Sunday, August 28, 2016

The Dark Side and Physical Security.


I recently saw a vine on Twitter, that joking shows someone plugging a USB keyboard into a USB charger, acting like the Hollywood style of hacking. The amateur didn't wear gloves. I myself have pictured a cute, spunky bubble-gum chewing teen with pink and black hair, completing a hack, then turning to the camera, pulling the gum from her mouth and shoving it into the RJ45 port she was using on the wall, whispering in a sultry voice, something along the lines of “always cover your tracks.” While the saliva on the gum might short something, it’s not the real threat. Physical security is a real necessity; watch Twitter and Facebook and you see RJ45 connections, open USB ports, and all sorts of other connections just waiting for the right person, with the right know-how to steal or manipulate information in systems acting as things like standalone ATM machines, voting machines, and Point-of-sale terminals. Undetectable in some cases, these are real threats.

There are a lot of articles out there about key loggers and computers on a stick that people can plug into systems and television sets, but there is a dark side to physical security as well; the people who don’t want information, but rather to cause downtime, expense, confusion, chaos, and distraction. Anyone who has soldered wire understands about heat and protective coatings. When I worked IT, I never patched a cable into a network switch where I wasn’t expecting a live connection. Too many people can sit down with a personal laptop and plug in, but it’s not the real threat to the machines on the other end unless it’s the right person.

Often, a real threat is less than a meter away.
See, the electronic world we live in runs on low voltage and amperage. It expects 5v, 2 volts, and a single volt on a connection sometimes. It’s not designed for someone to take an extension cord with an RJ45 tip on it, and shove it into the socket. A couple of things happen: if that cable is connected to anything that makes a short, it will likely trip the breaker, depending on the device, but prior to that it sends a surge of electricity down the line that can melt the jackets off of thin UTP CAT-5 cable, potentially causing a fire, and additionally it can pop multiple resistors, capacitors, and switches in expensive, highly-sensitive equipment. Plugged into a disconnected battery back-up, it can produce a charge that repeats with a simple reset. This can fry motherboards, breadboards, and simple circuits with ease.

In terms of operation security, or opsec, someone may use a device such as this to plug into USB ports to short motherboards, CAT 5e to damage network connections and network hardware, and even phone terminals, shorting switchboards. Additionally, someone could melt components in cell phone, rendering data unreadable, inaccessible, or very difficult to obtain in a time of need. Can’t call in emergency with no working devices.

I’ve seen homemade devices as well, where someone takes the guts from a $5 disposable camera with flash, and uses the step-up transformer and high-output capacitor to deliver a charge to electronics. It’s some scary things to consider. So if it doesn’t need to be connected, disconnect it, and cover unnecessary ports on open machines. Additionally, remember not to leave portable devices laying around. While someone could use your phone to take obscene pictures, they can also prevent you from making a call if you’re being set up.