Black Hat Europe 2013 in Amsterdam
Black Hat Europe is a series of highly technical security conferences that gathers professionals, researchers, and leaders of the infosec industry. Below are some of my thoughts about the interesting discussions I attended, which include a compelling talk by Trend Micro threat researcher Kyle Wilhoit about ICS/SCADA.
My colleague Kyle and I joined the first session of the full-day vehicle networks workshop. Robert Leale of www.canbushack.com gave a nice introduction to controller area network (CAN) bus and other bus systems by, in which he gave basic information on the types of networks found in modern vehicles. I went to the next talk, “Let’s Play – Applanting” by Ajit Hatti, the co-founder of “null -Open security community,” where he described an attack to silently install an app in a user’s device (this has already been fixed by Google). As it turns out, a lot of people in India use their smartphones for online banking.
“XML out-of-band data retrieval” from Alexey Osipov and Timur Yunusov, which I attended later, showed how to retrieve data from an internal machine and network using several web applications.
Because I own a Huawei USB UMTS/4G stick, I went to the talk “Huawei – From China with Love” from Nikita Tarakanov and Oleg Kupreev. From the discussion, I gathered that the software (available for Windows and Mac) seems to be a mess, security-wise.
One of the better conferences of the day, Tobias Jeske presented the results of his research about floating car data from smartphones, based from Google Navigation and Waze. For his research, he reversed engineered the protocols with an MiTM proxy and source code and later explained to us the several possible attacks that can be launched.
The first talk for the day was “The Sandbox Roulette”, which we can summarize as “for an application sandbox (Sandboxie, Chrome, Adobe X) the weakest link is the Windows kernel. An hypervisor sandbox is more secure than an application sandbox.”
The next presentation I attended was Kyle’s. Entitled “Who’s Really Attacking Your ICS Equipment,” the study focused on who are really targeting Internet-facing ICS-SCADA, which are known critical infrastructure for industrial processes. His talk was interesting and I think overall he did a great job. For more details about this talk, you can read his paper here.
I also enjoyed Brad Antoniewicz’s talk about the (in)security of proximity cards. He showed us how to attack this system from RFID read, to the controller and backend system. Too bad there was a slight problem with his demo kit, as he momentarily forgot about the different voltage in US and Europe. The second kit he tried to bring to Amsterdam was stuck at the airport. I guess customs were not sure if it was dangerous or not.
To cap the day, I attended Jacob Williams’ discussion about Dropbox. He demonstrated how a malware could use DropBox as a C2 infrastructure to steal sensitive data. This is interesting, given that most organization allows the use of DropBox, and firewalls / Data Loss Prevention (DLP) solutions might not detect this attack.
For more details about the conferences, you can visit Black Hat’s official website.