LAS VEGAS – The temperature is expected to be in the 100s in Nevada throughout this week’s Black Hat 2011 security conference, but the real heat will be on software companies and the people responsible for securing their products.
The amount of mobile malware has been increasing.
Neil Daswani, CTO, Dasient Inc.
Security researchers will demonstrate new hacking techniques that probe networking devices, exploit holes in common database management systems and target vulnerabilities deep inside various operating systems. Other experts will reveal research into the destructive power of new, more sophisticated malware strains designed to remain virtually undetectable long after they penetrate target systems.
While the Black Hat presentations raise concern, nearly all security researchers hope their work will aid in finding new ways to lock down sensitive systems and develop new threat-detection capabilities.
Security researcher Don Bailey will demonstrate how to remotely hijack a car alarm system, starting the vehicle by simply sending it a message. Bailey, a security consultant with security consultancy iSec Partners, has conducted extensive research into weaknesses in GSM wireless phone networks. Bailey claims the attack is possible because most car alarms use a common interface and the GSM wireless network to receive commands. The attack is wide-reaching because it can work on traffic-control systems and GPS devices.
Bailey plans to release tools to help researchers identify devices that connect and remain idle on cellular networks. The software will allow mobile researchers to develop their own device profiles and methods to interact with devices. The goal is to build in a set of new security controls on the devices.
Meanwhile, another focus this week will be the Rustock spambot, a notorious botnet that was at one point responsible for 60% of the world’s spam. Two researchers at Milpitas, Calif.-based security vendor FireEye Inc. plan to show off their contribution in taking down the botnet. Julia Wolf and Alex Lanstein of FireEye’s Malware Intelligence Labs said the techniques used in Operation b107, Microsoft’s coordinated legal and technical action against the botnet, can be generalized for the takedown of other botnets. The action enabled Microsoft to seize control of the servers behind Rustock, allowing researchers to analyze their contents.
“Law enforcement has a hard time prioritizing cases where you can’t attach a dollar figure in damages to it,” Lanstein said in an interview with SearchSecurity.com. “Microsoft and Pfizer were able to demonstrate that Waledeck and Rustock were able to show damages to their brand, which helped gain access to servers that we never had complete access to before.”
Neil Daswani, CTO of Palo Alto, Calif.-based Dasient Inc., will demonstrate an attack against an Android smartphone that uses a flaw in its Webkit browser engine and a coding error in Skype to bypass Android’s sandbox isolation security feature. Daswani said malware that targets smartphones will need to be designed to find a way around most mobile operating system security restrictions.
“The amount of mobile malware has been increasing,” Daswani said. “It’s not yet time to sound five silent alarms, but if we are to make sure the future of mobile commerce is bright, we do need to ensure that threats do get addressed.”
The focus will turn to weaknesses in cloud architecture when two members of WhiteHat Security Inc.'s Threat Research Center, Matt Johansen and Kyle Osborn, show off serious holes in Google Chromebooks, notebook computers that run the Google Chrome OS. Users of these new devices primarily use the Chrome browser to navigate the operating system and access email, files and other documents on the Web.
In a Black Hat webinar last month, Johansen said the Chromebook platform is open to Web browser attack techniques. It uses a browser-extension trust model, Johansen said, and those extensions act like Web applications, which can be attacked using the same techniques that cybercriminals have been using for years.
“The exploits might look a little different, the target is not your hard drive or your CPU power, but I want your information,” Johansen said. “We were able to steal your contacts and your session and I have some more cool things we were able to do that we’ll demonstrate at Black Hat.”