Malicious IoT Implants: Tampering with Serial Communication over the Internet

• Published in: Research in Attacks, Intrusions, and Defenses pp. 535 - 555
• Main Authors: Morgner, Philipp, Pfennig, Stefan, Salzner, Dennis, Benenson, Zinaida
• Format: Book Chapter
• Language: English
• Published: Cham Springer International Publishing
• Series: Lecture Notes in Computer Science
• Subjects: Hardware attack; Implant; IoT; LPWAN; Serial communication
• ISBN: 3030004694; 9783030004699
• ISSN: 0302-9743; 1611-3349
• DOI: 10.1007/978-3-030-00470-5_25

The expansion of the Internet of Things (IoT) promotes the roll-out of low-power wide-area networks (LPWANs) around the globe. These technologies supply regions and cities with Internet access over the air, similarly to mobile telephony networks, but they are specifically designed for low-power applications and tiny computing devices. Forecasts predict that major countries will be broadly covered with LPWAN connectivity in the near future. In this paper, we investigate how the expansion of the LPWAN infrastructure facilitates new attack vectors in hardware security. In particular, we investigate the threat of malicious modifications in electronic products during the physical distribution process in the supply chain. We explore to which extent such modifications allow attackers to take control over devices after deployment by tampering with the serial communication between processors, sensors, and memory. To this end, we designed and built a malicious IoT implant, a small electronic system that can be inserted in arbitrary electronic products. In our evaluation on real-world products, we show the feasibility of leveraging malicious IoT implants for hardware-level attacks on safety- and security-critical products.