Niklaus, Manuel and me had a great time speaking about one of the latest Tablet PCs from DPRK at 33C3 this year. Our work on RedStar OS from last year revealed a nasty watermarking mechanism that can be used to track the origin and distribution path of media files in North Korea. We have seen some interesting dead code in some of RedStar’s binaries that indicated a more sophisticated mechanism to control the distribution of media files. We got hands on a Tablet PC called “Ul-lim” that implemented this advanced control mechanism.Continue reading
This year’s MRMCD16 had a topic that immediately let me submit a talk about medical device security: “diagnosis:critical”. Or to quote the official website:
Security issues in soft- and hardware have a low chance of healing, especially in medical IT.
Despite years of therapy using code reviews and programming guidelines, we still face huge amounts of vulnerable software that probably is in need of palliative treatment.
Security vulnerabilities caused by the invasion of IT in the medical sector are becoming real threats. From insulin pumps over analgesic pumps through to pace makers, more and more medical devices have been hacked already. This year's motto "mrmcd2016 - diagnosis:critical" stands summarizing for the current state of the whole IT sector.Continue reading
We talked about the details of the watermarking mechanism that we found in July and additional features of RedStar OS like it’s “Virus Scanner” and the system architecture. During the days after our talk we were able to find watermarks applied by RedStar OS in the wild on some sites on the Internet. We can confirm at least 7 different instances of RedStar OS that have applied watermarks to JPGs. Cleaning up the data is work in progress and we will get back to you with the results! Niklaus has put our presentation and additional resources in the git. Feel free to join us in our research and make the world a safer place!
32c3 was amazing, as every time! Big thanks to all the volunteers who made this possible. Niklaus and I enjoyed every second! 🙂
Hope to see some of you at Troopers 16 in March 2016!
That was the opener for my presentation on the Security in Medical Devices at CodeBlue 2015 last week in Tokyo, Japan. A Code Blue often describes a patient in a critical condition, mostly needing resuscitation. That just seemed to be a perfect match, also in the sense that the condition of some medical devices out there are still pretty critical concerning security. If you follow our current research on this you know what I am talking about. I hope that we are not talking about this topic anymore three years from now. That would mean that we have made the world a safer place, although it took some time … 😉
Speaking at Code Blue really was a blast! “Arigato” for having me! The conference was organized very well and the staff was extremely caring. You could really feel the community vibe in this event. Considering that the conference is only around a few years that is really remarkable. The talks I enjoyed most obviously were both keynotes: Takuya Matsuda – The Singularity is Near and Richard Thieme’s thoughtprovoking speech at the end of the conference. I also enjoyed Bhavna Soman’s high quality talk about using metrics to correlate APT binaries. The overall quality of the talks on Code Blue was pretty good but what I enjoyed the most were the discussions and the exchange with other researcher from all over the planet.
I hope to see some of you at Troopers16! 🙂
During the last few months information about one of North Koreas operating systems was leaked. It is a Linux based OS that tries to simulate the look and feel of a Mac. Some of it’s features have already been discussed on various blog posts and news articles. We thought we would take a short look at the OS. This blog post contains some of the results.
As you can imagine, most interesting for us was to investigate features that impact the privacy of the users. There are some publications concerning the security of the OS, this is an aspect that we will not cover in this post. We will stick to a privacy issue that we identified in this post. As ERNW has a long history of “Making the World a Safer Place”, we consider this topic an important one. The privacy of potential users (especially from North Korea) may be impacted and therefore we think that the results must be made available for the public. So, here we go … Continue reading “RedStar OS Watermarking”Continue reading
Last week I gave a short interview for Süddeutsche Zeitung on the security of medical devices. You can find it here. Unfortunately it is in German so I decided to sum up some of my key points that made it into the article and some that didn’t in this blog post. Continue reading “The patient’s last words: I am not a target!”Continue reading
As you might know we are continuously doing research on medical devices. I presented some of the new results at Power of Community 2014 last week and we thought we would share some of the details with you here. The focus of the previous work was testing medical devices that are used in hospitals like patient monitors, syringe pumps or even MRIs. This time we looked at a device that every user can use at home and which is available to anyone on the market: A smart scale.
The scale implements some basic features as you might have guessed, that is measuring your weight. In this case there are a lot more additional features that you can use, e.g. measuring the air quality, the room temperature, your heart rate and your fat mass. The latter makes testing this device quite hard, because somebody has to step on it and the results were not funny at all and will be kept secret! 😉Continue reading
I had the pleasure to participate in this year’s Power of Community and was invited to talk about the insecurity of medical devices. The conference is based in Seoul, Korea and started in 2006. It has a strong technical focus and it is a community driven event. For me it was great to participate as mostly hackers from Asia were there and I got the chance to talk to a lot of nice folks that I wouldn’t be able to meet otherwise. This is especially true for the host, vangelis.Continue reading
We just got credits for a flaw we found in SAP Netweaver. The issue is a reflected Cross-Site Scripting (XSS). It can be triggered in the administrative interface for the Internet Communication Manager (ICM) and Web Dispatcher. This means that the targets for this XSS will definitely be users with administrative privileges. This makes it especially juicy for an attacker. Continue reading “XSS in SAP Netweaver”Continue reading
One of our guiding principles at ERNW is “Make the World a Safer Place”. There could not be a topic that matches this principle more than the security or insecurity of medical devices. This is why we started a research project that is looking at how vulnerable those devices are that might be deployed in hospitals around the world. Recently the U.S. Food and Drug Administration (FDA) has put out a recommendation concerning the security of medical devices. It recommends that “manufacturers and health care facilities take steps to assure that appropriate safeguards are in place to reduce the risk of failure due to cyberattack, which could be initiated by the introduction of malware into the medical equipment or unauthorized access to configuration settings in medical devices and hospital networks”. We thought that we should take a look at how manufacturers deal with security for these devices. Continue reading “Medical Device Security”Continue reading