IoT

Internet of Things (IoT) – Hack My Army

Mar 14, 2016 By Sharon Solomon

It’s now common knowledge that the Internet of Things (IoT) revolution has infiltrated our homes, cars and offices. But even defense forces are going online, with more and more weaponry being operated remotely with the help of dedicated applications. Unfortunately, this has provided politically and criminally motivated hackers with new targets to manipulate. Is the modern army really prepared to fight off the bad guys? Let’s find out.

 

Smart Rifles – Useful, Yet Risky

 

The Tracking Point TP750 is the future of sniper rifles. It has the usual shooting mechanism found in simple sniper rifles, boosted with online connectivity features. Users of this $13,000 smart rifle can monitor its scope via a computer/tablet and even operate it remotely. But there is still work to be done on the security front. This smart-rifle can be hacked and manipulated at will.

 

Security researchers Runa Sandvik and Michael Auger gained unauthorized access to the smart-rifle’s software via its WiFi connection and exploited various vulnerabilities in its proprietary software. The TP750 was tricked into missing the target and not firing the bullet. Even a complete shut-off of the scope’s computer was performed in their POC (as demonstrated in the video below).

 


Hacking a “smart” sniper rifle. Courtesy: Wired

 

This proves that while “smart-weapons” will soon be on all battle-fields, security levels are still not where they should be. This means the enemy forces will have the chance to change the outcome of wars by manipulating vulnerable “smart-weapons” and exploiting defense software. This potential problem is not limited to rifles. Tanks, missiles and radars are also going online, making them hot hacking targets.

 

The Risks Go Beyond IoT Weapons

It’s not only about “smart-weapon” hackings. More and more modern armies are using drones to perform surveillance tasks and execute pin-point attacks on selected targets. Unlike “smart-weapons”, these are already in mainstream service, helping overcome physical barriers (mountains, rivers, etc) and technical obstacles (i.e – terror strongholds, highly populated cities, etc).

 

As shown in the demo below, security researcher Ryan Satterfield managed to use malicious code to gain control of a drone and cause it to crash. He manipulated the IoT device by accessing its open WiFi connection and launching a wireless “de-auth” attack. He also went on to warn that many drone mobile applications leave “forensic artifacts” on mobile devices.

 


Hacking a Parrot A.R.Drone 2.0. Courtesy: Ryan Satterfield

 

All armies also need to safeguard their databases to protect sensitive information collected from drones and other sources. The Web Application Firewall (WAF), a security solution that’s being used extensively for more than a decade, is not getting the job done. When not configured properly, a common occurrence, results have many False Positives (FP).

 

For example, a hacker recently broke into a classified U.S Army database that held sensitive information about flaws in the various American dams (National Inventory of Dams, also known as NID). This web application was supposed to exclusively serve government employees, but hackers from China (allegedly) used malicious input to gain access to the database and harvest the data.

 

OWASP Internet of Things (IoT) Project – Click Here

 

Secure Application Development for Secure Military Operations

With army operations getting more and more sophisticated, application security has become extremely crucial. Whether it’s mobile or web operated, military IoT software has to be robust. Injection vulnerabilities (SQL injection, LDAP injection, etc) and coding errors have to be eliminated because the cost of each military breach goes way beyond financial damage.

 

The easiest way to ensure secure development is to make sure your developers are familiar with popular application security benchmarks such as the OWASP Top-10 and SANS 25.

 

Secure application code can be created with the help of security solutions that can be integrated directly into the development process. A common way of doing so is to use Static Code Analysis (SCA), a Static Application Security Testing (SAST) methodology. This security solution sits right in the developer’s working environment and helps with the following:

 

  • Creating a secure Software Development Life Cycle (sSDLC). That eventually helps integrate security into all stages of the development process.
  • Works seamlessly with modern development methodologies used today such as Agile, DevOps and Continuous Integration (CI).
  • The security process is basically fully automated, with everyone involved actively. Developers can also be educated about application security and its principles.
  • Security thresholds can be defined as per the requirements. This helps regulate the build process automatically as the solution decides if it’s a go or a no-go.
  • Improved ROI due to the quick and effective vulnerability mitigation. The military and the citizens have to spend less on maintenance and damages from data leaks.

 

The military in all countries today is lagging in IoT security adoption.

 

There is no globalized security standard for smart-weapons or military related communications. It’s highly recommended to make sure the IoT software you are implementing is tested for the most common vulnerabilities being exploited today, before being approved for use in the field. Its also becoming common practice to analyze open-source software components properly before implementing them.

 

The combat zones are no longer limited to the battle field. More and more armies are trying to exploit vulnerable IoT weapons and databases. Stay safe!

The following two tabs change content below.

Sharon Solomon

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.