Grand Idea Studio’s Hardware Hacking Training, taught exclusively by Joe Grand, focuses on hardware hacking and reverse engineering techniques commonly used against electronic products and embedded systems. This two-day course is a combination of lecture and hands-on exercises, culminating with a hardware hacking challenge in which students attempt to defeat the security of a custom circuit board. Additional one-day courses are available that provide more detail into specific attack vectors.
Security is often overlooked during the design process. “We’ll fix it later,” says the engineer. “It’s not worth the cost until something happens,” says the manager. This behavior is indicative of the lack of a security mindset within an organization. Poor embedded security practices make products more likely to get hacked, whether for malicious purposes or bragging rights.
Data exfiltration from a device is usually achieved over the network, via hardware implant, or by manipulating the characteristics of an internal electronic component. Optical covert channels transmit data using visible light in a method undetectable to the human eye.
Hardware hacking and attacks against embedded systems are no longer limited to hobbyists who simply want to have fun making products do things they were never intended to do. Nation states, criminal organizations, and others looking to maliciously subvert, monitor, manipulate, or intentionally damage are now involved.
Many electronic devices contain design flaws that could lead to exploitable vulnerabilities. In order to discover such flaws, hackers and engineers use a variety of tools. This presentation explores the tools commonly used during hardware hacking/reverse engineering, including those that monitor/decode communications, extract firmware, and identify/connect to debug interfaces.