That started off accurate, but then it got painful. Of course files can be modified. This has nothing to do with being "ASCII" plain text. By the way the article meanders, it seems the author is a pure EE who thinks there could be some software pixie dust that could assure integrity without doing the full work of either trusting the fab house or checking their output. Sorry, there isn't.
Based on the title, I had thought this was going to be about ways to create a trojan by modifying only the unpopulated PCB. Once you're playing with components, you can just stick a second chip on the SPI bus that eg corrupts a few firmware instructions to avoid setting critical processor feature flags. The footprint likely already exists for supplier diversity. Although by now attackers have probably made integrated chips that contain the flash and the implant in a single package.
Authors propose to mess with circuit board runs by adding components and modifying connections. There is no security on the design files, so they are trivially modified, though it is annoying to do so if you don't have the original design files. The outputs - Gerbers or ODB++ databases - can be imported into a design tool and modified.
They also propose to detect such changes by looking for missing refdes. That's farcical. Duplicate refdes are much harder to identify, or a new one could be added. But the true way to hide a "hack" in a PCB is to replace an IC with a counterfeit part.
A combination of a modern APT - even some of the things published around the same time as Stuxnet - could be used to activate a hidden feature in a counterfeit IC, and would be undetectable by almost any method short of high-resolution xray comparison to a golden board.
Bunnie Huang gave an excellent talk on this subject at BlueHat IL 2019 that goes very deep, including showing technical details of how attacks like this can be pulled off. Well worth the 45 minutes - https://www.bunniestudios.com/blog/?p=5519
It is not, but having access to schematics, bom and description of how it works would mean more people looking at it and probing it. This would be helpful in preventing large scale attacks to go for a long time but would not prevent directed attacks (like infecting a single shipment to a single customer).
Also, I always thought bypass capacitors an excellent way to inject malicious hardware. Everybody is practically trained to ignore them and does not expect them to do anything. Yet they have access to almost all signal lines and technically possibility to inject or disrupt signal.
>Also, I always thought bypass capacitors an excellent way to inject malicious hardware. Everybody is practically trained to ignore them and does not expect them to do anything. Yet they have access to almost all signal lines and technically possibility to inject or disrupt signal.
Call me jaded but the fact that Bloomberg essentially made a fake report about this type of attack made me completely disinterested in this type of attack. It's just some sensationalist crap that is meant to destroy the reputation of a company. It was never about the practicality of the attack. Just replace an entire IC and be done with it.
It's easy to image an Amazon seller replacing a microcontroller with one that contains ransomware. If you try to do the same thing with a bypass capacitor then you massively increase the amount of effort needed to execute the attack. The microcontroller attack could be as simple as emulating a keyboard and opening a virus site in internet explorer.
I don't know how many people actually pay the ransom but lets say 5% of the buyers end up paying a $500 ransom. That would be $25 extra profit per mainboard. If your mainboard is $10 cheaper than the competition customers will flock to your products and you can easily scale out your operation.
Well... this doesn't have to be as overt as you described.
For example, bypass cap could monitor the line and detect when a security feature to prevent tampering with the device turns on and just disrupt that feature. Or maybe it could prevent the phone from turning off when it should to keep that pesky covert monitoring software running even after you think you have switched your phone off. Or maybe it will cause camera light to be turned off when a particular radio signal is detected so that you don't know you are watched. Dunno.
Just because Bloomberg report turned out to be fake doesn't necessarily mean the attack vector is fake or pointless.
There are millions of engineers/hackers smarter than me and I can imagine somebody will put together a working and useful attack, eventually.
One way this could be remediated a little bit would be if vendors for these devices were not so bent on not giving away any details and to prevent repairability.
If there were schematics available and devices were made to be disassembled and looked at there would be more people "auditing" devices in the field to give an alert when something is out of norm.
---
A bit unrelated:
The hardware attacks, I have seen one over a decade ago when working on software for credit card terminals. We started getting shipments of terminals with nefarious hardware injected. These terminals had built in fuse that could be checked to see if device was tampered with (opened). These small boards had to be added in the assembly somewhere in China and it was a problem to detect them because opening the device meant it became useless as ones with tamper flag are not allowed in production. The attackers learned to scrape some plastic from the device to make the weight match exactly.
This was rather primitive attack (there was separate board of questionable quality glued inside enclosure and visibly wired to the main board) but it was rather problematic for us. I shudder to think if attackers had better hang of technology.
12 comments
[ 6.1 ms ] story [ 36.1 ms ] threadBased on the title, I had thought this was going to be about ways to create a trojan by modifying only the unpopulated PCB. Once you're playing with components, you can just stick a second chip on the SPI bus that eg corrupts a few firmware instructions to avoid setting critical processor feature flags. The footprint likely already exists for supplier diversity. Although by now attackers have probably made integrated chips that contain the flash and the implant in a single package.
They also propose to detect such changes by looking for missing refdes. That's farcical. Duplicate refdes are much harder to identify, or a new one could be added. But the true way to hide a "hack" in a PCB is to replace an IC with a counterfeit part.
A combination of a modern APT - even some of the things published around the same time as Stuxnet - could be used to activate a hidden feature in a counterfeit IC, and would be undetectable by almost any method short of high-resolution xray comparison to a golden board.
Fun stuff to think about though.
Also, I always thought bypass capacitors an excellent way to inject malicious hardware. Everybody is practically trained to ignore them and does not expect them to do anything. Yet they have access to almost all signal lines and technically possibility to inject or disrupt signal.
Call me jaded but the fact that Bloomberg essentially made a fake report about this type of attack made me completely disinterested in this type of attack. It's just some sensationalist crap that is meant to destroy the reputation of a company. It was never about the practicality of the attack. Just replace an entire IC and be done with it.
It's easy to image an Amazon seller replacing a microcontroller with one that contains ransomware. If you try to do the same thing with a bypass capacitor then you massively increase the amount of effort needed to execute the attack. The microcontroller attack could be as simple as emulating a keyboard and opening a virus site in internet explorer.
I don't know how many people actually pay the ransom but lets say 5% of the buyers end up paying a $500 ransom. That would be $25 extra profit per mainboard. If your mainboard is $10 cheaper than the competition customers will flock to your products and you can easily scale out your operation.
For example, bypass cap could monitor the line and detect when a security feature to prevent tampering with the device turns on and just disrupt that feature. Or maybe it could prevent the phone from turning off when it should to keep that pesky covert monitoring software running even after you think you have switched your phone off. Or maybe it will cause camera light to be turned off when a particular radio signal is detected so that you don't know you are watched. Dunno.
Just because Bloomberg report turned out to be fake doesn't necessarily mean the attack vector is fake or pointless.
There are millions of engineers/hackers smarter than me and I can imagine somebody will put together a working and useful attack, eventually.
If there were schematics available and devices were made to be disassembled and looked at there would be more people "auditing" devices in the field to give an alert when something is out of norm.
---
A bit unrelated:
The hardware attacks, I have seen one over a decade ago when working on software for credit card terminals. We started getting shipments of terminals with nefarious hardware injected. These terminals had built in fuse that could be checked to see if device was tampered with (opened). These small boards had to be added in the assembly somewhere in China and it was a problem to detect them because opening the device meant it became useless as ones with tamper flag are not allowed in production. The attackers learned to scrape some plastic from the device to make the weight match exactly.
This was rather primitive attack (there was separate board of questionable quality glued inside enclosure and visibly wired to the main board) but it was rather problematic for us. I shudder to think if attackers had better hang of technology.