RuhrSec 2019: "The Bicho: backdooring CAN bus for remote car hacking", Sheila Berta
Text to Speech Demo
RuhrSec is the annual English speaking non-profit IT security conference with cutting-edge security talks by renowned experts. https://www.ruhrsec.de/
Talk. The Bicho: backdooring CAN bus for remote car hacking
Abstract. Attacks targeting connected cars have already been presented in several conferences, as well as different tools to spy on CAN buses. However, there have been only a few attempts to create “something similar” to a useful backdoor for the CAN bus. Moreover, some of those proofs of concept were built upon Bluetooth technology, limiting the attack range and therefore tampering its effects.
Now we are happy to say, “those things are old”!
We have successfully developed a hardware backdoor for the CAN bus, called “The Bicho”. Due to its powerful capabilities we can consider it as a very smart backdoor. Have you ever imagined the possibility of your car being automatically attacked based on its GPS coordinates, its current speed or any other set of parameters? Even more, have you ever imagined the possibility that your car suddenly stopped working, when you least expected it, due to a remote attack? Now all of this is possible.
The Bicho supports multiple attack payloads and it can be used against any vehicle that supports CAN, without limitations regarding manufacturer or model. Each one of the payloads is related to a command that can be delivered via SMS, this way it allows remote execution from any geographical location. Our backdoor is an open-hardware tool and it has an intuitive graphical interface, called “Car Backdoor Maker”, which is open-sourced too and allows payload customization.
The attack payload can be configured to be automatically executed once the target vehicle is proximate to a given GPS location. The execution can also be triggered by detecting the transmission of a particular CAN frame, which can be associated with any given factor, such as: the speed of the vehicle, its fuel level, and some other factors. Moreover, in our talk we will be presenting a new feature, that allows us to remotely kill the car’s ECU and consequently causing the car to stop working suddenly.
Biography. Sheila Ayelen Berta is an Information Security Specialist and Developer, who started at 12 years-old by herself. At the age of 15, she wrote her first book about Web Hacking, published by RedUSERS Editorial in several countries. Over the years, Sheila has discovered lots of vulnerabilities in popular web applications and softwares. She also has given courses of Hacking Techniques in universities and private institutes. Sheila currently works as Security Researcher who specializes in offensive techniques, reverse engineering and exploit writing. She is also a developer in ASM (microcontrollers, x32/x64), C/C++, Golang and Python. Sheila is an international speaker who has spoken at important security conferences such as Black Hat EU 2017, DEFCON 26, DEFCON 25 CHV, HITBSecConf, HackInParis, Ekoparty Security Conference, IEEE ArgenCon, Hack.Lu, OWASP Latam Tour and others.
Twitter: https://twitter.com/UnaPibaGeek
source
Gloss