Every July hackers from around the globe descend on Las Vegas, Nevada for a week of hacker conferences which includes Black Hat USA, DEFCON, and BSides Las Vegas. The annual week of hacker conferences brings security researchers who present their latest findings on computer vulnerabilities and exploits. 2017 marked the 25th DEFCON, which has been held in Las Vegas every year since 1992. Black Hat Briefings is an annual hacker conference that was started in 1997 by the founder of DEFCON, Jeff Moss. Black Hat is held annually in Las Vegas, Nevada, but also hosts conferences internationally, and some of its previous conferences have taken place in Tokyo, Japan, Barcelona, Spain, Amsterdam, the Netherlands, and in Abu Dhabi, United Arab Emirates. Security BSides holds conferences all over the world and many of their conferences coincide with other hack conferences. Below are some of the top hacks and exploits that were presented at Black Hat and DEFCON in 2017.
3G and 4G LTE Cellular Networks Are Vulnerable to Stingray Mass Surveillance
One of the more notable talks that took place at this year’s Black Hat conference covered a flaw that was discovered that enables mass surveillance of newer cellular networks. A team of international researchers presented their findings on a flaw in the encrypted protocol used in 3G and 4G LTE cellular networks. The talk, which was titled, “New Adventures in Spying 3G and 4G Users: Locate, Track & Monitor,” covered a vulnerability in cellular networks which poses a serious threat to users privacy. Like older cellular protocols such as 2G, newer 3G and 4G cellular networks are also vulnerable to being spied on by IMSI catchers, or what are more popularly known as Stingrays. Stingrays allow law enforcement agencies, intelligence agencies, militaries, and hackers to conduct mass surveillance on all cellular devices located in the immediate area of the spying device. With a Stingray an attacker can find the location of a mobile device, track the device’s location, as well as monitor calls and SMS text messages that are made and received, and even monitor cellular internet usage on the device.
The new vulnerability in 3G and 4G cellular networks was discovered by researchers Ravishankar Borgaonkar and Lucca Hirschi. With this new vulnerability, an attacker can track the location of a mobile device, and see when a call or SMS text message has been sent or received, but the contents of calls and messages are not able to be eavesdropped upon. The vulnerability is in the authentication and key agreement security protocol of 3G and 4G cellular networks, which is designed to allow mobile devices to securely connect and communicate with a cellular network. The researchers found several low cost ways of exploiting this vulnerability, and they also discussed possible countermeasures users could take to avoid these kinds of attacks.
Fruitfly, A Nearly Undetectable Backdoor Infecting Macs
Another notable talk given at Black Hat discussed a piece of malware that has been infecting Apple OS X this year. The malware is a backdoor known as Fruitfly, and can enable hackers to essentially take full control over a victim’s device. It is believed that Fruitfly has existed for several years but has only recently been discovered. Earlier this year this malware was found attacking biomedical research institutions. While Apple has released a patch for OS X to stop Fruitfly, hackers have created variants of the malware and new infections continue to occur.
Voting Machines Hacked in Minutes
Meanwhile, at DEFCON, the hacker conference hosted a Voting Machine Village which consisted of 30 different voting machines that attendees were invited to take a shot at hacking. Every single one of the 30 voting machines ended up being compromised. “It took me only a few minutes to see how to hack it,” Thomas Richards, a security consultant, told The Hill. Richards was able to hack a machine that is currently used for elections in the state of Georgia. Richards said he was surprised by what he discovered. DEFCON organizers hoped that their Voting Machine Village and the ease with which hackers were able to compromise the machines will encourage election officials across the country to take steps to secure their voting machines.
iCloud Security Flaw Created Password Risk for iPhone and Mac Users
Another important security flaw discussed at the hacker conferences in Las Vegas this year was discovered by a researcher who presented their findings at Black Hat. The researcher, Alex Radocea, talked about a flaw he discovered in Apple’s iCloud, which if left unpatched would have been hugely disastrous. Fortunately, Apple issued a patch to correct the security issue. “The bug we found is exactly the kind of bug law enforcement or intelligence would look for in an end-to-end encryption system,” Radocea told ZDNet. The security flaw was found in Apple products such as Macs, iPhones, and iPods. It allowed attackers to obtain passwords and other encrypted data.
SHA-1 is Dead
A research team led by Elie Bursztein demonstrated a collision attack on SHA-1, a cryptographic hash function developed by the NSA. Bursztein’s team was able to discover a collision using 110 GPUs operating for one year. Prior to his team’s discovery, it would take 12 million GPUs operating for one year to be able to create a collision. The researchers released a tool to allow other people to create their own SHA-1 collisions, which is available at http://shattered.io/.