Learn more about our ongoing cybersecuity research.


Pulling MikroTik into the Limelight

Pulling MikroTik into the Limelight presentation deck as presented at RECon 2022

Who Owns Your Kernel?

Presented at Summercon 2021, we discuss the open source supply chains, information operations targeting them, and how to identify these attacks (with some crazy examples of course). This project, to explore and protect the integrity of open source code, was funded via DARPA's SocialCyber program.

Out-of-Order Execution as a Cross-VM Side-Channel and Other Applications

In this paper, we introduce a novel side-channel which functions across virtual machines. The side-channel functions through the detection of out-of-order execution. We create a simple duplex channel as well as a broadcast channel. We discuss possible adversaries for the side-channel and propose further work to make the channel more secure, efficient and applicable in realistic scenarios. In addition, we consider seven possible malicious applications of this channel: theft of encryption keys, program identification, environmental keying, malicious triggers, determining virtual machine co-location, malicious data injection, and covert channels.

Firmly Rooted in Hardware

Practical protection from firmware attacks in hardware supply chain.

Huawei and the Third Offset

In order to effectively mitigate the security risks posed by Huawei, the U.S. Department of Defense needs to fund and integrate cutting-edge technologies from the private sector.

Although concern over Huawei’s implications for national security remains high, current U.S. strategies against Huawei have largely been framed as a counter to Chinese spying and focused on retrospective actions, such as lobbying allies against adopting Huawei’s 5G kit (when those allies’ mobile networks are already dependent on Huawei infrastructure), and using the Department of Justice (DOJ) to hold Huawei accountable for intellectual property theft and sanction violations. Unnoted by many, however, is that Huawei’s actions are part of the military competition between Beijing and Washington, a cycle of technology offsets and counter offsets to offsets.

Read the Full Post from the Link Below:

In Search of Lost Bytes, “Assurance Under Low Trust Conditions”

Digital markets have quickly grown to international proportions, complexities in materials, development, and distribution have developed accordingly, resulting in market efficiency.

When expanding any supply chain for an IoT voting machine to an entire national infrastructure, cost, reliability, and security of the alien component is taken into account. However, often overlooked is the incalculable risks associated with failings from any number of attributes tied to the supplier.

There is a fine line between acceptable and irreconcilable risk, and mitigations only serve to reduce risk. While some risks are avoidable, others are not, and ignoring the facts has disproportionate consequences. This presentation will explore modern supply chain security risks and mitigations by showcasing the technical details of several security vulnerabilities, calculated risk, and difficulty in fully mitigating them through a technical deep dive of 5G infrastructure.

The Risks of Huawei Risk Mitigation

While there is widespread agreement that Huawei devices in 5G infrastructure pose some risk to the U.S. and allied nations, the policy community—in particular the U.K.’s National Cyber Security Centre—has paid insufficient attention to the technical aspects. The discussion must examine not simply whether China would use this technology maliciously, but the specific threats that Huawei equipment could pose and the extent to which these threats can be mitigated. This is especially important in the face of recent news that the U.K.’s National Security Council has okayed the use of Huawei technology for the country’s new 5G network.

Read the Full Post from the Link Below:

Hacking the Motherboard – Exploiting Implicit Trust in all of the Forgotten Places

Our economy is becoming more specialized and more and more tasks are being automated. We must have confidence in these systems and the technical infrastructure that supports them. However, this confidence relies on too much implicit trust – overlooking serious risks. Assurance in this area is hard won, manual, and costly.

Last year, Bloomberg’s Big Hack article gave everyone a – questionably accurate but – much needed scare which forced companies to evaluate their exposure to supply chain intervention attacks. We need to understand the attack vectors and the inherent hardware vulnerabilities used by these backdoors, as well as the steps we can take to protect ourselves.

Several recent hacks highlight this problem including the ASUS software update hijacking, the SuperMicro supply chain, and the political-economic arguments for Huawei 5G. Including a technical overview of various types of hardware implants, the access they enable, and what we should be doing to detect and mitigate.