More than a year has passed since Bloomberg Businessweek grabbed the lapels of the cybersecurity world with a bombshell claim: that Supermicro motherboards in servers used by major tech firms, including Apple and Amazon, had been stealthily implanted with a chip the size of a rice grain that allowed Chinese hackers to spy deep into those networks. Apple, Amazon, and Supermicro all vehemently denied the report. The NSA dismissed it as a false alarm. The Defcon hacker conference awarded it two Pwnie Awards, for "most overhyped bug" and "most epic fail." And no follow-up reporting has yet affirmed its central premise.
But even as the facts of that story remain unconfirmed, the security community has warned that the possibility of the supply chain attacks it describes is all too real. The NSA, after all, has been doing something like it for years, according to the leaks of whistle-blower Edward Snowden. Now researchers have gone further, showing just how easily and cheaply a tiny, tough-to-detect spy chip could be planted in a company's hardware supply chain. And one of them has demonstrated that it doesn't even require a state-sponsored spy agency to pull it off—just a motivated hardware hacker with the right access and as little as $200 worth of equipment.
"It's not magical. It's not impossible. I could do this in my basement."
Monta Elkins, FoxGuard
At the CS3sthlm security conference later this month, security researcher Monta Elkins will show how he created a proof-of-concept version of that hardware hack in his basement. He intends to demonstrate just how easily spies, criminals, or saboteurs with even minimal skills, working on a shoestring budget, can plant a chip in enterprise IT equipment to offer themselves stealthy backdoor access. (Full disclosure: I'll be speaking at the same conference, which paid for my travel and is providing copies of my forthcoming book to attendees.) With only a $150 hot-air soldering tool, a $40 microscope, and some $2 chips ordered online, Elkins was able to alter a Cisco firewall in a way that he says most IT admins likely wouldn't notice, yet would give a remote attacker deep control.
"We think this stuff is so magical, but it's not really that hard," says Elkins, who works as "hacker in chief" for the industrial-control-system security firm FoxGuard. "By showing people the hardware, I wanted to make it much more real. It's not magical. It's not impossible. I could do this in my basement. And there are lots of people smarter than me, and they can do it for almost nothing."
Elkins used an ATtiny85 chip, about 5 millimeters square, that he found on a $2 Digispark Arduino board; not quite the size of a grain of rice, but smaller than a pinky fingernail. After writing his code to that chip, Elkins desoldered it from the Digispark board and soldered it to the motherboard of a Cisco ASA 5505 firewall. He used an inconspicuous spot that required no extra wiring and would give the chip access to the firewall's serial port.
-- submitted from IRC
Related Stories
The Biden administration on Tuesday warned the nation's governors that drinking water and wastewater utilities in their states are facing "disabling cyberattacks" by hostile foreign nations that are targeting mission-critical plant operations.
"Disabling cyberattacks are striking water and wastewater systems throughout the United States," Jake Sullivan, assistant to the president for National Security Affairs, and Michael S. Regan, administrator of the Environmental Protection Agency, wrote in a letter. "These attacks have the potential to disrupt the critical lifeline of clean and safe drinking water, as well as impose significant costs on affected communities."
[...] The letter extended an invitation for secretaries of each state's governor to attend a meeting to discuss better securing the water sector's critical infrastructure. It also announced that the EPA is forming a Water Sector Cybersecurity Task Force to identify vulnerabilities in water systems. The virtual meeting will take place on Thursday.
"EPA and NSC take these threats very seriously and will continue to partner with state environmental, health, and homeland security leaders to address the pervasive and challenging risk of cyberattacks on water systems," Regan said in a separate statement.
(Score: 1, Interesting) by Anonymous Coward on Monday October 14 2019, @06:19AM (2 children)
So we break off from civilization and live in a cabin in the woods.
Then they set the cabin on fire using an orbital laser.
(Score: 0) by Anonymous Coward on Monday October 14 2019, @07:13AM
Exactly...like how they restricted our tobacco access so we would switch to vaping and then poisoned the vaping juice so they could take that away too.
(Score: 3, Insightful) by Anonymous Coward on Monday October 14 2019, @08:43AM
Seems like the mantra "if you want something done good, you'll have to do it yourself" is still valid, just not only to avoid incompetence now but also malice.
(Score: 4, Insightful) by Runaway1956 on Monday October 14 2019, @07:33AM (4 children)
Ya know, a screwdriver isn't high tech, or anything. It's just a metal bar, shaped to fit a slot (or cross-slots, or a Torx or Allen cutout) in some sort of screw. But, that screwdriver in the hands of a skilled person can be so much more than just a bar of iron. In the hands of an unskilled person, it's just a hunk of junk. Minimally skilled? Still little more than a hunk of junk.
So, the guy is soldering a chip into/onto a mainboard? And he compares that to a "minimally skilled" worker? Hmmmmm. Nothing like overstating your case, is there? I mean, you're not going to grab some punk-ass kid off the street, and teach him to do this in an hour or two. IF the kid has the aptitude for the job, you'll spend a few days with him, at the least, getting the job done right, consistently. THEN you'll work more with him, getting the job done so that it won't be noticed during routine inspections. THEN the kid will have to work more at completing the job inside of time constraints. And, with all of this, the kid transforms from "minimally skilled" to "highly skilled". The kid may not have any OTHER salable skills, but he is indeed highly skilled in this one specialized area.
Why are we so damned quick to demean working class people, and the skills they possess? If it were so very easy to do this little thing, the fatasses sitting in the NSA, CIA, FBI, and Pentagon offices would just go do it themselves.
(Score: 2, Touché) by Anonymous Coward on Monday October 14 2019, @08:46AM (3 children)
Sounds a bit like an Al-qaida or ISIS tranings camp what you describe here.
(Score: 3, Insightful) by Runaway1956 on Monday October 14 2019, @10:00AM (2 children)
It does, doesn't it? Or, most any military or paramilitary organization. And, that is pretty much what is described in the article. They want to send someone to surreptitiously install some chips into specific, targeted mainboards. There is little to indicate whether these chips will be installed at a warehouse, in transit, at the customer's facility, or maybe even at the manufacturer's plant. But, yes, some specially trained person is supposed to gain access, get the job done quickly, and get out without being discovered, OR having the chip discovered by casual inspectors.
(Score: 2) by Reziac on Tuesday October 15 2019, @02:39AM (1 child)
Disguise it as a capacitor, and install it at whatever point you can get access. Make the reasonable assumption that no one counts stuff that's present in groups, even if they know how many are supposed to be there. I don't know if it's possible to put your chip inside a capacitor, but surely it could be hidden inside some other legit chip, or under the CPU socket, or...
My guess is at-the-factory is the point of risk, where it could be worked into the design specs.
And there is no Alkibiades to come back and save us from ourselves.
(Score: 2) by DannyB on Tuesday October 15 2019, @04:04PM
It's more than just the design specs.
In high school days decades ago I had a job sweeping, trash, etc, at a company that made some of the early dual chamber smoke alarms. These devices were made by a group of mostly women who were skilled at soldering. They would mount a circuit board, grab and place various components from bins into holes in the board, solder all those components in place. The finished boards went into bins, that went to other rooms for final assembly of the units. Then burn in testing, packaging, etc.
Now in modern manufacturing, done by machines, a new chip would require altering the manufacturing process to accommodate this new chip. Even if the board were not designed for the chip (eg, holes, circuit traces, etc), some step in the process must pick the new chip from a bin, attach it to the board, and solder its wires to connections. This new chip does not get onto the board and connected by magic.
Now maybe by "design specs" this could mean all of the documentation about how the board is assembled. The BOM (bill of materials) would include this extra chip. It would be purchased in bulk, a bin of those chips would exist along with all other bins of parts that go onto each board. The connections would all be neatly labeled. Humans would, or programmed robots, would add this special chip, and connect it just like all other parts. The people putting the boards together (or setting up the robots to do it) would have little understanding of how the board or its parts actually work. They are simply skilled at putting them together. (or "programming" the robots)
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 3, Interesting) by Anonymous Coward on Monday October 14 2019, @02:18PM
Any sane infiltrator will find it much easier to buy the necessary card from the OEM, then do the rework at home, bring the card with him to the site and then swap the cards. This way people who do the soldering are not the same who don the cloak, sharpen the dagger and under the cover of darkness penetrate the defenses. You can even have a new layer of conformal coating done professionally, at the factory, to hide your changes.
But all of that is known for many decades: if an attacker gains access to hardware, it's game over. The article is just trying to warm up a cold dead body of the original sensational claims sans proof.
(Score: 0) by Anonymous Coward on Monday October 14 2019, @03:04PM
no worries, there will be a microcode update available to re-root the foreign root chip...
(Score: 2) by All Your Lawn Are Belong To Us on Monday October 14 2019, @05:26PM
What's the difference between that and this? [hak5.org]
Oh, one is on the motherboard. Just like things that are on the internet are totally different. I see.
This sig for rent.
(Score: 3, Insightful) by Rupert Pupnick on Monday October 14 2019, @07:28PM (4 children)
An earlier AC already hit the nail on the head: if you allow access to the hardware, you've severely compromised security right off the bat. But even if you do it right by prepping a substitute card in your basement (in which case why bother with adding a chip-- just change contents of non volatile memory), there's no way you're going to be able to do a card extraction and reinsertion in the server room without it being logged somewhere.
Looking at the specific example of the ATtiny85 (a DIP!) added to the ASA 5505 (2 years past EOL, by the way, and it shows), I just find it hard to believe that all the connections are there. Power and ground, sure. But that chip has to pick up a six wire bus, and I don't see enough traces on the surface layer of the board in the photograph in TFA to do that. So the person who did the rework used a dremel tool or equivalent to expose inner layer etch (on the order of 1/1000 of an inch in thickness) and connect to it? With no wires showing? Really? I wish I knew a professional rework tech in industry who could do that. And even a rework pro could not do it without access to the board database and the tools to run it so they could locate the traces.
It's BS.
(Score: 2) by All Your Lawn Are Belong To Us on Tuesday October 15 2019, @04:50PM (3 children)
I'm as skeptical as you are, but possibly just a little less so. Doing a closeup on the proof photo looks like he made direct joint connections to VCC, ground, and PB3. There may be something up on PB2 - it looks like there may be a solder blob at the base of the leg. It's hard to tell from the photo blowup if the pin-8 side legs are passed through the board or just close trimmed to avoid touching two other leads on the board, but it looks to me like those legs would pass through to where a component is mounted on the other side of the board - the rectangle of solder joints on that half of the AT looks like twisted locking legs and not pins. Dunno. Maybe the author did do it, and maybe not. Wonder if anyone independent could test this board in a way that proves it. At any rate, while the soldering looks hideous compared to machine standards you'd have to notice the IC isn't quite quite square enough and then notice it has no component identifier and that it certainly doesn't look like the soldering on the other board components. The point is that it looks kludged but you'd have to notice that from handling enough of those boards and possibly needing to do a purposeful inspection.
So, if you're the nefarious Moriarty looking to hack Sherlock's server the notion is that you puzzle your way through to where you can drop your microcontroller in a way that it gets power and bus access that would not be questioned. The author is asserting this was done on this board. Then manage to intercept a delivery of these boards to the server provider or get access to the data center's supply closet or the manufacturer's shipping department. (And/or have access to the original engineering files and simply drop the chip into the design. "Simple." Ha!!! But not impossible, merely extremely improbable to the point of fantasy). Of all these, how well does your data center guard it's supply room? Maybe good, but almost certainly weaker than the towers themselves. At any rate, you're not the one who's going to the card swap in the server room - the data center's technicians will, after you manage to interfere with their connection in such a way they have to replace the board. Which prompts wondering if you can do that why you didn't just straight hack them directly, but who knows - you may be able to interfere with the connection in a way they'll change the board without having been able to read their data. One possible method would be to take out an account with the center then falsely report errors that could be credibly regarded as being from that board. ("The AE35 unit will fail in 17 hours, Dave....")
It's all a string of improbable stuff, absolutely. But improbable does not mean impossible.
The article is already making the case that we know the NSA is already achieving the same ends. The question is how far down the quality scale has to fall before detection occurs.
This sig for rent.
(Score: 2) by Rupert Pupnick on Tuesday October 15 2019, @08:00PM (2 children)
Pretty much agree with your take except I think it's quite hard to make a connection to the other side of the board without the board database. If there's already a plated through hole there, it's already carrying a signal or voltage and is probably around 12 mil diameter or so. So you will need fine gauge insulated wire to get through there. Difficult, but not impossible. Two wires? Pretty close to impossible. If you want to drill a new hole, you have to make sure you're not drilling out an inner layer trace on any of the intervening signal layers. So that's quite possible if the board isn't too densely routed there and you have that database.
When I started working in telecom 20 years ago, all hardware design had to be "NSA compliant"-- i.e. NSA stuff is already baked into the production design. I don't know exactly what that means in terms of alterations to the original design concept, but suspect it's all buried in integrated logic somewhere rather than extra components.
(Score: 2) by All Your Lawn Are Belong To Us on Tuesday October 15 2019, @08:37PM (1 child)
Yeah, you're very right that it's really improbable. And if you're going to go for a design/production level corruption it is far better to integrate it rather than put it in a discrete location where someone hyperknowledgeable and hypercurious might be able to troubleshoot something down. If you've got the knowledge for one you can assemble the knowledge for the other, although that is much easier to do when you've got nation-state level resources to throw at it.
Looking at the photo one more time it looks like the chip is tapping into one of the ports. (What good it does there I'm not sure). I've had a 5505 in our system but have never cracked the case on one (think it was a 5505 anyway), and I'm not familiar enough to say which one.
I'd still like to be a fly in the wall at the presentation to get the full story on it. And it does make me wonder what a competing nation-state might achieve, not so much what a David Lightman might achieve.
This sig for rent.
(Score: 2) by All Your Lawn Are Belong To Us on Tuesday October 15 2019, @08:38PM
Meh, not familiar enough to say which port it might be tapped into was what I meant,
This sig for rent.