Those Crafty Lil’ Buggers

Topics:
Vulnerability management
This is some text inside of a div block.
Thought leadership
This is some text inside of a div block.
Axel Wirth
Axel Wirth

November 2, 2023

Those Crafty Lil’ Buggers

Hardware-based cyber attacks can be quite impactful and are difficult to defend against but have, at least until now, been hard to pull off and were the domain of sophisticated nation-state actors. We have heard of attempts to install digital back doors in networking gear and phones that could be used for various purposes, including compromising cryptography, gaining control of critical systems, or even the shutdown of infrastructure by an adversary. Security researchers have identified vulnerabilities in a variety of chips and have provided proof of concept for a chip-based attack. In that sense, hardware-based attacks are the ultimate supply chain compromise.

However, deploying such hardware exploits is not trivial and requires technical skill as well as physical access to systems at various stages during the production or deployment process. There is, though, one obvious weak spot in any system, and that is the cable interconnects and corresponding ports.

That is where the folks at Hak5 come in with their offering of a wide variety of cables that come with hidden features, i.e., computer cables (USB, Lightning, …) equipped with a wide range of payloads providing various attack possibilities at an affordable price. Possible use cases include keylogging, keystroke injection, remote attacks via WiFi bridge, and delivery of payloads. Obviously, any use outside of the sanctioned applications for the purpose of red teaming, e.g., to emulate highly sophisticated attack scenarios, as well as for teaching and training purposes would be quite concerning.

Especially since the latest upgrade, going by the name of HIDX StealthLink, provides additional features such as creating a bidirectional covert channel and remote connection that appear as a keyboard on the target system rather than a drive or network interface. Even air-gapped systems are no longer secure as this approach allows you to set up your own WiFi connection thus allowing data exfiltration or penetration of systems that are deemed secure.

Besides red teams (or potential malicious hackers) smuggling such cables into your environment, there is also the risk of them arriving via kitted hardware components that may come with all the cables you need. Hence, as with all other forms of supply chain attacks, a breach via a trusted channel is the most difficult to spot.

Remember the days when they taught you to not pick up and use the USB stick you found in the parking lot? Well, don’t pick up the cable either.

Related articles

The Evolution of Cybersecurity in the Medical Field and the Importance of Information Sharing and Analysis Organizations (ISAOs)
This is some text inside of a div block.

The Evolution of Cybersecurity in the Medical Field and the Importance of Information Sharing and Analysis Organizations (ISAOs)

Company
This is some text inside of a div block.
Thought leadership
This is some text inside of a div block.

July 23, 2024

Navigating FDA Regulations and the Role of ISAOs in Medical Device Cybersecurity
This is some text inside of a div block.

Navigating FDA Regulations and the Role of ISAOs in Medical Device Cybersecurity

Thought leadership
This is some text inside of a div block.
Company
This is some text inside of a div block.

July 15, 2024

Subscribe to Medcrypt news

Get the latest healthcare cybersecurity news right in your inbox.

We'll never spam you or sell your information

By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.