Geeks for your information Security Security Vendors Kaspersky Kaspersky Security Blog v
How to Attack and Defend a Prosthetic Arm
Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
How to Attack and Defend a Prosthetic Arm
harlan4096 Offline
MalWare Zoo Team
*******
Posts: 12,842
Threads: 8,855
Thanks Received: 8,750 in 6,909 posts
Thanks Given: 9,642
Joined: 12 September 18
#1
Information  28 February 19, 07:27
Quote:[Image: Scheme_bionic_arm.jpg]

Each arm is equipped with an embedded SIM card for sending statistical data. The SIM is needed to access the internet and send statistics and other information about the arm’s status. A connection is established to Motorica’s remote cloud, which is an interface for remotely monitoring the status of all registered biomechanical arms. Good thing about the arm’s current architecture – the connection between the arm and the cloud in unidirectional. This means that only the arm is sending data to the cloud, while the cloud sends nothing back. Yet, Motorica Inc says, they plan to implement this feature later.

The basic logic of the arm, such as movement directions, switching motors on or off, etc., are implemented in the C language. The cloud for receiving, processing and storing information is implemented based on the following technologies:
  • NodeJS – for backend,

  • ReactJS – for frontend,

  • MongoDB – database.
Arm-wrestling

At first, we decided to attack the logic of the arm. But soon we discovered that the C code is well-structured and has no vulnerabilities in it. However, the arm that we tested has only the basic functionality. Motorica Inc. wants to add more functions to its biomechanical limbs: smartphone interconnect, contactless payments and other useful features. From our point of view, all these new technologies must be tested for cybersecurity. Especially the ones that could be exploited for MiTM attacks.

Then we started to analyze the protocol used to send the statistics to the cloud and the logic for processing that information on the server. The initial findings showed that the data was sent using the insecure HTTP protocol. A little later we found some incorrect account operations and insufficient input validation that can be used by a remote attacker to:
  • gain access to information about all the accounts in the cloud including the logins and passwords (in plaintext) for all the prosthetic arms and administrators,

  • add or delete regular and privileged users (with administrator rights),

  • launch attacks against administrators via the cloud and then attack Motorica’s internal infrastructure,

  • NoSQL-injection,

  • cause denial of service for cloud administrator.
Full Reading
[-] The following 1 user says Thank You to harlan4096 for this post:
  • darktwilight
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
CrystalDiskInfo 9.3.0
Changes in 9.3.0: ...harlan4096 — 06:59
Microsoft OneDrive on the web is adding ...
Microsoft has anno...harlan4096 — 06:08
Vivaldi Stable 6.7 (3329.21)
Vivaldi Stable 6.7...harlan4096 — 17:09
Mozilla Firefox Browser 125.0.3
Mozilla Firefox Br...harlan4096 — 15:17
ThunderSoft Photo Gallery Creator [for ...
ThunderSoft Photo Ga...ismail — 09:51

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>