Hardware Exploits And Mobile Security PDF

Summary

This document is a learner's guide on hardware exploits and mobile security. It discusses cyber-related threats to hardware, USB drives, remote takeover, and mobile devices. It includes practical advice on how to protect yourself from these threats using cybersecurity best practices.

Full Transcript

NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

SECTION 4:

HARDWARE EXPLOITS AND MOBILE SECURITY

In this section, you will learn the following:

Cyber threats related to hardware
USB drives related threats and prevention mechanisms
Remote takeover related threats
Mobile security

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 69 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

HARDWARE VULNERABILITIES AND MOBILE SECURITY Notes

So far, we discussed software and cyber space security
issues. Now it’s time to focus on hardware – the physical
devices and connections that we use to access the internet
and see how they too can pose a threat.

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 70 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

USB DRIVES Notes

What is a USB Drive?

A USB flash drive (acronym for “Universal Serial Bus”) is a
data storage device that includes flash memory (a computer
storage medium that can be electrically erased and
reprogrammed).

It also includes an integrated USB interface, that can be
easily connected to a computer. USB flash drives are
typically removable and rewritable.

Most drives weigh less than 30 grams and have up
to 2 terabyte capacity.

How Hackers Use USB Drives?

USB sticks are can be used as a way of getting malicious
code onto target computers. When a piece of malware gets
onto a USB flash drive it can infect any devices into which
that drive is plugged into next.

A malicious device can install malware such as backdoor
Trojans, information stealers or hijackers that redirect you to
the hacker’s website of choice.

Most famously, the Stuxnet attack on Iranian nuclear
centrifuges was believed to have been caused by an infected
USB stick. It has damaged Iran’s centrifuges and delayed its
uranium enrichment efforts.

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 71 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

USB Drive – Protection Guidelines Notes
Protect your data: Avoid copying sensitive
personal data on a USB device. If you must, then
use encryption. Encryption programs can be
downloaded from reliable websites.
Protect your computer: Some newer model USB
drives have safety features such as fingerprint
authentication, or built-in encryption.
Use your personal USB drive only.
Never insert an USB driver into your device if you
aren’t sure where it came from or to whom it
belongs.
Keep home and office devices separate.
Avoid opening unknown files stored on your
device.

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 72 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

REMOTE TAKEOVER Notes

Every piece of technology created today can be connected to
the internet.
New televisions connect to stream programs.
Wireless surveillance cameras connect to your
smartphone to provide a live view.
External hard drives connect to share files between
several computers.
Webcams allow users to view loved ones while
chatting in real time.
It is also possible to control some thermostats, light
bulbs and security alarms via smartphones or
wireless remotes.
But as much as We love the idea of controlling
everything wirelessly, so do hackers.

The number of Internet connected devices has become
enormous in recent years, with more than 20 billion Internet
connected IoT devices today. There are estimates that this
number will be 75 billion by 2025.

Although this trend is most likely to improve the quality of life
for most of the population, it also increases the number and
type of potentially vulnerable devices that hackers can target.

Searching for vulnerable devices on the internet is quite
easy. Specific searches on Google identify various types of
hardware waiting for a connection.

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 73 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

A quick Google search also reveals the default username Notes
and password of a device. Most people do not bother to
change it.

That way hackers can connect to ATMs, security cameras,
parking lot management systems and much more.

Activation of Cameras/Microphones
Malware allows malicious hackers to activate built-in
cameras in smartphones or computers without the user's
knowledge. The camera can even be remotely turned on
without even illuminating the indicator light!

Intruders can also hijack built-in microphones to eavesdrop
on conversations. Muting the mic or switching to Flight Mode
doesn’t work, since it’s possible for an intruder to unmute the
mic and record audio when the device is offline.

There are even online tutorials available to instruct neophyte
hackers on how to hijack webcams, making it is very easy for
anyone to become a hacker.

Keystroke logger

A keystroke logger, or keylogger, is a type of surveillance
technology used to monitor and record the keystrokes typed
into a specific keyboard.

In 2016 web-based keyloggers had been planted in popular
e-commerce websites, and they were used to steal credit
card data as it was being typed in by users while making a
purchase.

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 74 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

Notes

Luckily, protecting yourselves against remote take-overs is
not too complicated.

Follow these guidelines:
Use strong passwords.
Always change the default passwords of online
devices.
When talking about sensitive issues, leave your
cell phones outside the room or shut them off (do
NOT just silence them).
Consider covering or closing your webcam or
security camera.

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 75 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

Notes
MOBILE SECURITY

Much of the remote takeover lesson we just learnt had to do
with mobile devices. Let’s focus on those for a while.

Particularly, we want to go over some mobile-specific ways
to increase protection.

Just like computers, mobile devices are connected to the
internet, have cameras and microphones, and are vulnerable
to malware. Let’s go over some mobile specific threats.

Today’s smartphones are computers.

Each one of them has a processor, RAM and an operating
system. It has information such as mails, appointments,
contacts, texts and maybe even stored passwords for easy
access.

If you apply the steps that we present in this unit, your
smartphone will be secure to a level that even if stolen no
one will be able to extract information from it and, hopefully,
no one will install any malicious contents on your device.

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 76 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

How to choose the safest phone? Here are a few questions Notes
to ask before purchasing:
Does it have file encryption?
Does the provider can find and wipe remotely?
Does the provider have a good antivirus that enables
him to delete malicious apps remotely?
Does the device have authentication features such as
access passwords?
Can I encrypt my backup?

Spoof calling is a method of manipulating a conversation with
someone to fake approval to certain actions.

Imagine this – a company calls you and surveys you about a
certain subject, it could be political, business or even a
pretend fake call. You answer politely and go on with your
day. The next thing you know, some audio editing has you
participating in the following conversation:
Me: “hello”
You: “hello”
Me: “do you approve a transaction of 250$ to my
company?”
You: “yes”

To avoid spoof calling, make sure you verify the identity of
whoever you speak to, and avoid conversations with
suspicious people.
Additionally, don’t publish your phone number to a public
website if not necessary.

How would you safely use your phone? Here are some
guidelines:

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 77 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

Disable all interfaces not currently used including Notes
apps, most importantly blue-tooth capabilities,
location and WiFi connections.
Be careful when you use social network apps since
these often use your location services making your
location public.
Pay attention to the apps you install on your mobile
phone; their source, legitimacy, the permissions
they require, etc.
Make sure that you’re are not joining unknown Wi-
Fi networks or using public Wi-Fi hotspots, these
have low security standards and anyone can
access them.
What to do if your phone is hacked/stolen?
First–Act quickly! (But don't panic)
If you have work documents on your device report
the loss to your employers.
Report the loss to your service providers to prevent
further charges.
Report the theft to the local authorities.

What to do if your phone is hacked?
Change account credentials to prevent infiltrating
your accounts since you most probably have apps
like Email and social networks open on your
device.
If you use your phone for 2-factor-authentication –
make sure to disable this option.
If possible, wipe the phone remotely.
Mobile Security – Porting Scam

AKA Two-Factor Authentication Scams.
Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 78 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

In this type of scams, hackers contact their target’s mobile
Notes
carrier, pretend to be their target and ask to port their target’s
mobile number to a different number.

Once the mobile number is ported, hackers can now get
access to their target’s messages and calls, including
verification codes used in 2-factor-authentication.

This method allowed hackers to steal millions of dollars’
worth cryptocurrency in the last few years.

How can we prevent this from happening?
Contact your mobile carrier to check your account
porting status
Request to set up a personal PIN code for future
porting authorization
Keep another backup login method for your most
important account (e.g. – backup codes, USB
token, etc.)
Wearable Devices

Mobile phones are not the only mobile related risk to our
privacy.
Another growing trend of recent years is the use of mobile
computer embedded wearable devices, such as smart fitness
devices and watches (e.g. – Fitbit), medical wearable
devices and more.

Most of us are not aware to the amount of information that
can be extracted from these devices, including sensitive
information that we would most probably prefer not to share.

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 79 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

Wearable Devices – Strava Heatmap

The Strava Global Heatmap
(https://www.strava.com/heatmap) shows 'heat' made by
aggregated, public activities of athletes using the Strava
social fitness app. Besides popular running and cycling
tracks, the heatmap can also reveal the locations of sensitive
places, such as secret military bases (as described in the
following article
https://www.theguardian.com/world/2018/jan/28/fitness-
tracking-app-gives-away-location-of-secret-us-army-bases).

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 80 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

HARDWARE EXPLOITS AND MOBILE SECURITY QUIZ Notes

Answer the following questions:

1. You find a USB device (Disk-On-Key) left on the sidewalk
outside of your office. What should you do with it?
A. Use it only for personal utilities only.
B. Plug it in and try to understand who it belongs to
according to its content.
C. Plug it in one of the IT personnel computers. They are
more secure and it will be safer to analyze its content
on their computers.
D. Never plug in the device. It might contain malicious
executables and it might have been left outside of the
office by someone with malicious intentions to
penetrate the company's network.

2. Choose the incorrect statement.
A. Our mobile phone's voice recorder can be easily
converted into an eavesdropping machine.
B. GPS tracking options make smartphones a great
target for spyware installation.
C. Mobile phones that are switched to flight mode are
immune to spyware.
D. Mobile phone cameras can be activated without the
phone owner knowing about it.

3. Which of the following mobile security measures is not
recommended?
A. Do not open suspicious links.
B. Research apps prior to installation.

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 81 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

C. Secure web connections. Notes

D. Do not publish your number.
E. Disable locking features on your device.

4. Which of the following is incorrect regarding safety
measures when using USBs?
A. Avoid opening unknown files stored on your
device.
B. Never insert a USB drive into your device if you
are not sure where it came from or who to whom it
belongs.
C. Do not use the same flash drives for home and
work.
D. Do not use the same flash drive twice.

5. In order to protect yourself against remote takeover,
which action is advisable?
A. It is advised to keep the default password of
online devices; they are considered strong
passwords.
B. When talking about sensitive issues, leave your
cellphone in flight mode.
C. Cover your webcam when it is not in use.
D. All of the above.

6. What should you do if your mobile device is stolen?
A. Try to call your phone number and publish the number
online.
B. Report the theft to your employer and service provider
and change account credentials.
C. Report the theft to your employer and friends, and do
not change account credentials.
D. Report the theft to the police and install Malwarebytes.

7. What of the options listed below is best to keep devices
Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 82 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

safe from infiltration via USB drives? Notes

A. Using the smallest number of different USB drives
possible to introduce as few threats as possible to the
network.
B. Use different USB drives for work and for home.
C. Keep sensitive information on the USB drive rather
than on the computer.
D. There is no feasible way to protect yourself from USB
infiltration

8. Which of the following is a remote takeover related risk?
A. Remotely overworking your computers fan till it
malfunctions
B. Using cameras for cyber espionage
C. Ordering things from your amazon account
D. Using your phone to spoof other people

9. Which of the following is correct:
A. The smartphone is like a computer, and it can
be infected with viruses just like a computer.
B. The smartphone is nothing like a computer, and
can't be infected with viruses like a computer.
C. The smartphone can be infected with viruses,
but only if infected hardware was connected to it.
D. None of the above.

10. What is the importance of researching apps prior to
installation? (Select any 2 answers)
A. To make sure they are popular enough.
B. To make sure they will not consume too much
space or memory.
C. To beware of droppers and malware posing as
innocent apps.
D. To review the permissions required and make
sure they are reasonable

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 83 of 126
LHUB_ver1.1