Inside The Wire: Network Attacks Against Physical Access Controls

Presented at THOTCON 0x9 (2018), May 4, 2018, 5 p.m. (50 minutes).

We rely on physical defenses to protect our safety and the security of critical assets. Whether in a dedicated engagement or in the scope of a broader Red Team exercise, traditional assessments of physical security often focus on leveraging physical access to obtain network access. That methodology not only overlooks the broader impact of unauthorized physical access, but ignores the networked technologies that enable modern physical security defenses. In this talk we'll expand on that methodology by exploring multiple field-tested methods of leveraging basic network access to gain persistent, repeatable, and privileged physical access to critical assets and personnel. We will discuss several network level attacks against physical access control systems and demonstrate two remote exploits against two common door controllers. The exploits result in the full control of device functionality, ultimately allowing for the creation physical access backdoors. Finally, we will cover some potential remediation/mitigation strategies and take a look towards the future with possible areas of continued research."


Presenters:

  • Mike Kelly
    Red teamers at Secureworks w/ a combined 14+ years of experience performing network, physical, and embedded device attacks.
  • Chris Carlis
    Red teamers at Secureworks w/ a combined 14+ years of experience performing network, physical, and embedded device attacks.

Similar Presentations: