Black Hat Conference offers glimpses into the future of hacking

Share on Facebook
Tweet on Twitter

Each August, information security experts, hackers and others come together for the Black Hat Conference, which includes lectures and demonstrations showcasing software exploits and new methods of hacking.

This year’s conference covered several notable endeavours, while also addressing open internet and software laws.

One demonstration at the conference showed that a printer, among other devices, could be used to transmit radio signals containing data stolen from its network.

According to Network World, Ang Cui, a researcher from Red Balloon security explained that this is done by quickly toggling I/O pins on chips in the printer which causes capacitors within UART chips to vibrate generating radio signals.

The printer cable is then used as an antenna and the signal can be picked up via a radio receiver. Cui called this system a Funtenna and showed it could be used along with code to send digital messages. According to PC mag Cui’s method still had limitations as his example required a 10 feet cable and malware to already be loaded on the device.

Also shown at the Black Hat conference was a Jeep Hack by Charlie Miller and Chris Valasek.

According to Wired, this was discovered earlier this year and showed that through an exploit hackers could remotely control many of the Jeeps functions ranging from small things like the windshield wipers and radio to major things like the steering and transmission.

According to Tom’s Hardware, Miller and Valasek did this by rewriting firmware and exploiting an open port.

Satellites transmissions aren’t free from modification either. According to Network World, Colby Moore showed at the conference that Globalstar transmissions could be intercepted and modified to provide false information. Globalstar offers asset tracking which is typically used by businesses wishing to keep track of their trucks locations as well as wilderness hikers.

After studying the transmission system Moore found that the data was unencrypted and that he could inject additional information into the stream being sent to the satellite. Moore explained that this method could potentially be used by hijackers who could steal a truck then send back their own location to the satellite indicating it was following its normal route.

Kyle Wilhoit and Stephen Hilt presented their research into gas pump hacking at the conference. According to SC Magazine, they set up honeypot gas pumps in several companies so they could monitor attacks on them.

Wilhoit and Hilt found there were several different types of attacks on these pumps, the majority of which occurred in the U.S. They ranged from DoSing to changing pump identifications.

According to Tom’s Guide, one name change read “H4CK3D by IDC-TEAM” referring to a group known as Iranian Dark Coders. Willhoit and Hilt also pointed out that while it was possible, none of the attacks attempted to actually destroy the pumps, for instance by changing tank volume. It does however still show the danger of having these devices accessible.