|
|
||||||
![]() |
||||||
![]() |
||||||
![]() |
||||||
|
||||||
![]() |
![]() |
![]() |
![]() |
![]() |
![]() |
![]() |
|
||||||
OEMs Beware: These Days, Anything Can Be HackedImagine you're groggily driving to work one Monday morning when you're abruptly pulled out of your sleepy state by an unexpected spray of washer fluid across your windshield. You quickly turn on your wipers to rescue you from blindness when your music suddenly starts playing at a deafening volume. You can't get either distraction to stop, so you start to panic — what else could go wrong, and why is it happening?
The above scenario is child's play compared to what a hacker sitting at home with a laptop can do. Imagine if they'd decided to lock up your steering wheel or disable your brakes? The fear is all too real. For many of us, getting hacked is our worst nightmare. We live in fear that someone will get ahold of our credit card information, Social Security number, or proprietary work documents. Unfortunately, the dangers are no longer limited to cyberspace. Hopefully, today's electronics OEMs are equally concerned about addressing these potential threats. Today's hackers can gain control of and manipulate your real-world environment, too. Let's take a look at how this is accomplished using some real-life examples and how electronics manufacturers should be getting involved. Exploiting hardware flaws If you're starting to feel a bit paranoid about the idea of strangers having the ability to access your physical space, then this example will put you at ease — in the sense that there's validation for your concern. Rowhammer, a new technique created as an example by Google researchers, is the main culprit. Rowhammer actually taps into the physical properties of computers, targeting dynamic random-access memory (DRAM) until it glitches and grants access to the computer's operating system. Rowhammer is a particularly interesting technique, as it goes "around" the operating system and firmware to change the system in ways that are invisible — all the better to avoid triggering any security alarms. Some new versions of RAM protect against this in various ways, such as faster refreshing of data, but there's a lot of old memory out there with a lot of valuable information stored on it. But Rowhammer is just one approach. Flip Feng Shui, for example, builds off of Rowhammer to "flip a bit in a memory page" to get at a vulnerable memory location. There are also the side-channel attacks, which allow exfiltration of data on air-gapped machines (machines not connected to the network). This is accomplished using software that sends the data via other means, such as the sound made by your computer or hard drive, the electromagnetic emissions from the screen, and so on. It may sound like a side plot from Mr. Robot, but operating system smarts can't block attacks aimed at hardware flaws like as these. ![]() |
![]() |
![]() |
![]() |
EBN Newswire
EBN Dialogue / LIVE CHAT
![]() EBN Dialogue enables you to participate in live chats with notable leaders and luminaries. Open to the entire EBN community of electronics supply chain experts, these conversations see ideas shared, comments made, and questions asked and answered in real time. Listed below are upcoming and archived chats. Stay tuned and join in!
Archived Dialogues
![]() Live Chat 01/15: CPOs Re-Shape Their Business Roles
Increasingly chief procurement officers (CPOs) are re-shaping their organizational role to focus on creating results far beyond cost controls. A new IBM survey explores how. ![]() Live Chat 11/12: Examining the Cyberthreat to Supply Chains
The number of cyberattacks is on the rise and hackers are targeting the supply chain. Drew Smith, founder and CEO of InfoArmor, will be on hand to discuss the reality of today's threat landscape and what to do about it. |
||
![]() |
||||||
![]() |
||||||
|
||||||
![]() |
||||||
![]() |
||||||
![]() |