Physical AttacksIn this article, you’ll learn about the physical side of cybersecurity, and how physical methods can bypass digital defenses.
What we’ll be learning
Not all cyberattacks are restricted to the digital world, and it’s important to understand how physical attacks can have a cybersecurity impact. In this article, we’ll be talking about some types of attacks that bypass electronic security measures, and how physical access can compromise computers and networks.
How Can a cyberattack be physical?
We usually think of the digital world of computers as being separate from the physical world, but that’s not true anymore. Computers are physical objects, which means they can be vulnerable to physical attacks. These attacks might involve an attacker physically interacting with the computer, or involve other physical devices like smartcards or flash drives.
(Not so) smart cards
Smart cards are a popular target for physical hacking. They’re often used for finance or accessing secure areas, and it’s relatively easy to steal information from some types.
One technique you may have heard of is called skimming, where an attacker will use a fake card reader to skim, or copy a card’s data. This is often used for credit cards, but can also be used for other types of smart cards like ID cards. Often, these skimmers are physically attached to legitimate card readers in poorly-monitored areas such as ATMs or gas pumps.
Taking it a step further, smart cards can also be cloned, where data is written to a blank card to create a copy of an existing smart card. This information can be gained via skimming, but some types of smart cards are even easier to copy: Smart cards that uses RFID technology don’t require an attacker to be in physical contact to copy them, and hardware exists which can be fit into a backpack and allows an attacker to automatically steal the data of any nearby RFID cards.
This sort of cloning is a popular strategy among some penetration testers: they might sit on a bench in front of a target building with their backpack next to them while browsing their phone. As soon as an employee sits on the same bench, their card data is stolen.
Malicious USB devices
Smart cards don’t get to have all the fun when it comes to physical attacks: USB drives (also known as flash drives) are a popular way to distribute malware. This malware might be packaged in a form that requires a user to manually run, but some malware is able to automatically and silently execute as soon as the drive is plugged into a computer.
It’s not just storage devices that pose a risk either: There have been documented cases of malicious USB charging cables and charging stations. One example involved a USB charging cable for an electronic cigarette with a small chip loaded with malware hidden inside the connector. When plugged into a computer, it would attempt to install its payload of malware onto the computer, with the user none the wiser.
This isn’t just a small-time technique, either. Stuxnet, a cyberweapon designed to target Iranian nuclear enrichment facilities, was initially delivered via malicious USB drives. The worm then went on to physically destroy the centrifuges used to refine uranium, showing that cyberattacks can have physical consequences as well as physical delivery.
Having physical access to a computer opens up new options for an attacker. For example, stealing a password from a well-locked-down computer might be hard to do purely digitally. However, if an attacker is able to physically install a keylogging device, the process suddenly becomes much easier.
Unencrypted hard drives can have OS-based protections bypassed by simply removing the drive from a computer, and plugging it into a different computer capable of reading its contents. Specialized digital forensics software exists for this specific purpose, making it much easier to browse through hard drives for computers and phones, and find interesting or unusual files. While much of this software is intended for use by ethical hackers, it is perfectly capable of malicious use in the wrong hands.
One of the most difficult and advanced techniques for extracting secrets from a computer involves externally accessing the RAM of a computer while it’s running. This is difficult and requires highly specialized equipment, but it is possible.
Networks aren’t safe from physical attacks either: A network might appear safe behind a firewall, but a hacker who is able to obtain physical access to a network port could connect a microcomputer to the network, and then to cellular data. The microcomputer will then act as a backdoor into the network, allowing the attacker to target computers on that network without having to go through the firewall.
Digital security is important. but physical security cannot be ignored in the field of cybersecurity. Whether you’re doing security for yourself or a large organization, it’s important to be aware of how physical attacks can compromise assets.
Security policies that prohibit plugging in unknown USB devices are a good idea, as is enforcing these policies by disabling unused USB ports in computers’ BIOS. RFID blocking wallets can help protect against keycard cloning, as can using more secure types of smart cards that don’t simply store data.