Daniel Crowley, research baron for X-Force Red at IBM, and Jennifer Savage, security researcher at Threatcare, show TechRepublic’s Dan Patterson an exploited demo based on vulnerabilities that were found in the Libelium Meshlium at Black Hat. The following is an edited transcript of the conversation.
Daniel Crowley:So, what we’ve got here is an exploit demo based on vulnerabilities that we found in the Libelium Meshlium. Now, the Meshlium is a system that hooks up various sensors, like this ultrasound sensor we have here, which senses distance, and in the case is sensing water levels based on distance. So, we’ve got this sensor system hooked up. Now, this is being used for a number of things around the world. For instance, it’s being used in Spain to detect radiation levels around nuclear power plants for safety.
I think we probably would have shown that if we had found a way to safely irradiate a little Geiger counter, you know, we might have had a very different demo. But what we opted to do for simplicity’s sake is come up with a dam that is controlled in an automated fashion, based on sensor data being fed to the Meshlium device. Now…
SEE: Network security policy (Tech Pro Research)
Jennifer Savage:From the Waspmote.
Daniel Crowley:From the Waspmote. So, this is reporting water level data to this. Now, we have vulnerabilities in this that allow us to hack it without any authentication. No username and password required, and we pretty much instantly have complete control over the device with the vulnerabilities we found. We could do any number of things to this, but what we choose to do is just to corrupt the sensor data here.
What we’re going to do, because this dam gate is opening and closing based on water levels, we’re going to corrupt the sensor data to make it say that the water levels are very low. The dam gate opens all the way up, and the road floods.
We’ve just launched the exploit here, and you can see the dam gate has opened all the way up. So, the Meshlium is now reporting the bad sensor data that we’ve injected in there. The dam gate control is, it’s under the impression that the water levels are drastically low. So, even though you can see this flooding, the riverbanks, and in a second it’s going to flood over the road and over these lovely little cars placed around. The system still believes that the water levels are very low, because we fed bad data to it.
Now, we can go back, and clean up as well, because of the way that this works technically, and the dam will close after we cleaned up our little exploit. But damage is already done.