Re: Modern hw-killing virus feasible

["Jon O." <jono () MICROSHAFT ORG>]

A flash/bios virus may not be new or feasible right now (delivery issues)
but it brings up a good point.

There hasn't been a lot of thought given to protecting digital assets
other than what we consider the internet or networks. However, once you
become dependent on a thing, you can be controlled by that thing. We are
very dependent on POS (Point-Of-Sale) devices and networks, ATM machines,
etc. which provide a much better form of delivery. These devices are
networked and allow media transfers from untrusted parties.

This may sound impossible or not feasible, but I'm sure most of you read
about Direct TV sending a couple bytes to blow hacked systems up (needless
to say, they have 'fixed' the DTV countermeasures). People (you know who
you are) are always finding ways to hack Palm Pilots, Benz door locks,
etc. and it's just a matter of time before someone goes after POS network
interfaces.

For example, some free standing ATM machines actually dial-up (yes, you
can hear the modem dial and the connection hiss) connections to the
network. An ATM technician even told me that the line from the wall to the
ATM, which is usually protected, was a T-1. When asked if someone could
just pull it and hook back in, he stated that it would send an alarm to
the CO, but a bridge would work fine.

Does anyone have more information about these devices and what kind of
risk we may actually be exposed to?


Thanks,
Jon


http://www.securityreports.com


On Tue, 6 Mar 2001, Bart wrote:

> Hi,
>
> Doesn't seem anything really new. The CIH Virus
>  http://vil.mcafee.com/dispVirus.asp?virus_k=10300&; ) written in 1998 did
> something like what you are describing. On a set date it tried to flash the
> bios with garbage, making the infected pc unable to boot.
>
> Alot of hardware can probably be killed this way, as a lot of hardware these
> days have flashable eeprom's. The only problem is is that they have various
> ways of flashing the eeprom, thus making it (virtually) impossible for a
> virus to have a generic (flash-)payload for a lot of hardware.
>
> Kind Regards,
>
> Bart
>
> > -----Oorspronkelijk bericht-----
> > Van: VULN-DEV List [mailto:VULN-DEV () SECURITYFOCUS COM]Namens Pavel
> > Machek
> > Verzonden: maandag 5 maart 2001 23:34
> > Aan: VULN-DEV () SECURITYFOCUS COM
> > Onderwerp: Modern hw-killing virus feasible
> >
> >
> >  Hi!
> >
> >  Current DVD-regioning system provides *very* easy possibility for
> >  virus to render hardware unusable. Current DVD-roms allow setting
> >  DVD region for limited number of times.
> >
> >  Imagine virus, that switches DVD between japan-region and asia-region
> >  as many times as it can. It would leave DVD locked either to japan or
> >  asia, effectively making it unusable for european/us citizen.
> >
> >  Long time ago, rumors went that it is possible to kill harddrive by
> >  software. Then, old monitors could be damaged by software by
> >  missprograming them (but damage would take lot of time). Now DVDs
> >  provide effective way for software making them unusable. Pretty sad.
> >
> >                                                                Pavel
> >
> > --
> > I'm pavel () ucw cz. "In my country we have almost anarchy and I don't care."
> > Panos Katsaloulis describing me w.r.t. patents at discuss () linmodems org