Hardware Malware
A day or two before while on CE-Forums I found someone was curious to know if there really exists any Hardware Virus? And the answer is yes there does exist a Hardware Virus. A Hardware Virus is classified into Hardware Cryptographic and Embedded Systems type of threats. A Hardware threat is one of the most dangerous security threats that was ever known to Computing World. Hardware malware includes threats embedded as programs in hardware during manufacture. While manufacturing all hardware are flashed i.e. in this stage hardware is embedded with a malware code. Most of the time this code acts as host to the system installed on it. It can collect, store and then send data to specified destination just acting as a host system to your system. And since your system is guest on the host system(the code embedded in hardware) there’s no way your system is going to alert that it is sending data to someone somewhere. The type of threat above can be included in BIOS of your motherboard or reserved cache storage of your hard disk or in cache of processor. Hardware threats are not new but still are in evolving stage acting as most powerful threat that ever came into existence. Though there are many types of hardware based threats here we will discus three of the most known types.
Hardware Trojan Horse(HTH): It is the modified version of maliciously coded circuit which can capture and send data to remote host most of the time found embedded in Motherboard and Hard Disk. Practically impossible to trace this can also damage or reprogram system which is installed on it. It configures payload and sends information to attacker when your network gets triggered. Threat is high since it can’t get detected and can practically bypass all kinds of security, reason is it uses raw connection for transferring data due to embedded in hardware so no packet filtering or Intrusion Detection System can ever find out it’s presence whether the system is a part of LAN(Local Area Network) or Server to LAN.
Integrated Circuits(IC’s): Well known as Electronic Digital Integrated Circuits(EDIC), these are re-programmable type of hardware threat. Since it is re-programmable a single IC can be used to act as Trojan, Virus, Spy-ware practically any kind of threat. It can lead to leak of sensitive information and specially used for damaging internal circuits connected along with it to make victim face heavy loss of information. Usually coded in Very Large Scale Integrated Circuits Hardware Description Language (VHDL standardized by DoD America) it can also be programmed using java, assembly, C and C++.
Hardware Logic Bombs(HLB): It can be termed as hardware counterpart to software based threat logic bomb. HLB does not trigger itself until some specific conditions are met. These conditions may include any hardware based possibility like triggering Command Word Register (CWR) for specific device, heat generated during operation, calculation of data and even increased Floating Point Operation by processor.
Time Bombs: Again these are hardware counterparts of its software based threat. Derived from Logic Bombs these are specially used to act after specific time. Can be applied in IC since it is integrated or in complex circuit because it is hard to identify it in complex circuit. The specialty of Time Bombs are that they can be included as programs as well as circuits. You can place them as program in an IC or just enclose a reverse counter circuit with current circuit.
As this field is evolving day by day we are not sure how currently they are classified and how they will be classified further. So as far as we know HTH is most dangerous type of hardware mal-ware. There may be more but not in light yet. Practically each and every hardware has circuit and hence there’s 100% guarantee a hidden storage can be implemented in it thus making each and every hardware susceptible to it. The only protection currently we have is to buy from a trusted vendor and nothing else.
Hardware Trojan Horse(HTH): It is the modified version of maliciously coded circuit which can capture and send data to remote host most of the time found embedded in Motherboard and Hard Disk. Practically impossible to trace this can also damage or reprogram system which is installed on it. It configures payload and sends information to attacker when your network gets triggered. Threat is high since it can’t get detected and can practically bypass all kinds of security, reason is it uses raw connection for transferring data due to embedded in hardware so no packet filtering or Intrusion Detection System can ever find out it’s presence whether the system is a part of LAN(Local Area Network) or Server to LAN.
Integrated Circuits(IC’s): Well known as Electronic Digital Integrated Circuits(EDIC), these are re-programmable type of hardware threat. Since it is re-programmable a single IC can be used to act as Trojan, Virus, Spy-ware practically any kind of threat. It can lead to leak of sensitive information and specially used for damaging internal circuits connected along with it to make victim face heavy loss of information. Usually coded in Very Large Scale Integrated Circuits Hardware Description Language (VHDL standardized by DoD America) it can also be programmed using java, assembly, C and C++.
Hardware Logic Bombs(HLB): It can be termed as hardware counterpart to software based threat logic bomb. HLB does not trigger itself until some specific conditions are met. These conditions may include any hardware based possibility like triggering Command Word Register (CWR) for specific device, heat generated during operation, calculation of data and even increased Floating Point Operation by processor.
Time Bombs: Again these are hardware counterparts of its software based threat. Derived from Logic Bombs these are specially used to act after specific time. Can be applied in IC since it is integrated or in complex circuit because it is hard to identify it in complex circuit. The specialty of Time Bombs are that they can be included as programs as well as circuits. You can place them as program in an IC or just enclose a reverse counter circuit with current circuit.
As this field is evolving day by day we are not sure how currently they are classified and how they will be classified further. So as far as we know HTH is most dangerous type of hardware mal-ware. There may be more but not in light yet. Practically each and every hardware has circuit and hence there’s 100% guarantee a hidden storage can be implemented in it thus making each and every hardware susceptible to it. The only protection currently we have is to buy from a trusted vendor and nothing else.
Replies
You are reading an archived discussion.
Related Posts
Registry is considered as one of the most brain bombing part of Microsoft Windows OS. From quite some time I am trying to understand it bit by bit. So here...
So this is the second post appearing with evil in its title, the first one appeared for Evil Maid and now for Evil Twin. Hacking community is really evil on...
Bangalore based Notion Ink Design Labs Pvt. Ltd has began the pre-order of its Adam tablet. The response from all over the world is so huge that the devices with...
The campus recruitment season is on and many engineering students are preparing for the recruitment tests and personal interviews. One of the most common questions asked in interview is "What...
While browsing the Internet, I stumbled upon the term 'Precision Engineering'. I wasn't familiar with the term, so decided to find out more information about it. Upon search, I found...