Students from DTU are being taught how to hack Internet of Things devices from the business world. The purpose is to create a safer world of IoT devices.
The little black box is open on the table. It looks like a split mussel, now involuntarily exposing its potentially vulnerable entrails.
“It was fun to interact with both hardware and software. It was cool to get your hands on it,” says DTU student Christos Xenofontos, who has just completed his first so-called security hackathon, which is an event that involves penetrating digital security measures.
"It has been extra fun because what we have done is the same as what you do in the business world when they test whether a new product is safe to enter the market," says Christos Xenofontos.
Hacking can improve IoT security
The Internet of Things (IoT) device that the DTU students were to hack is a so-called Toitbox, a demo IoT device provided and made by the company Toitware. The device has buttons, LED lamps, GPS, gyroscope, accelerometer and various sensors that allow you to use it to register e.g. temperature, humidity and location. The device is connected to the Internet so that the user can communicate remotely with the Toitbox.
"It was fun to work with software that is actually on the market - instead of just getting some typical test platform," says Christos Xenofontos.
Before the DTU course's hackathon event, held at DTU Fotonik, the developers from Toitware have included vulnerabilities in their software, which the students should try to find.
"We were put under time pressure, which meant that we had to quickly find a way to penetrate the device," says Christos Xenofontos, who mentions that hacking sometimes may involve a screwdriver or any other tools that could provide you with a hardware access to the device:
"There must be control over everything from the physical design to the composition of the software"
Christos Xenofontos, DTU student
"Everything can be hacked. The first basic hack may be to try to open the device, expose its hardware and if possible try to find a serial port to communicate with the firmware,” he says and continues:
"We tried, but no screws were found. If you end up destroying the device and the insides, you have not hacked anything. Since we wanted to avoid risking the physical integrity of the device, we proceeded into trying to find vulnerabilities of the software. That is what we did.”
Christos Xenofontos and his team were able to detect some vulnerabilities of the IoT device.
Christos Xenofontos (to the left) and his teammate Dhaval Mukul Purohit at the hackathon-event held at DTU Fotonik. Photo: Jesper Scheel.“We initially did some reconnaissance by scanning the network to see if the device had any port open we could exploit. Unfortunately, there was nothing open. Then, using an ALFA USB-long range adapter and some tools, we performed a man-in-the-middle attack from which we were able to see that the device was opening some ports and communicating periodically with the online server,“ says Christos Xenofontos and continues:
“Additionally we could see some unencrypted messages into the communication (intentionally put there by the developers). Then we realized that we should proceed with capturing the handshake, and proceeded with a deauthentication attack with both the ALFA antenna and the Wifi Pineapple Nano. Eventually, we ran out of time, but the Toitware developers informed us that we were on the right path.”
"It was my first hackathon, and I think I got some cool experiences from it. It is important to focus on all links in the chain when thinking about safety. There must be control over everything from the physical design to the composition of the software. I would like to security-hack more in my spare time. It has piqued my interest in working with IT security,” he says.
An ALFA Antenna, which is a wireless antenna that can be used to monitor all traffic received on a wireless channel. Photo: Jesper Scheel.
For Toitware, who made equipment and software platform available for the event, the meeting with the DTU students was rewarding:
"Among other things, we have developed a completely new programming language. Our platform is a generic IoT software platform targeted at IoT app development, so being present when the students meet our platform and programming language for the first time gives us valuable feedback that we can use in the security development of our product," says Helena Marie Meyer, a software engineer at Toitware. She continues:
“We have held hackathons before, but this was our first security hackathon, which presented us with new and different challenges. It really was an interesting experience.”