Tales From the Road: An Ongoing Hardware Assessment in a High-Risk Environment

Never underestimate the abilities of people with too much time on their hands and a pension for malicious activity.

Hardware and software security assessments are a key component of maintaining the safety, security, and compliance of any device type, almost regardless of the environment in which they are used. But when the environment is a particularly sensitive and regulated facility and the devices in question are at a higher-than-usual risk of manipulation, regular and extremely comprehensive security assessments and threat hunting are especially critical.

A long-standing client of DirectDefense, a company that distributes specialty tablets in environments exactly like the ones described above, has utilized our assessment services for several years now. In the hopes of mitigating the risk associated with these specific tablets in these specific environments, our team conducts quarterly assessments and, if needed, remediations for this client. These regular engagements proved themselves worth it when we discovered an easily manipulated vulnerability that posed a distinct risk for criminal activity.

Over the years, our team has come across numerous facilities, devices, and business types that require regular assessments, but the sensitivity of this particular case calls for regular assessment more than most. Stemming from what was going to be a one-time engagement back in 2020, we have since formed a strategic partnership with this client that aims to ensure the continued safety of those utilizing the devices.

A Multi-Part Hardware Assessment

In our initial hardware assessment, we discovered a significant vulnerability in the tablet devices’ BootROM, the code executed at device startup, which cannot be updated post-manufacturing. Accessible via the device’s USB port, this vulnerability is easily exploitable. Despite the usual impossibility of updating this component, we were able to collaborate with both the client and various levels of their supply chain to develop a remediation strategy that successfully quarantined the affected mode.

During a follow-up assessment, our team discovered that an eMMC fault-injection-based vulnerability was allowing attackers to access the BootROM interface again. Naturally, the client was told about this vulnerability and a patch plan was proposed, but the client did not feel that the tablet users would be able to manipulate the vulnerability. Despite the client’s refusal to act upon that particular recommendation, our team went ahead and prepared to remediate it in anticipation of the vulnerability being discovered and exploited.

Unfortunately, the situation played out almost exactly how the consultants said that it would a short time later. But thankfully, because of their preparedness for this inevitable exploitation, remediation efforts immediately commenced.

A Unique Situation Requires a Unique Approach

As with any other hardware security assessment, there are certain attack vectors that we both search for and warn our clients about. When people think of software or hardware security attacks, they most often think of external bad actors who attempt to gain access for malicious purposes. What many clients don’t think about is the potential for internal vulnerabilities and threats, such as disgruntled or inept employees. In the case of this particular client’s situation, however, the internal threat vector is uniquely magnified, ever-present, and ever-evolving, which is why we spend time every quarter doing a thorough assessment and any needed patching.

This evaluation focused on identifying vulnerabilities at risk of being exploited by malicious actors to gain unauthorized access to the devices. We meticulously employed various tools, scripts, and physical methods to detect potential threats. Identified vulnerabilities underwent rigorous testing, which involved exploring debug ports, bus sniffing, and protocol analysis to identify active services for firmware-level scrutiny. A comprehensive evaluation of all firmware images was conducted to grasp each device’s security status.

Initially, the overall risk exposure was evaluated to be at the top of the Critical severity range. However, within two follow-up tests, our collaborative remediation efforts brought that overall risk profile to the lower end of the Moderate severity range.

Remediation Recommendations

The client previously faced challenges with their Original Device Manufacturer (ODM) and chipset vendor regarding vulnerability patching, leading to their instituting stringent requirements for patching vulnerabilities with chipset and component vendors. Businesses must assess vendors based on their history of timely patching to bolster mobile device security and reliability, fostering user trust and long-term resilience.

Next, we strongly advised disabling the UART console on production devices to mitigate security risks associated with debug access programs and gaining local console access. This should be done at the lowest firmware level during provisioning.

Another significant issue we uncovered was patch maintenance neglect, with critical patches missing over several years and outdated system components. We provided comprehensive CVE matrixes to address these vulnerabilities and recommended integrating patch management into the system life cycle.

Additionally, we found components in the device firmware running as the root user, posing a significant security risk. We suggested reviewing custom additions to baseline source code and optimizing kernel configurations for enhanced security.

By implementing these recommendations, the client greatly bolstered device security and mitigated potential compromise risks. Prioritizing security at every development stage is imperative to safeguard against vulnerabilities and ensure product integrity.

What Can We Learn from this Hardware Assessment?

Our experience with this client highlights the critical role of regular hardware assessments in ensuring digital system integrity and reliability. What began as a single engagement has evolved into a long-term partnership rooted in a mutual dedication to securing and fortifying their devices at the development level.

An ongoing security program acts as a proactive measure to detect vulnerabilities, assess risks, and implement necessary protections against potential threats. Through our collaboration, this partnership has informed strategic decisions in product development and security, strengthening defenses against evolving cyber threats that could compromise the organization.

A key lesson from our partnership underscores the importance of implementing recommendations from these assessments. Each recommendation offers valuable insights, revealing areas for enhancing the client’s security posture. By embracing and acting on these recommendations, our client demonstrated a commitment to the safety and security of their tablet devices and their users.

Contact Us Today!

Take stock of how secure your devices are from malicious attackers. Contact us online or call 1 888 720 4633.