Completed
Intro
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Finding the Needle in the Hardware Haystack - Identifying and Exploiting Vulnerabilities
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 What is the focus of today's talk? Today we are talking about why reverse engineering of embedded hardware systems is an important part of a security program Discussion regarding current state of har…
- 3 Is embedded device security a new problem? No, but now the risk is increasing with the staggering number of new embedded devices being deployed in organizations
- 4 Problem - No Standards for Embedded RE Testing Has become a new service offering with many security consulting companies who also perform penetration testing services Work performed currently does no…
- 5 Network Penetration Tests vs Hardware Security Testing
- 6 What is the risk to your organization? When we look at the hardware security problem we tend to associate several risks to an organization if these systems are compromised They include
- 7 Defining the testing Process We feel that the community needs to define a standard on how to properly RE hardware and embedded devices.
- 8 Pre-Engagement Interactions First ensure that your legal department has reviewed your testing plan and given approval for testing of devices Establish Rules of Engagement and scope
- 9 Intelligence Gathering During this phase we will be gathering data regarding our device, the chips and any firmware on device. We will also need to document how the device looks prior to disassembly …
- 10 Phase 3: Threat Modeling Process This phase will help you narrow your testing focus by identifying potential targets This should include business process reviews, threat intel analysis, and threat ca…
- 11 Vulnerability Assessment During this phase we will be testing both the hardware and software for potential vulnerabilities. This can include: Solder jumpers on board (as needed) - Extract data from f…
- 12 Exploitation Physical Exploitation, Memory Exploitation Wireless Exploitation Management System Exploitation, and Destructive Exploitation will all be avenues of attack Develop Proof-of-Concept explo…
- 13 Post-Exploitation During this phase we will now be showing how exploiting the device could lead to further system compromise. Other areas of interest include data exfiltration network pivoting destru…
- 14 Testing Report "Responsible Disclosure" should be performed for any O-day discovered in vendor
- 15 HRES-A Repeatable Measurable Process Based on what we have outlined and tested we feel this process is repeatable and measurable