Learn, hack!

URL

http://events.ccc.de/camp/2011/Fahrplan/attachments/1883_m2m.pdf

File name

1883_m2m.pdf

File size

2.8 MB

MD5

288561e1a71547fca3549344728fb3bc

SHA1

73f7eb57159a2e0c5ca8769a320e51034c8f165a

Today, more and more real-world things and machines are equipped with some kind of connection back home to the vendor. Such machine-to-machine (M2M) communication is often poorly secured and some day, the shit will hit the fan! Due to the wide availability of broadband internet and mobile communication, the number of embedded systems that come with a network connection is constantly increasing. These devices are ubiquitous and used in a wide range of applications: smart grid, building management, surveillance, traffic control and individual vehicles. Those embedded devices are often poorly secured, if at all. But things get a lot worse: Vendors often don't take into account, that a device might get compromised, thus giving the attacker access to their network. This talk will give an overview over general machine-to-machine (M2M) communications and corresponding attack scenarios. In addition to wired systems, wireless systems will be considered. Of the latter, GSM based systems are the most interesting. Several ways to attack an embedded device, extract secret data and gain network access will be shown. Finally, some good and bad attempts to enhance the security of M2M systems will be presented.