errors in its computation.

Hardware Enabled Software Exploitation can be described as manipulating, modifying, debugging, reverse engineering, interacting with, and exploiting the software and hardware of embedded systems. Among other things, an intruder can, with the right skill set:

  • Conduct Bus spying, tampering, spoofing, injection (UART, SPI, I2C, USB, etc.)
  • Involve serial interfaces (UART, SPI, I2C)
  • Intruders can use JTAG surreptitiously for reverse engineering, attacks, and exploit development,   “JTAG Fuzzing”
  • They can steal Firmware non-destructively (JTAG, direct interface, serial interfaces, etc.)
  • They can Steal Firmware destructively (pulling chips from the board and reading them)
  • They can Firmware images and disassemble them
  • Conduct Firmware analysis
  • They can conduct Simple Side Channel Attacks and use them in Power Analysis and Power Side   Channel attacks.
  • They can conduct “Glitching Attacks”
  • Performa ARM Exploitation via hardware debuggers
  • Attack Low-power RF devices (Zigbee, etc.)

To speak to us about a consultation about the threats in your network or critical infrastructure environment, or to find out more about our services, visit us at www.saturnpartners.com, email us at cacrawf@saturnpartners.com

The Saturn Partners … Securing Your World since 2001

Finding the Right IT Security Partner and Solution for You

The sophistication of the technology and tactics used by online criminals—and their nonstop attempts to breach network security and steal data—have outstripped the ability of IT and security professionals to address threats. Most organizations do not have the people or the systems to monitor their networks consistently and to determine how they are being infiltrated.

The security talent shortage makes this problem worse: even when budgets are generous, CISOs struggle to hire people with up-to-date security skills. It’s estimated that by 2020, the industry will still be short more than 12 million security professionals across the globe. Also in short supply are security professionals with data science skills—understanding and analyzing security data can help improve alignment with business objectives.

CISOs struggle to hire people with up-to-date security skills.  The Saturn Partners, Inc., founded in 2001, began its existence at the very core of the security equation:  Writing much needed network security policies for banks, hospitals, utilities and other markets facing regulatory crackdowns on the handling, processing and transport of sensitive electronic data and traffic.

With services ranging from vulnerability and penetration testing to social engineering, disaster recovery planning, security policy development and regulatory compliance assistance, The Saturn Partners can provide the talent on a scalable and affordable basis for any organization no matter the size or budget.

For more information, visit us at www.saturnpartners.com, email us at cacrawf@saturnpartners.com. 

 

The Saturn Partners and Cyber Security Lifecycle Management – Our Commitment To You

The Saturn Partners’ cyber security team delivers security assessments and recommendations, solution engineering and implementation, training, auditing, and disaster planning and recovery. The Saturn Partners’  team of cyber security experts develops and implements solutions that conform to standards such as HIPAA, NERC, PCI, SOX and GLBA among others.

  • Cyber Security Policies Review & Development
  • Enterprise Mobile Application Security Assessments/Testing
  • Cyber Security Vulnerability Assessments
  • Social Engineering
  • SCADA and Critical Infrastructure Security Assesssments
  • Penetration Testing
  • Regulatory Compliance Assistance
  • Threat Detection & Deterrence
  • Information Assurance

Systems Management and Security Measures Under NERC CIP-007 – Are You Taking These Precautions?

First of all, how are you handling patch management?

These guidelines will help you grade your own “report card” as to how your current security measures stack up against our recommended security measures under NERC CIP-007:  Systems Management:

We at THE SATURN PARTNERS recommend that you:

  • Disable unused ports and services.  We have cited this basic security rule forever.  You would be surprised at how many ports we find left open in our assessments which are unused and therefore a security risk for entry.
  • Track security patches for critical cyber assets.
  • Shouldn’t you patch?  If you think there aren’t compelling reasons to patch document them!
  • Capture traffic to see what ports are in use.  (It is useful to capture traffic for ten to fifteen minutes first to see what the typical ports and settings are being used).
  • Test all patches on development/beta systems FIRST.
  • Document implementation of the patches in detail.
  • Document known ports and services
  • Pay attention to prevention of malicious software by using anti-virus/anti-malware prevent tools which are able to detect, prevent, deter or limit exposure.
  • DEPLOY such anti-virus software on the wire at the perimeter than on systems within it!
  • Use security monitoring controls which can issue automated or manual alerts when they detect something out of the norm
  • Stay current on latest and best processes for enabling ports on hosts, routers and firewalls
  • Maintain logs a minimum of 90 days.  We at THE SATURN PARTNERS recommend six months due to length of time it takes to get litigation for prosecution to court as these logs can be used as evidence if properly preserved.   NOTE:  PLEASE GO TO www.saturnpartners.com AND VISIT OUR FORENSICS SECTION FOR MORE DETAILS ON THE IMPORTANCE OF PRESERVING ELECTRONIC EVIDENCE!

At The Saturn Partners, we have over a dozen years of hands on experience working with utilities and other highly regulated industries to help keep our clients safe from intrusion/theft of precious data and cyber assets.  Contact us today at cacrawf@saturnpartners.com for a consultation with one of our engineers.

Fighting cyber crime since 2001… The Saturn Partners… your one-stop shop for customized, hands-on cyber and critical infrastructure security services.

Google