The Dutch
Security Cluster
 
 
The Dutch
Security Cluster

null Meetup: "Flying Drones, NSA Hacking and Backdooring Bootloaders"

01
Nov
Date:
01 November 2017
Time:
18:30 - 21:30 hrs
Location:
Teleportboulevard 121, Amsterdam Sloterdijk
Organised by:
KPN

Agenda:

1. "Drones Don't Fly When the Sky is Grey" with Javi Moreno
2. "I Boot when U-Boot" by Bernardo Maia Rodrigues - Vincent Ruijter

------------------

Abstract of first talk: A short film by Bea Cabrera. Project presentation, film screening and Q&A.
Storyline: After discovering the tracks of what looks like an illegal hacking attempt upon his company’s network, Mike Donahue will pursue the trespassers’ digital trail while staying one step ahead of the NSA. A fictional story about government surveillance loosely, but factually, based on recent real events.

------------------

Abstract of second talk: Personal computer systems are now considerably more secure than embedded devices. Trusted Platform Module (TPM) and secure boot are readily available and even default in a lot of new desktop computers and laptops. Numerous small office and consumer devices, including routers and smart televisions, however, are lacking even the most basic security features. In this talk we will demonstrate and describe the inner-workings of a custom developed (Fully Weaponised IoT Cyber™) bootkit, which gains persistence on U-Boot based embedded devices, at a lower level than even the firmware. Firmware updates and factory resets usually do not interfere with the bootloader, as a small problem could render the device unusable for an end-user: the bootkit will therefore remain present. By including a properly functioning killswitch and a multi-boot like technique, it is possible to switch between a regular and a backdoored image to thwart detection. Enterprises and ISPs must take this additional attack surface into account, and put effort into detecting and responding to this threat. Well-known security researchers have long advocated for easier ways to verify and demonstrate the integrity of hardware, but this comes at a price that vendors are not willing to pay for security. Recently however, regulatory bodies have started to enforce vendors to lock-down their wireless devices, in order to prevent them from operating outside of their certified frequencies. But these 'vendor lock-downs' are not sufficient to increase the device security, as we will demonstrate, it's just a minor inconvenience.

------------------

Speakers:

Javi Moreno works as a security consultant, specialised in cryptography and embedded security. Used to play CTFs often, now he prefers to sleep. He participated in Drones Don't Fly When the Sky is Grey as producer, advisor and coffee provider. You can follow him at @vierito5

Bernardo Maia Rodrigues (Brazil) Bernardo works as an Ethical Hacker for KPNs (Royal Duth Telecom) REDteam. He enjoys hacking (and bricking) embedded devices including routers, modems and TVs. He presented on security topics at the NullByte Conference, the null Amsterdam chapter and local venues. He frequently participates in CTFs with TheGoonies and is famous for not using buzzwords like IoT, APT and Cyber in his bio.

Vincent Ruijter (Netherlands) Pacifistic Internetveapon @ KPNs (Royal Dutch Telco) REDteam, who thinks he knows Linux. Moderator @ null Amsterdam chapter, with an endless curiosity for all things binary. Knows how to quit Vi ^[ESC!wqwq:wq!

More events

26
Mar

KPN Guest Hacker Programme with Edwin van Andel, Zerocopter

location:
KPN, Den Haag, Maanplein 55, TP5, Serre
organised by:
KPN CISO
HSD event
27-29
Mar

ASIS Europe 2019 - From Risk to Resilience

location:
WTC Rotterdam
organised by:
ASIS International
HSD event
28
Mar

Secure Societies in Horizon 2020

location:
Nieuwspoort, Lange Poten 10, 2511CL Den Haag
organised by:
RVO
HSD event
03-05
Apr

Hardwear.io Berlin 2019

location:
Hotel NH Berlin Alexanderplatz, Berlin, Germany
organised by:
Hardwear.io
HSD event
04
Apr

General Counsel NL Jaarcongres

location:
Vredespaleis Den Haag | Carnegieplein 2
organised by:
General Counsel Netherlands
HSD event
11
Apr

Lectoraat Digital Forensics & E-Discovery

location:
Hogeschool Leiden
organised by:
Hogeschool Leiden
HSD event
15-16
Apr

(ISC)² Secure Summit EMEA 2019

location:
World Forum, The Hague.
organised by:
(ISC)²
HSD event
15-17
Apr

German Business Week Zuid-Duitsland

location:
Utrecht, Den Haag, Wageningen
organised by:
Buitenlandsnetwerk,, BOM, Oost NL, IQ, Amsterdam Trade, Economic board Utrecht, Rotterdam Partners
HSD event
18
Apr

Dag van de Fraudeonderzoeker

location:
Fokker Terminal, Den Haag
organised by:
IFFC
HSD event
18
Apr

Journey to Capital & Growth (HSD Café Special)

location:
HSD Campus, Wilhelmina van Pruijsenweg 104, 2592 AN Den Haag
organised by:
Pointer Corporate Finance, TIIN Capital, The Netherlands Patent Office Advisor (Netherlands Enterprise Agency) and HSD Office
HSD event
23
Apr

HSD Cafe Smart Secure Cities

location:
HSD Campus, Wilhelmina van Pruisenweg 104
organised by:
The Hague Security Delta
HSD event
24-25
Apr

CYBERUK 2019

location:
Scottish Event Campus, Glasgow
organised by:
National Cyber Security Centre
HSD event
25-26
Apr

European Payment Summit & Florin Awards Ceremony

location:
Louwman Museum, Leidsestraatweg 57 2594 BB The Hague The Netherlands
organised by:
CurrencyResearch
HSD event
06-10
May

Hack In The Box Security Conference 2019

location:
Amsterdam, Netherlands.
organised by:
HITB Security Conference
HSD event
12-15
May

Smart Cities-missie in New York

location:
New York, Verenigde Staten
organised by:
Consulaat Generaal New York, Rijksdienst voor Ondernemend Nederland (RVO.nl), Amsterdam Trade & Innovate, Brainport Eindhoven, Rotterdam Partners
HSD event
13
May

Cyber Investor Day

location:
Madrid, Spain
organised by:
Spanish National Cybersecurity Institute (INCIBE), European Cyber Security Organisation (ECSO)
HSD event
16
May

TEISS Amsterdam 2019

location:
The Mercure Hotel Amsterdam City Joan Muyskenweg 10 1096 CJ Amsterdam
organised by:
TEISS
HSD event
19-24
May

Innovationmission Cybersecurity Taiwan

location:
Taipei, Taiwan
organised by:
Rijksdienst voor Ondernemend Nederland, Innovatie Attaché Netwerk
HSD event
28
May

HSD Café: Artificial Intelligence

location:
HSD Campus, 7th Floor
organised by:
The Hague Security Delta
HSD event
29-30
May

GSMA Mobile 360 Series – Security for 5G

location:
The Hague
organised by:
GSMA Mobile 360
HSD event
04-06
Jun

Infosec London 2019

location:
Olympia, London. The United Kingdom.
organised by:
Infosecurity Europe
HSD event
04-05
Jun

Global Entrepreneurs Summit 2019

location:
World Forum, The Hague, the Netherlands.
organised by:
Ministry of Foreign Affairs
HSD event
16-20
Jun

Hack in Paris 2019

location:
La Maison de la Chimie, Paris, France.
organised by:
SysDream IT Security Services
HSD event
17-18
Jun

Global IT Security Summit

location:
London
organised by:
Platinum Global Solutions
HSD event
19-20
Jun

EuroDIG 2019 The Hague

location:
The Hague, the Netherlands.
organised by:
The Ministry of Economic Affairs
HSD event
25
Jun

Security excellence matters

location:
Hotel Van der Valk, Veenendaal
organised by:
Security Management, Axis Communications, Nedap
HSD event
27
Jun

HSD Café: Data Diode

location:
HSD Campus, 7th Floor
organised by:
The Hague Security Delta
HSD event
02-04
Jul

INTERPOL World 2019

location:
Singapore, Sands Expo & Convention Centre
organised by:
INTERPOL
HSD event
19-23
Aug

National Cyber Security Summer School 2019

location:
organised by:
Dcypher, CGI, CSR, Nederland ICT, TU Delft, NWO, Microsoft, Radboud Universiteit, Crisisplan, Schiphol Group, NCSC, KPN
HSD event
25-30
Aug

International Cyber Security Summer School 2019

location:
organised by:
NATO C&I Agency, Europol,EY, Leiden University and The Hague Security Delta.
HSD event
12
Sep

HSD Café: Quantum

location:
HSD Campus, 7th Floor
organised by:
The Hague Security Delta
HSD event
25-26
Sep

IDnext '19 - The European Digital IDentity (un)-conference, The Netherlands

location:
New Babylon Meeting Center, The Hague, The Netherlands
organised by:
IDnext
HSD event
25-26
Sep

IDnext '19 - The European Digital IDentity (un)-conference

location:
New Babylon Meeting Center, Anna van Buerenplein 29, 2595 DA Den Haag
organised by:
IDNext
HSD event
22-24
Oct

WorldPensionSummit 2019

location:
Louwman Museum, The Hague
organised by:
Pensions & Investments
HSD event
19-22
Nov

Milipol Paris 2019: Leading event for homeland security and safety

location:
Paris-Nord Villepinte Exhibition Centre
organised by:
Comexposium
HSD event

The Hague Security Delta is required by law to ask permission for using cookies. We use functional cookies, and cookies for managing website statistics.
The cookies are processed anonimously. By continuing on our website, you accept the use of cookies. 
Read our privacy and cookie policy for more information.

 

Close