Snooping on Cellular Gateways and Their Critical Role in ICS

Presented at Black Hat USA 2018, Aug. 9, 2018, 9:45 a.m. (50 minutes).

To keep up with the growing demand of always-on and available-anywhere connectivity, the use of cellular, in comparison to its wireless mobile connectivity counterpart in the electromagnetic spectrum, is rapidly expanding. My research in the IoT space led me down the path of discovering a variety of vulnerabilities related to cellular devices manufactured by Sierra Wireless and many others. Proper disclosures have occurred; however, many manufactures have been slow to respond. This led into examining numerous publicly disclosed vulnerabilities that were considered "low-hanging-fruit" against cellular devices and other cellular-based network modems that are often deployed as out of band management interfaces. The research expanded through the details provided in configuration templates available by each device including the following: - Wireless Network Information - IPSec Tunnel Authentication Details - Connected devices and services Focusing on an obfuscated series of examples to protect the organizations, people, and companies identified; this presentation focuses on the services and systems information of the following, commonly deployed cellular-connected devices to provide an in-depth look at what is easily possible: - Emergency Response systems - Resource collection systems - Transportation Safety - Out of band management

Presenters:

  • Justin Shattuck - Principal Threat Researcher, F5 Networks, Inc.
    Justin Shattuck is a Principal Threat Researcher for F5 Labs. He has been an avid threat hunter for most of his life and continually tracks attack campaigns and threat actors. He routinely participates in takedowns and helps to inform various law enforcement agencies of nefarious cyber activity. Justin has been a security product developer and researcher for over 15 years. Most recently he was the Manager of Product Development for F5 Silverline where he was responsible for developing features and enhancements to F5 Silverline's managed security services including Web Application Firewall and DDoS attack mitigation.

Links:

Similar Presentations: