Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Be paranoid: 10 terrifying extreme hacks

Roger A. Grimes | June 16, 2015
Any device with a computer chip can be hacked, but not all hacks are created equal. In fact, in a world where tens of millions of computers are compromised by malware every year and nearly every company's network is owned, truly innovative or thought-provoking hacks are few and far between.

Among the other hacks an NSA operative can order:

  • Malicious monitor cables for $30, which monitor and report the data sent between the computer and monitor
  • BIOS and firmware hacking to plant malicious software that survives a reformat, OS reinstall, or even a new hard drive install
  • $40,000 Stingray devices, which are fake cellphone towers that can maliciously redirect victim cellphone conversations for monitoring
  • Malware that attacks and lives in hard drive firmware
  • Persistent malware, software, or hardware for firewalls
  • Devices that can record room audio
  • 802.11 wireless network injection tool
  • Keyboard cable tapping devices

After reading whatthe NSA can order, it should be quite clear that the NSA (and any other nation-state entity) can pretty much spy on whatever device it wants, and there is little we can do about it — as long as it remains legal and the agency can gain access. Many of these devices and software programs are created by private companies and available for purchase to any paying customer.

Bruce Schneier offers additional information about nation-state programs.

Extreme hack No. 9: Cryptographic attacks

Gary Kenworthy, of Cryptography Research, specializes in revealing cryptographic keys that had been thought to be highly secure, from all sorts of computing devices. He can remotely monitor a device's radio frequency or electromagnetic radiation emissions and tell you the 1s and 0s that made up its secret key. He has done this in public and private demos around the world the past few years. You can see him determine a mobile device's private key simply by monitoring its EM fluctuations.

Kenworthy's recent advances against the very devices we are told will protect us have shaken many in the cryptography community. To be sure, Kenworthy and his company profit from providing protections against the attacks he demonstrates, but his attacks are real and essentially reduce the security of most devices running cryptography that do not implement his suggested defenses.

Extreme hack No. 10: Car hacking

Car manufacturers are racing to put as much computing functionality as possible in their cars, and it should come as no surprise that these same computers are incredibly vulnerable to attack. Early on hackers learned how to unlock cars using their wireless remote key fobs and to prevent car owners from locking their cars despite thinking they have.

Dr. Charlie Miller, who started his career hacking Apple devices and winning multiple Pwn2Own hacking contests, is among the best car hackers. In 2013, he and his fellow researcher, Chris Valasek, demonstrated how they could control the brakes and steering on a 2010 Toyota Prius and Ford Escape using a physical attack that interfaces with the car's Electronic Control Units and onboard bus systems. Thankfully, the hack didn't work wireless or remotely.

 

Previous Page  1  2  3  4  5  6  7  Next Page 

Sign up for CIO Asia eNewsletters.