Geeks for your information Security Security Vendors Kaspersky Kaspersky Security Blog v
How to Attack and Defend a Prosthetic Arm
How to Attack and Defend a Prosthetic Arm
harlan4096 Offline
MalWare Zoo Team
*******
Posts: 14,407
Threads: 9,506
Thanks Received: 9,032 in 7,182 posts
Thanks Given: 9,792
Joined: 12 September 18
#1
Information  28 February 19, 07:27
Quote:[Image: Scheme_bionic_arm.jpg]

Each arm is equipped with an embedded SIM card for sending statistical data. The SIM is needed to access the internet and send statistics and other information about the arm’s status. A connection is established to Motorica’s remote cloud, which is an interface for remotely monitoring the status of all registered biomechanical arms. Good thing about the arm’s current architecture – the connection between the arm and the cloud in unidirectional. This means that only the arm is sending data to the cloud, while the cloud sends nothing back. Yet, Motorica Inc says, they plan to implement this feature later.

The basic logic of the arm, such as movement directions, switching motors on or off, etc., are implemented in the C language. The cloud for receiving, processing and storing information is implemented based on the following technologies:
  • NodeJS – for backend,

  • ReactJS – for frontend,

  • MongoDB – database.
Arm-wrestling

At first, we decided to attack the logic of the arm. But soon we discovered that the C code is well-structured and has no vulnerabilities in it. However, the arm that we tested has only the basic functionality. Motorica Inc. wants to add more functions to its biomechanical limbs: smartphone interconnect, contactless payments and other useful features. From our point of view, all these new technologies must be tested for cybersecurity. Especially the ones that could be exploited for MiTM attacks.

Then we started to analyze the protocol used to send the statistics to the cloud and the logic for processing that information on the server. The initial findings showed that the data was sent using the insecure HTTP protocol. A little later we found some incorrect account operations and insufficient input validation that can be used by a remote attacker to:
  • gain access to information about all the accounts in the cloud including the logins and passwords (in plaintext) for all the prosthetic arms and administrators,

  • add or delete regular and privileged users (with administrator rights),

  • launch attacks against administrators via the cloud and then attack Motorica’s internal infrastructure,

  • NoSQL-injection,

  • cause denial of service for cloud administrator.
Full Reading
[-] The following 1 user says Thank You to harlan4096 for this post:
  • darktwilight
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
AhnLab ENDPOINT PLUS
    AhnLab ...jasonX — 18:21
qBittorrent v4.2.0 released
qBittorrent v5.0.5...Kool — 11:57
QOwnNotes 19.1.6
25.4.3 A build ...Kool — 03:20
AMD releases ROCm 6.4, official RDNA4 su...
AMD ROCm 6.4 relea...harlan4096 — 10:05
Best Linux distros for reviving an old P...
Installing the rig...harlan4096 — 10:04

[-]
Birthdays
Today's Birthdays
avatar (45)MeighGoask
Upcoming Birthdays
avatar (44)wapedDow
avatar (48)oapedDow
avatar (41)Sanchowogy
avatar (43)techlignub
avatar (42)Stevenmam
avatar (49)onlinbah
avatar (49)fuspeukChark
avatar (43)werriewWaiNg
avatar (37)Freemanleo
avatar (42)cdoubapKit
avatar (37)lystraPonia
avatar (30)smith8395john
avatar (50)steakelask
avatar (44)Termoplenka
avatar (42)bycoPaist
avatar (48)pieloKat
avatar (42)ilyagNeexy
avatar (50)donitascene
avatar (50)Toligo
avatar (37)RobertUtelt

[-]
Online Staff
There are no staff members currently online.

>