Security Concerns with Wireless Sensor Networks

Sensor networks are becoming very popular these days. The reasons being are that they can monitor a range of sensor data in varied environments and are very cool. But security is usually not a top concern with sensor networks, that is until now.

A sensor network is a network of devices, like motes, that collect data and relay the information back for monitoring. Some of these devices are about the size of a quarter and they can detect movement, temperature, light, sound, humidity, and stress. These things from a techno geek perspective are amazing. They are usually very small, can monitor conditions on the fly and create an intelligent fault tolerant wireless network amongst themselves.

Sensor networks can be used in a vast variety of applications like military use, agricultural, utilities and commercial. Basically, anywhere you need real-time monitoring and reporting of sensor data.  The data is then collected and sent into your corporate network for analysis and reporting.

The very nature of Wireless Sensor Networks opens them up to real security concerns. Thanassis Giannetsos, a sensor network security expert at Recurity Labs, has outlined the security issues of these networks and proven that they can be compromised and even used to spread malware to each other.

Using a tool that he created, he was able to compromise the security of sensor networks. He was able to sniff sensor node traffic and also inject packets and even malware onto the system. He was able to make a sinkhole in the network, this made his device look like it had a higher quality connection than surrounding nodes causing all of them to transmit only to his device, and then forward only the data that he wanted to pass along. He was also able to alter the contents of the traffic and replay it. And lastly, Thanassis successfully injected a self replicating worm into the network.

Because there are currently no tools to detect sensor network malware yet, these types of attacks could be very dangerous. Until Sensor Network security is increased, people designing sensor networks need to keep these things in mind, because they could offer an open door to system data. Attention must be paid to data logging, verification and physical security.

A white paper and Powerpoint on Mr. Giannetsos’s research can be found at Blackhat Europe.

Malware Counterattack: Hacking the Hackers

According to a news article on Government Computer News, federal agencies can and may already be using attacker’s malware code against them. Security expert Andrzej Dereszowski demonstrated how this would work at the recent Blackhat Europe security conference.

Andrzej analyzed the source code of a .pdf Trojan. He then compared the source code to known Remote Access Toolkit programs and found a match. He then took the toolkit and ran exploit attacks against it until he found an error in the program. It was a buffer overflow.

Then, analyzing the buffer overflow, he created his own exploit to work against the Trojan. Using a Metasploit shell, he was able to connect back to the malware command and control server using its own communication techniques. He was then able to fully access the Command and Control malware server, effectively hacking the hackers.

The connection back to the server would be hard if not impossible to detect, because it would appear to just be another malware infected client checking in. This type of counterattack theoretically could be used against the majority of current threats. All that would be needed would be the technical experts like Andrzej to decompile and reverse engineer the source code.

Currently, it is against federal law for civilians to counter attack a hacker. But, one could assume that federal agencies are already using these techniques. Now, what would be very interesting is if the next version of Einstein (The Government’s automated virus protection system) had a database of exploited malware code. When the system detected an attack, it could analyze the incoming attack, determine what malware the attack is based on and automatically execute the reverse attack, all on the fly and in real time.

Cool stuff, a PowerPoint of Andrzej’s presentation can be found on Blackhat Europe’s website.

D. Dieterle

*** Check out Rsignia’s new offensive cyber weapon. It can jam hackers, capture data from hackers and change it before resending it and best of all, it can install code on bot net Zombies attacking your network and turn them against each other!

A Case of Mistaken Identity

Yesterday, computers around the world were stuck in a reboot cycle when a McAfee Anti-Virus update tagged a legitimate windows system file as being a virus. According to Foxnews:

McAfee Inc. confirmed that a software update it posted at 9 a.m. Eastern time caused its antivirus program for corporate customers to misidentify a harmless file. It has posted a replacement update for download.

McAfee could not say how many computers were affected, but judging by online postings, the number was at least in the thousands and possibly in the hundreds of thousands.

It appears that the problem was in the corporate version of the software, and not the home version. In some cases, technicians had to fix each individual machine as remote updates were not working. The problem was very disruptive and affected industries across the board. 

The computer problem forced about a third of the hospitals in Rhode Island to postpone elective surgeries and stop treating patients without traumas in emergency rooms, said Nancy Jean, a spokeswoman for the Lifespan system of hospitals. The system includes Rhode Island Hospital, the state’s largest, and Newport Hospital. Jean said patients who required treatment for gunshot wounds, car accidents, blunt trauma and other potentially fatal injuries were still being admitted to the emergency rooms.

In Kentucky, state police were told to shut down the computers in their patrol cars as technicians tried to fix the problem. The National Science Foundation headquarters in Arlington, Va., also lost computer access.

Computers are in every aspect of our lives now, and computer outages, including unintentional ones, can be very costly in time and service availability. See Foxnews for the full article.

Computer Book Review: No Tech Hacking

One of the largest and most overlooked security vulnerability that exists in every company is… people. Many times, complex security can be bypassed by using low tech attacks or simple techniques. In “No Tech Hacking: A Guide to Social Engineering, Dumpster Diving, and Shoulder Surfing” author Johnny Long along with Kevin Mitnick take a look at some commonly used social engineering techniques.

People will always be the weakest link in security. In 15 years of providing onsite computer support to manufacturing companies, hospitals, banks, military, correctional facilities and government offices,   I have only been challenged for credentials four times.  People tend to be trusting and if you are already inside a building, they usually assume that you belong there.

Sad, but true, you are judged by the way you look. For instance, a person in a shirt and tie will be ignored by most shop floor employees; someone in jeans will be invisible to executives. Also, if you look a certain way, people will assume what your occupation is. For example, If you show up to a company carrying technical gear, they will assume that you are a repairman.

Johnny  Long’s book takes a very good look at this ignored side of computer security. Many times information can be gleaned just with the power of observation. Johnny talks about everything including finding administrator passwords in a dumpster to defeating a very expensive state of the art security system with a coat hanger and a wet wash cloth.

Sections on physical security like motion and infra red sensors are present. There is even a section on how insecure locks really are. Some of it is downright scary. For example, why use the key when you can open locks with a McDonald’s straw? Or open a laptop lock by using a beer can.

If you have seen Johnny in person or in a webcast, rest assured, his humor and wit are present in spades. The reading is light, informative and downright whimsical at times. It is a great book to read when you just want to kick back, relax and read something enjoyable. And being Johnny Long, rest assured, there is a section on Google Hacking.

Network security is an ongoing war, and as Sun Tzu said, ‘Know thy Enemy’. Learning about the techniques that social engineers use will allow you to look at your corporate security in a whole new light.