I‘ve been on a quest to find robots. This ambition motivated me to take a trip around Tokyo, Japan – the global hub of Robotics – to see what I could find. We tend to see alot of cool advancements and breakthroughs on the Inter-webs, but where are the real-life drones and quadrapeds roaming our urban landscape – how far are we from that reality? Amidst my disappointment for lack of finding the Robotopia I was looking for, I started watching documentaries and a new TV series aptly titled ‘Mr. Robot’. Again to my dismay the show wasn’t to involve any gigantic mechanical droids taking over the Earth. However, it did set me on a path delving into Cybersecurity and what is known as ‘The Deep Web’.
The Mr. Robot series revolves around a cybersecurity engineer who also happens to form port of an underground hacker group ‘fsociety’ that seeks to take down the ‘E(vil) Corp’ (yes very cliche but I won’t turn this into a critic review) whom control the world’s financial credit. It gets very technical in the details of how they plan the attack, planting a rootkit inside one of the E Corp servers and utilizing it as a gateway to wipe out every other server in the datacenter. This attack must be coordinated in parallel with the replication server that exists in the China data centre in order to halt the corporation completely. However, to completely destroy Evil Corp they must also take down the offline backup centre, appropriately titled ‘Steel Mountain’. This data centre has no network connectivity to the outside world – so how will they achieve this? Well, by hacking the HVAC system, of course!
Their plan is to physically break into the centre and splice a Raspberry Pi onto the field bus of the ‘Air Dream’ system, this would be remotely controlled to send a setpoint change command to all AC units and increase temperature to a level that caused all the backup tapes to melt. It’s a great theory! Kudos to the writers to put the research into those technical details. Whether this would actually work in reality… I’m sure there are alot of other factors to consider; whether the AC system would really reach such a setpoint? – you would think there would be some failsafe limits, are the heaters even rated for reaching such a temperature? What protocol are the units running on? if its a field bus protocol you would need to know the device identifiers and the correct registers.
Perhaps, given the right scenario and certain type of device, this theory would certainly be plausible. But what’s more important about this whole plot-point, and what really got me thinking, is that these types of exploits are now in mainstream media. Gone are the days when our first line of defense was;
“nobody even knows what the HVAC system is, let alone how to get into to it”.
People are getting smarter and more well-informed, the duty falls on us to ensure that they cannot exploit the systems that we design and install. I was recently at a presentation held by M2M Connectivity discussing routers/ modems, and again the infamous Target hack was used as an example of security done wrong. People know that HVAC controls are exploitable, they use it as a case study, and it’s only a matter of time before it happens again.
Moving on from the TV series, I started researching into The Deep Web, Tor networks and read some great articles posted by Fred Gordy on the use of Shodan, I’ll detail my findings in the next article.
If you have the time, please check out the Mr. Robot series, it’s definitely not for everyone but tech heads will enjoy it.
*p.s.* There are now tutorials popping up on the Internet, with reference to Mr Robot, showing how to setup a Raspberry Pi with Kali and a Cryptcat Listener to enable remote hacking (http://null-byte.wonderhowto.com/how-to/hacks-mr-robot-build-hacking-raspberry-pi-0163143/)