Hackers Learn To Threaten Computer Hardware
- 5
- Add a Comment
As if computer viruses and worms aren’t enough of a nuisance, malicious hardware, which will be much more difficult to detect, could soon become a threat too.
Today, computer viruses, which are programs downloaded either as an email attachment or when someone visits a website, are responsible for most computer attacks. Hackers use them to gain control of a computer so that they can press-gang it into sending spam or downloading more malicious software, such as a keystroke logger, which can record credit card details and passwords typed in by the user.
Anti-virus (AV) software monitors a computer for signs of a virus, such as chunks of telltale code. To fight back, hackers write new viruses that use different code, or bury the code deeper in the operating system where the AV software isn’t programmed to look. So AV firms and hackers are locked in an arms race, continually trying to outdo each other.
Soon hackers could up the ante even further. Samuel King and colleagues at the University of Illinois at Urbana-Champaign have shown that they could also gain control of a computer by adding malicious circuits to its processor. Because these circuits interfere with the computer at a deeper level than a virus, they effectively operate ‘below the radar’ of AV software.
To evaluate the risk from such hardware, King’s team designed their own malicious circuits. They used a processor called a field programmable gate array (FPGA), whose logic circuits can be rearranged, to create a replica of an existing open source processor called Leon3, which contains around 1.7 million circuits. They then added about 1000 malicious circuits not present in Leon3.
The team found that the circuits allowed them to bypass security controls on Leon3 in a similar way to how a virus hands control of a computer to a hacker, but without requiring a flaw in a software application. When they hooked the FPGA up to another computer, they were able to steal passwords stored in its memory and install malicious software that would allow the operating system it was running to be remotely controlled. “Once you have this mechanism in place, you can do whatever you want,” says King, who presented the work at the Large-Scale Exploits and Emergent Threats conference in San Francisco last month.
Sneaking malicious hardware onto a chip is not as easy as installing a virus. The attacker must either have access to a chip during its design or manufacture, or be capable of manufacturing their own chips, which they would then have to sell to computer makers, or slip into computers during assembly. “It’s not something someone would carry out on weekends,” says King.
Nonetheless, computer scientist Simha Sethumadhavan of Columbia University in New York says that chips and their design processes are becoming more complex, making it easier for a hacker to infiltrate. Recently, some Apple iPods and Seagate hard drives were found to have been sold with viruses pre-installed, demonstrating their vulnerability, says King.
[Mason Inman @ New Scientist]
5 Comments
Aryeh Goretsky
April 30th, 2008
at 9:48pm
Hello,
While this is a valid concern, I am inclined to think of this as being directed less at consumers and more an issue of industrial espionage or sabotage. Proper vetting of personnel, appropriate access control, audits and security reviews should go a long way towards reducing the likelihood of a malarchitected processor being manufactured.
The issues with MP3 players, external hard disk drives and digital picture frames shipping with malware on them have less to do with designing malware-infected processors than simply showing a lack of proper controls in place by the manufacturers of those devices.
Regards,
Aryeh Goretsky
Sid gilbert
May 1st, 2008
at 6:38am
Being an old guy, I lived through the space race and the cold war. I don’t think this type of attack could be carried out by an individual, but a large corporation or a country could effectively flood the market with chips designed to let them do pretty much anything to our data. This might take less than three years given the amount of turnover hardware has in this day and age. I may sound paranoid, but just because someone is paranoid doesn’t mean that they aren’t out to get them.
appleking12345
May 4th, 2008
at 12:29pm
As virus advanced, computers will too. Computers are becoming more advanced each and everyday which means hackers will have to make a new virus everyday. Most hackers can’t keep up with the current advancement of technology. Now hackers are attacking hardware, which means computers would ship with malware on it. This means computer companies would either have to send out new parts to customers or step up on their security. Most likely they will have filmware updates to fix this. Hackers will make something new once in a while, but it will be soon destroyed.
Sammy L
May 7th, 2008
at 9:04am
I have always wondered about this. With so many people using flash memory it opens up a new way for hackers to do this kind of stuff to actual hardware.
Now we have to scan all flash memory devices for virus and spyware. Hackers seem to be the busiest people around creating new ways to attack people and make life bad for every-day computer user. Pretty sad world we live in!
I-user
May 20th, 2008
at 3:37pm
What about the counterfeit Cisco routers coming from China? How does this fit in now? What’s to stop a counterfeit hardware that has malicious material in it from being distributed to some classified or sensitive location? Yes, the FBI stopped these particular routers from distribution but what about the thousands of other items that have not been discovered?