Tag Archives: Networks

Posted on by

How can hacker hack into Nuclear Reactors isolated networks?

Critical infrastructures like Oilrigs and nuclear reactors have sophisticated level of information security training & solutions to protect against cyber attack. However hackers are thinking one step ahead of security professionals to hack to into critical infrastructure. Critical infrastructures have isolated network thus very difficult to reach through from outside world. For this reason hackers have developed malware like Stuxnet and Flame, which spread via USB devices as lot of information is exchanged using USB storage devices explain ethical hacker Mike Stevens.
USB drives are reusable memory storage devices that are plugged into a computer’s USB port and are commonly referred to as flash drives or memory sticks. You can wipe them any number of times and use them for different purposes.
The USB drives are so common these days that hackers have started writing malwares specifically to target them. Using these malwares hackers are able to hack into isolated networks like in nuclear plants. In this article we are going to talk about USB related malware with the help of information security solutions experts.

DESIGN OF USB DISK

A USB flash drive is a data storage device that includes flash memory with an integrated Universal Serial Bus (USB) interface. A flash drive consists of a small printed circuit board carrying the circuit elements and a USB connector, insulated electrically and protected inside a plastic, metal, or rubberized case. Most flash drives use a standard type-A USB connection allowing connection with a port on a personal computer, but drives for other interfaces also exist. USB flash drives draw power from the computer via the USB connection.

Below mentioned are the parts of a flash drive:

Standard-A USB plug – provides a physical interface to the host computer.
USB mass storage controller – a small microcontroller with a small amount of on-chip ROM and RAM.
NAND flash memory chip(s) – stores data (NAND flash is typically also used in digital cameras).
Crystal oscillator – produces the device’s main 12 MHz clock signal and controls the device’s data output through a phase-locked loop.
Cover – typically made of plastic or metal, protecting the electronics against mechanical stress and even possible short circuits.
Jumpers and test pins – for testing during the flash drive’s manufacturing or loading code into the microprocessor.
LEDs – indicate data transfers or data reads and writes.
Write-protect switches – Enable or disable writing of data into memory.
Unpopulated space – provides space to include a second memory chip. Having this second space allows the manufacturer to use a single printed circuit board for more than one storage size device.

Some drives offer expandable storage via an internal memory card slot, much like a memory card reader. Most flash drives ship pre-formatted with the FAT32, or ExFat file systems. Sectors are 512 bytes long, for compatibility with hard disk drives, and the first sector can contain a master boot record and a partition table.

USB MALWARES
There are two kinds of USB malwares first is are USB disk firmware malware and second one is normal computer malware that run on USB disks Ghost malware. We are going to cover more details of each of these malware and how hackers are using them hack into isolated network of critical infrastructures like power plants, nuclear reactors etc.

1.USB mass storage controller Firmware Based Malwares

Hackers make these malwares by reprograming the firmware on USB mass storage controller removable USB drives. As the malware is injected inside the firmware, which is on the micro controller and not on flash memory (where we stores our files), the antivirus cannot detect the malware or its activity.
Mike Stevens, information security training explains that once the malware is injected inside the firmware the USB disk can do the following

1. The USB firmware malware can emulate a keyboard and issue commands on behalf of the logged-in user, for example giving root access to the hacker and infect other devices in the network.
2. The USB disk can act as network card and change the computer’s DNS setting to redirect traffic.

Trust given by Windows, Mac, and Linux operating systems to Human Interface Devices (HIDs), such as keyboards, network cards is the reason behind this attack. As activities performed by the malware appear as though a logged-in user performed those activities. The USB with malware in firmware is detected as a HID by an operating system, and malware runs the script to give root control to the hacker. Antivirus cannot detect this kind of threat as antivirus thinks that a user is logged in and user gave access to a trusted person.

There are 3 different kinds of attack based on USB mass storage controller Firmware.

1.1 BADUSB

As explained before the an attacker will take a regular USB disk which contains a small microprocessor, inject malware into firmware and take root control of the computer with help of this malware. This type of USB is called BADUSB.

Types of attacks with BADUSB

Spoof as USB of 4 GB however it has a space of 32 GB where it will use rest of space to copy the data and later on upload to hacker server. Thus when you format the disk you only format 4 GB of space.
Spoof as a keyboard or mouse.
Spoof as a network adaptor.
Spoof as a phone or tablet.
Spoof as a webcam.
Spoof as an authentication bank token.
Spoof as printers and scanners.
Spoof as a Type-C plug for both power and data for new Mac book, Chromebook Pixel. For all its versatility, Type-C is still based on the USB standard, which makes it vulnerable to a nasty firmware attack. Thus would be attack via power cord.

HOW TO CREATE BAD USB

STEP 1. Check for micro controller details

The first check the details about controller and the associated firmware. You need software like ChipGenius, CheckUDisk, UsbIDCheck, USBDeview to determine that. These are open source software and are easily available. They will provide you Chip Vendor, Part-Number, Product Vendor, Product Model, VID, PID.

STEP 2. Restoring the original firmware and check the firmware (Optional Step)

You can use the step to repair your USB also if for some reason you brick it. You can visit website like flashboot.ru and check for restoring software.
You can use VID and PID found in previous step to search for flashing software. You can download the MP (Mass Production) Tool like USBest UT16 tool according to your PID, VID and then flash the controller. This will restore your USB completely as new USB as per information security solutions experts.

STEP 3. Preparing for the injection of firmware with malware

We will cover the scenario of Toshiba USB drives having Phison controller. The tools needed are available on GITHUB.

You need to install Windows with .NET 4.0 installed and Visual Studio 2012
SDCC (Small Device C Compiler) suite to C:Program FilesSDCC (for building the firmware and patches) and reboot the machine after installing these.
Double click on DriveCom.sln, this runs Visual Studio. Run the project and compile. Then the DriveCom.exe is in the tools folder.
Do the same with EmbedPayload.sln and Injector.
Run DriveCom as below to obtain information about your drive:
DriveCom.exe /drive=E /action=GetInfo
where E is the drive letter. This should tell you the type of controller you have (such as PS2251-03 (2303)) and the unique ID for your flash chip.

STEP 4. Performing Flashing firmware operation

For flashing you will need burner images. These burner images are typically named using the following convention:
BNxxVyyyz.BIN
where xx is the controller version (such as 03 for PS2251-03 (2303)), yyy is the version number (irrelevant), and z indicates the page size.
z can be either:
2KM — indicates this is for 2K NAND chips.
4KM — indicates this is for 4K NAND chips.
M — indicates this is for 8K NAND chips.

You can download the burner image from Internet from websites like USBDEV.ru.
To build the custom firmware, open a command prompt to the “firmware” directory and run build.bat. You can try with firmware FW03FF01V10353M.BIN as 1.03.53.
The resulting file will be at firmwarebinfw.bin, which you can then flash to your drive.
It will also produce a firmwarebinbn.bin file, which is the burner image equivalent of the code.

STEP 5. Dumping the firmware

Once you have the image, enter boot mode by running:
DriveCom.exe /drive=E /action=SetBootMode
where E is the drive letter. Then transfer and execute the burner image by running:
DriveCom.exe /drive=E /action=SendExecutable /burner=[burner]
where E is the drive letter and [burner] is the burner image file name.
You can then dump the firmware by running:
DriveCom.exe /drive=E /action=DumpFirmware /firmware=[firmware]
where E is the drive letter and [firmware] is the destination file name

STEP 6. Injecting the malware into firmware

As per ethical hacking training professor of IICyberSecurity you can learn how to create an exploit payload and inject it in any code. However you can also get script from Rubber Ducky GItHUB page and with the help of Duckencoder you can create an inject.bin file from your script.
You can inject the payload into the firmware by running:
EmbedPayload.exe inject.bin fw.bin
Where inject.bin is your compiled Rubber Ducky script and fw.bin is the custom firmware image.

STEP 7. Flashing the firmware on USB disk controller.

Once you have the burner image and firmware image, flash it by running:
DriveCom.exe /drive=[letter] /action=SendFirmware /burner=[burner] /firmware=[firmware]
where [letter] is the drive letter, [burner] is the burner image name, and [firmware] is the firmware image name.

The above steps will lead to creation of BADUSB and this USB can be used to hack and do penetration testing. You can also create BADSD card which can used in phones and tablets to hack them. You can find in internet the video of information security solutions researchers showing how to modify the firmware of the SD card and inject malware into them.

1.2. USB Rubber Ducky or UKI (USB Key Injector)

Instead of creating your own firmware USB you can also buy USB that are sold in markets like USB Rubber Ducky or UKI (USB Key Injector). You can learn more USB Key Injector and USB Rubber Ducky in information security training of International Institute of Cyber Security.

1.3 Teensy micro controller board

Using a Teensy micro controller board with various types of software in order to imitate HID devices is the most traditional method. You can learn more about teensy in ethical hacking training.

2. GHOST USB Malware

This is like a normal malware but it runs only on USB devices and when it is inside a computer doesn’t do any activity. Criminals often use such methods to compromise isolated networks that are not accessible through Internet. The malware of this kind that was discovered recently was FLAME. In the case of Flame, the malware created a folder that could not be seen by a Windows PC, hiding the application and stolen documents from the user, mentions information security solutions expert. This opened up the possibility that people unknowingly carried Flame from PC to PC. Malware-carrying USB drives are effective in isolated networks holding highly sensitive documents, because portable storage drives are typically used to transfer data between computers on separate networks.
Flame can spread to other systems over a local network (LAN) or via USB stick. It can record audio, screenshots, keyboard activity and network traffic. The program also records Skype conversations and can turn infected computers into Bluetooth beacons, which attempt to download information from nearby Bluetooth-enabled devices. This data, along with locally stored documents, is sent on to one of several command and control servers of hackers. The program then awaits further instructions from these servers.

Prevention Measures

How to protect yourself from BADUSB, USB Rubber Ducky kind of devices

As per nuclear plant information security solutions expert Taylor Reed of iicybsecurity you can take following steps.

1. Connect only USB devices from vendors you know and trusted USB devices. For critical infrastructure like nuclear power plants and Oil Rigs, use devices which have firmware signed and secured by vendor in case somebody tries to break the firmware the devices will not work.
2. Keep your anti-malware updated. It will not scan the firmware but it should detect if the BadUSB tries to install or run malware.
3. Implement advance information security solutions, which will monitor the use of devices connected to your computer and any additional USB keyboard will be blocked.

How to protect yourself from GHOST USB malware

1. Keep your anti-malware updated.
2. Use Ghost USB Honeypot. Ghost is a honeypot for detecting malware that spreads via USB devices. The honeypot currently supports Windows XP and Windows 7.
3. The way Ghost works is that it first tries to emulate a USB thumb drive. If the malware identifies it as a USB thumb drive, it will trick the malware into infecting it. Ghost then looks for write-based requests on the drive, which is an indication of a malware. You can learn more about Ghost USB honeypot in ethical hacking training.

USB malware are very dangerous and immediate measures should be implemented to ensure the IT infrastructure security with the help of information security solutions experts.

As per ethical hacking training professor of IICyberSecurity you can learn how to create an exploit payload and inject it in any code. However you can also get script from Rubber Ducky GItHUB page and with the help of Duckencoder you can create an inject.bin file from your script.
Posted on by

Digital Signage: Software, Networks, Advertising, and Displays: A Primer for Understanding the Business (NAB Executive Technology Briefings)

Digital Signage: Software, Networks, Advertising, and Displays: A Primer for Understanding the Business (NAB Executive Technology Briefings)

Digital Signage: Software, Networks, Advertising, and Displays: A Primer for Understanding the Business (NAB Executive Technology Briefings)

Digital Signage gives you macro and micro views of the burgeoning digital signage industry. Whether you are looking for new opportunities or to expand your business, with this book you will be able to clearly understand and accurately analyze the developments, trends and projections. As part of the NAB Executive Technology Briefing series, this book features the future impact of the technology across many different industries and platforms. Explanations of hardware such as displays, servers, an

Price:

Posted on by

Digital Signage Networks and Higher Learning

Why are digital signage networks popping up on campuses across North America? Because they are one of the few media still being heeded by people 18 to 24 years of age.

While digital signage networks are novel enough to generate “oohs” and “aahs” among audiences of all ages, it is the university and college-aged crowd that is the most responsive. Conversant with technology from a very young age, they are highly receptive to messaging delivered via digital signs. And with the potential for interactivity, digital signage networks of the future hold even more promise as the ideal medium to engage students.

Why Digital Signs Have Such Strong Appeal

Retailers have discovered the value of digital signage networks for directing very specific advertising to a narrowly defined target audience. Hence the term “narrowcasting” which refers to messaging that reaches a particular audience in a particular place, as opposed to broadcasting which reaches a broad, widely-dispersed audience through traditional media like radio and TV.

Other sectors have begun using digital signage for more than advertising. Airports use it to provide information to passengers, banks use it to occupy waiting customers and hotels and conference centers use it to help visitors find their way.

All of these uses have met with positive response from their audiences. But the response at campuses has been even greater. As a recent guide from Digital Signage Today points out, digital signage networks are the “perfect marriage of ideal audience and ideal technology”. Today’s students welcome new technology and are keen to be the first adapters of new gadgets and gizmos. Knowing this, many university administrators have turned to digital signage networks to communicate with this iPod-wearing, Facebook-using, cellphone-and-Blackberry-addicted generation.

On-Campus Uses of Digital Signage Networks

How are digital signs being used in colleges and universities (and even some high schools)? Administrators use the signs to post important announcements and emergency information. Various departments use digital signs in their buildings to communicate messaging relevant to their students. Student councils, sports teams and clubs post information about upcoming events.

Digital signs have become virtual bulletin boards, placed at strategic locations -like libraries, student centers, bookstores and cafeterias – where they can reach the most students. Using RSS feeds, schools can provide up-to-the-minute, current and relevant information to their students much more quickly and efficiently than they could with the corkboards and paper messages of old.

Some universities sell advertising space on their digital signs to generate revenue. Knowing their media-savvy audience, most incorporate marketing and promotional material in small doses and are sure to display it alongside informational messaging so students do not come to view the signs as just another advertising platform.

The Future

What’s next for on-campus digital signage networks? Interactivity using wireless technologies like Bluetooth or SMS. In its guide on education and digital signage, Digital Signage Today discusses East Carolina University which is set to allow students to vote or respond to polls posted on digital signs using their cell phones. This is just one application of interactivity, but the potential for more is there.

Is this function useful? Maybe. Necessary? Probably not. Cool? Definitely. And it is this last trait that will keep students interested and engaged in digital signage networks while they are on campus and after they leave to join the workforce.

For more information on digital signage, contact a narrowcasting expert at http://www.ek3.com/digital-merchandising-products/digital-signage.htm
Posted on by

Adspace Networks Converts to BroadSign International, LLCs Digital Signage Software

New York, NY (PRWEB) April 03, 2014

Adspace Networks, owner and operator of Adspace Digital Mall Network, the largest Nielsen-measured digital place-based video network in the United States, announced today that it has selected BroadSign International, LLC’s digital signage software to power its displays in over 200 of America’s best malls.

Adspace has been aggressively expanding network partnerships, resulting in a broad range of different screens, configurations and formats. The scope, complexity and quality of the network’s content have also increased. To accommodate this growth and ensure their digital signage needs would be met moving forward, the company required a partner with a more robust operating system and a history of innovation to meet their clients’ changing needs. BroadSign was selected as the best match for these factors, as well as for its extensive programmatic ad placement capabilities. The conversion to BroadSign’s software platform began in March and is expected to be completed by the end of April.

“Adspace reaches 48 million individuals across the country’s top 45 DMAs every four weeks by providing programming that enhances the shopping experience,” said Peter Krieger, President and COO at Adspace Networks, Inc. “We decided to convert to BroadSign’s digital signage software because it’s a seamless fit for us to ensure viewers are exposed to constant uptime and premium playback, and can handle our dynamic data requirements over a myriad of platforms. Moreover, BroadSign has made a strong commitment to programmatic and real time buying execution, which we see as a major driver of our industry’s growth.”

Skip Beloff, BroadSign’s Vice President of Sales, said, “Adspace displays are viewed at a high frequency by shoppers in the United States’ most superior malls and as such, every facet of the network must bring quality performance. I’m certain that BroadSign’s robust and scalable platform, along with our BroadSign Connect solution, will satisfy these expectations.”

BroadSign is an industry leader, singularly focused on digital place-based advertising and dedicated to adapting to its partners. As an important element of place-based advertising, BroadSign has incorporated proper programming and coding bandwidth to handle programmatic requests; this provides third party verification and a more robust proof of performance system for partners and customers.

Both BroadSign and Adspace are members of the Digital Place-based Advertising Association and Outdoor Advertising Association of America. For more information about BroadSign digital signage software, book a meeting with a BroadSign representative at the upcoming TAB/OAAA conference.

About BroadSign

BroadSign International, LLC is the first global provider of cloud-based software for digital signage networks. Its platform was designed exclusively as a management system for media companies operating digital out-of-home and digital place-based media networks, giving them an unlimited capacity for growth without adding personnel. After over a decade in the industry, BroadSign’s latest incarnation, BroadSign X, has become a mature and reliable fit for all digital signage software needs and its Android-based smart player, BroadSign Xpress, has decreased the cost of deploying digital signage compared to PC-based hardware alternatives.

BroadSign’s constant growth, extensive network and dedication to predicting and responding to industry trends make its digital signage solutions a safe bet for the future of networks with even the most complex of requirements. For more information about BroadSign, visit http://broadsign.com.

About Adspace Networks, Inc.

Adspace Networks, Inc. (http://www.adspacenetworks.com) owns and operates the Adspace Digital Mall Network, the largest Nielsen measured digital place-based video network in the country. Currently located throughout 205 Class A malls across the United States, the network consists of 2,878 HD “Smart Screens” in two formats: nine foot “floor mounts” in portrait format and 42 to 63 inch “aerials” in landscape format. The Smart Screens show programming that enhances the shopping experience; combining a mix of the best deals, latest fashion trends, hot new merchandise, style tips, local weather, and entertainment news. The network reaches 48 million unique individuals each month (source: Scarborough), and is particularly effective at reaching teens, young men, and women of all ages. Adspace is also a charter member of the Digital Place-based Advertisings Association (DPAA), an organization that is helping to provide standards and best practices for the burgeoning, digital place-based video advertising industry.







Posted on by

Federal Heath Sign LLC and ScreenScape Networks Inc. to Offer Joint Media Solution

Ocean Ranch, CA (PRWEB) April 03, 2014

Federal Heath Sign Company LLC today announced a joint initiative with ScreenScape Networks Inc. to offer its customers a full service, single source solution for place-based media.

The partnership combines the industry leading product and services of Federal Heath, needed to deploy the physical equipment across a national network of retail locations, with the internet-style networking and content sharing of ScreenScape, an emerging technology leader. Using ScreenScape’s software-as-a service platform, marketers can push their own digital promotions to screens mounted inside any number of venues with the simple click of a mouse.

“The potential for place-based media to lift sales and control mindshare at retail has created a strong demand for new customer engagement technologies,” said President and CEO of Federal Heath Kevin Stotmeister. “The road to success in this competitive new digital arena is all about choosing the right technology and the right partner to deliver an effective and consistent brand experience in the specific locations where buying decisions are made.”

Federal Heath has been steadily advancing into the digital signage area and now introduces Ingage Digital under its Ingage Solutions brand. Through its new relationship with ScreenScape, Federal Heath now has access to a unique software platform that can power multiple digital signage networks simultaneously.

“Federal Heath has more experience in deploying retail signage across a range of industries than any company in the United States” said ScreenScape CEO Mark Hemphill. “We know how important effective project management is to successful, scalable digital signage deployments. The greater the number of retail partners that participate, the more attractive the network becomes to its operators, its brand partners and a variety of different kinds of interested marketers.”

About ScreenScape Networks

ScreenScape Networks Inc is the first global platform for place-based media. Based on the software-as-a-service (SaaS) delivery model, ScreenScape enables its members to turn any Internet-connected computer or screen into a dynamic digital display. Together, members of ScreenScape form a massive community, which acts as a shared resource for content creation, cross promotion and advertising revenue. For more information, please visit http://ScreenScape.com.

About Federal Heath

Federal Heath Sign Company provides innovative, comprehensive and consistent solutions for sign product and maintenance requirements. The company supplies quality, electric signage to high profile companies in the retail, restaurant, hotel, finance, petroleum, automotive, corporate identification and gaming markets. Federal Heath has more than twenty offices nationwide, including four state-of-the-art manufacturing facilities. For more information about Federal Heath Sign Company, please visit us at http://www.federalheath.com.

###