The Dutch
Security Cluster
 
 
The Dutch
Security Cluster

null Meetup: "Flying Drones, NSA Hacking and Backdooring Bootloaders"

01
Nov
Date:
01 November 2017
Time:
18:30 - 21:30 hrs
Location:
Teleportboulevard 121, Amsterdam Sloterdijk
Organised by:
KPN

Agenda:

1. "Drones Don't Fly When the Sky is Grey" with Javi Moreno
2. "I Boot when U-Boot" by Bernardo Maia Rodrigues - Vincent Ruijter

------------------

Abstract of first talk: A short film by Bea Cabrera. Project presentation, film screening and Q&A.
Storyline: After discovering the tracks of what looks like an illegal hacking attempt upon his company’s network, Mike Donahue will pursue the trespassers’ digital trail while staying one step ahead of the NSA. A fictional story about government surveillance loosely, but factually, based on recent real events.

------------------

Abstract of second talk: Personal computer systems are now considerably more secure than embedded devices. Trusted Platform Module (TPM) and secure boot are readily available and even default in a lot of new desktop computers and laptops. Numerous small office and consumer devices, including routers and smart televisions, however, are lacking even the most basic security features. In this talk we will demonstrate and describe the inner-workings of a custom developed (Fully Weaponised IoT Cyber™) bootkit, which gains persistence on U-Boot based embedded devices, at a lower level than even the firmware. Firmware updates and factory resets usually do not interfere with the bootloader, as a small problem could render the device unusable for an end-user: the bootkit will therefore remain present. By including a properly functioning killswitch and a multi-boot like technique, it is possible to switch between a regular and a backdoored image to thwart detection. Enterprises and ISPs must take this additional attack surface into account, and put effort into detecting and responding to this threat. Well-known security researchers have long advocated for easier ways to verify and demonstrate the integrity of hardware, but this comes at a price that vendors are not willing to pay for security. Recently however, regulatory bodies have started to enforce vendors to lock-down their wireless devices, in order to prevent them from operating outside of their certified frequencies. But these 'vendor lock-downs' are not sufficient to increase the device security, as we will demonstrate, it's just a minor inconvenience.

------------------

Speakers:

Javi Moreno works as a security consultant, specialised in cryptography and embedded security. Used to play CTFs often, now he prefers to sleep. He participated in Drones Don't Fly When the Sky is Grey as producer, advisor and coffee provider. You can follow him at @vierito5

Bernardo Maia Rodrigues (Brazil) Bernardo works as an Ethical Hacker for KPNs (Royal Duth Telecom) REDteam. He enjoys hacking (and bricking) embedded devices including routers, modems and TVs. He presented on security topics at the NullByte Conference, the null Amsterdam chapter and local venues. He frequently participates in CTFs with TheGoonies and is famous for not using buzzwords like IoT, APT and Cyber in his bio.

Vincent Ruijter (Netherlands) Pacifistic Internetveapon @ KPNs (Royal Dutch Telco) REDteam, who thinks he knows Linux. Moderator @ null Amsterdam chapter, with an endless curiosity for all things binary. Knows how to quit Vi ^[ESC!wqwq:wq!

More events

17-18
Nov

Hackathon for Peace, Justice and Security

location:
The Hague Tech, Juliana van Stolberglaan 10, The Hague
organised by:
The Municipality of The Hague
HSD event
20
Nov

Innovatiecongres What's Next? Justitie en Veiligheid 2018

location:
Den Haag
organised by:
Ministerie van Justitie en Veiligheid
HSD event
22
Nov

HSD Café: Human Factor in Physical Security

location:
HSD Campus, 7th Floor.
organised by:
The Hague Security Delta.
HSD event
22
Nov

Congres 'Nieuwe perspectieven in crisismanagement'

location:
Hotel Restaurant Oud London
organised by:
SVDC en DIEM (Daily Impact Emergency Management)
HSD event
22
Nov

Hâck Den Haag 2018

location:
City Hall. The Hague
organised by:
Cyberspint, City of The Hague
HSD event
23
Nov

Security according to Zero Trust (using VMware NSX)

location:
Waardenburg, The Netherlands
organised by:
ON2IT
HSD event
26-30
Nov

Amsterdam Drone Week 2018

location:
RAI Amsterdam
organised by:
RAI Amsterdam in collaboration with Ministry of Infrastructure and Water Management
HSD event
27-28
Nov

Congres Drones in het publieke domein

location:
RAI Amsterdam
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
27-28
Nov

Cyber Investor Days

location:
Berlin, Germany
organised by:
European Cyber Security Organisation (ECSO), secunet Security Networks AG and IT security association TeleTrusT Bundesverband IT-Sicherheit e.V.
HSD event
28-29
Nov

CyberMatch London Brokerage Event

location:
London
organised by:
Enterprise Europe Network (EEN) London
HSD event
29
Nov

Opleiding bibob coordinator

location:
Regardz La Vie Utrecht
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
29-30
Nov

Congres Veiligheid bij Evenementen

location:
RAI Amsterdam
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
29
Nov

Jaarcongres Witwassen 2018

location:
Hotel veenendaal
organised by:
Studiecentrum Kerckebosch
HSD event
29
Nov

Amsterdam Security Conference

location:
RAI Amsterdam Europaplein 1078 GZ Amsterdam Nederland
organised by:
Rai Amsterdam Exhibitions & VPN
HSD event
04-19
Dec

Cursus Crisismanagement in de praktijk

location:
BCN Utrecht (Daltonlaan)
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
04-18
Dec

Opleiding Inzicht in Criminologie

location:
BCN Utrecht (Daltonlaan)
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
05-07
Dec

Counterterrorism (CT) and Applied Intelligence Course (8th edition)

location:
Park Hotel, The Hague, Netherlands
organised by:
Twickelerveld Intelligence and Investigations
HSD event
05-07
Dec

Cyber Security Indonesia (CSI) 2018

location:
Jakarta Convention Centre
organised by:
Tarsus Indonesia
HSD event
05-06
Dec

Security Research Event (Announcement)

location:
The Square Rue Mont des Arts 1000 Brussels
organised by:
European Commission & the Chairman of the European Union
HSD event
06-20
Dec

Cursus Bestuursrechtelijk handhaven

location:
La Vie Utrecht
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
06-20
Dec

Cursus Waarheidsvinding

location:
BCN Utrecht (Daltonlaan)
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
06-20
Dec

Cursus Predictive profiling

location:
BCN Utrecht (Daltonlaan)
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
13
Dec

Opleiding beleidsmedewerker Openbare Orde en Veiligheid

location:
Regardz La Vie Utrecht
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
08-12
Jan-Mar

Cursus Bestuurlijke aanpak van ondermijning

location:
La Vie Utrecht
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
10
Jan

Opleiding Fire Safety Manager

location:
BVO
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
15
Jan

Cursus Drones in de openbare ruimte

location:
BCN Utrecht (Daltonlaan)
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
08-12
Jan-Mar

Cursus Bestuurlijke aanpak van ondermijning

location:
La Vie Utrecht
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
05
Feb

Opleiding Resilience Officer

location:
BCN Utrecht (Daltonlaan)
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
07
Feb

Cursus Bestuurlijke aanpak van radicalisering en terrorisme

location:
La Vie Utrecht
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
14-15
Feb

Congres Milieucriminaliteit

location:
The Hague Security Delta Campus
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
08-12
Jan-Mar

Cursus Bestuurlijke aanpak van ondermijning

location:
La Vie Utrecht
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
05-19
Mar

Cursus Openbare Orde, Rampen en Noodbevoegdheden

location:
La Vie Utrecht
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
14
Mar

Cursus Wet- en regelgeving in Openbare Orde en Veiligheid

location:
La Vie Utrecht
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
14
Mar

Opleiding Overlastcoördinator

location:
La Vie Utrecht
organised by:
Studiecentrum voor Bedrijf en Overheid
HSD event
27-29
Mar

ASIS Europe 2019 - From Risk to Resilience

location:
WTC Rotterdam
organised by:
ASIS International
HSD event
15-16
Apr

(ISC)² Secure Summit EMEA 2019

location:
World Forum, The Hague.
organised by:
(ISC)² & Pepler Lee Events
HSD event
04-06
Jun

Infosec London 2019

location:
Olympia, London. The United Kingdom.
organised by:
Infosecurity Europe
HSD event
16-20
Jun

Hack in Paris 2019

location:
La Maison de la Chimie, Paris, France.
organised by:
SysDream IT Security Services
HSD event
19-20
Jun

EuroDIG 2019 The Hague

location:
The Hague, the Netherlands.
organised by:
The Ministry of Economic Affairs
HSD event

The Hague Security Delta is required by law to ask permission for using cookies. We use functional cookies, and cookies for managing website statistics.
The cookies are processed anonimously. By continuing on our website, you accept the use of cookies. 
Read our privacy and cookie policy for more information.

 

Close