Home > Ask the Security Experts > Network Security Questions & Answers > What are 'phlashing' attacks?
Ask The Security Expert: Questions & Answers
EMAIL THIS

What are 'phlashing' attacks?

Mike Chapple, featured expert EXPERT RESPONSE FROM: Mike Chapple, featured expert

Pose a Question
Other Security Categories
Meet all Security Experts
Become an Expert for this site


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


>
QUESTION POSED ON: 16 August 2008
I've read recently about "phlashing" attacks. Are theoretical attacks like phlashing effective ways to attack an organization, should we be prepared for them, and are they a serious threat to network hardware?

>
Phlashing attacks target network devices and other hardware systems that rely upon firmware to contain their operating systems. In this type of attack, the hacker uploads, or "flashes," non-authentic firmware to the device under the guise of a legitimate firmware update. However, the hacker's firmware contains malicious code that provides a back door into a network or permanently disables, or "bricks," the device. This use of phlashing has earned the technique the alternative moniker of permanent denial-of-service (PDoS) attack.

Phlashing is more than theoretical: it's been demonstrated at conferences, like London's EUSecWest security conference in May 2008. You're correct to point out that there hasn't been a widespread outbreak in the wild. Nevertheless, enterprises should fortify devices to protect against this type of attack.

The best advice I can give you is to never connect the management interface of a device to a public network. Doing so invites trouble by making it possible for an attacker to upload non-authentic firmware. Ideally, such devices belong on their own private control network, accessible only to administrators with a legitimate need to configure the devices.

More information:

  • Learn more about how phlashing attacks can damage systems beyond repair.
  • Get the latest news and expert advice on denial-of-service prevention.


    • BROWSE BY TAG
    Network Security,   Network Intrusion Detection and Analysis,   Enterprise Network Security,   Denial of Service (DoS) Attack Prevention,   Emerging Information Security Threats,   VIEW ALL TAGS

    Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



    RELATED CONTENT
    Network Security
    How to set up a split-tunnel VPN in Windows Vista
    What is the difference between static and dynamic network validation?
    Port scan attack prevention best practices
    Securing the intranet with remote access VPN security
    How to prevent network sniffing and eavesdropping
    How to implement virtual firewalls in a complex network infrastructure
    How to manage network bandwidth with distributed ISP bandwidth
    How to edit group policy objects to give a user local admin rights
    How to prevent operating system cloning with AES 256-bit encryption
    How to securely connect a LAN POS to a remote point-of-sale device

    Denial of Service (DoS) Attack Prevention
    VeriSign extends DDoS attack protection service
    Conficker authors prepping for next stage, researcher says
    Latest DDoS attacks extremely unsophisticated, experts say
    DDoS attacks hit U.S., South Korean government websites
    How to prevent a denial-of-service (DoS) attack
    I'll be watching you: Wireless IPS
    How to prevent DDoS attacks on websites
    How to prevent network denial-of-service attacks
    Could someone place a rootkit on an internal network through a router?
    Black Hat 2007: Estonian attacks were a cyber riot, not warfare
    Denial of Service (DoS) Attack Prevention Research

    Emerging Information Security Threats
    Hackers to sharpen malware, malicious software in 2010
    Modern malware, stealthy botnets, adapt quickly, expert says
    New ransomware Trojan pushes victims to buy software
    Bruce Schneier on outsourcing, awareness training
    US-CERT warns of BlackBerry snooping software
    Marcus Ranum on cyberwarfare, infosec careers
    Researchers find thousands of flawed embedded devices
    Enterprise botnets contain thousands of malware variants
    Nuke and pave to eradicate botnets
    Rand study urges caution on cyberwarfare attacks

    RELATED GLOSSARY TERMS
    Terms from Whatis.com − the technology online dictionary
    Electrohippies Collective  (SearchSecurity.com)
    packet monkey  (SearchSecurity.com)

    RELATED RESOURCES
    2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
    Search Bitpipe.com for the latest white papers and business webcasts
    Whatis.com, the online computer dictionary



    Search and Browse the Expert Answer Center
    Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
    Browse our Expert Advice



    Find Security Solutions for Your Business
    TechTarget Security Media
    Information Security View this month\\'s issue and subscribe today.
    Information Security Decisions Apply online for free conference admission.
    		SearchSecurity.com
    HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
    SEARCH :     Site Index Powered by: Search Powered by Google

    About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
    TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

    TechTarget Corporate Web Site  |  Media Kits  |  Site Map




    All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy     		  TechTarget - The IT Media ROI Experts