We are very glad to announce that we are now partners with ISH – Information Security Hub at the Munich Airport. This is a world-class cyber security competence center, with a focus on highly critical infrastructure, a long-standing experience and a broad partner ecosystem. Keep your skills up to date and sharp, and grow your network at this fascinating, modern and versatile training facility.

This year SevenShift will be holding two IoT Security Bootcamps at this great facility in Munich: The first one will take place on September 10th – 12th , and the second one will be on November 5th-7th, 2019. We will be teaching our 3-day hands-on IoT hacking class, but in a different location. As usual, the training will cover all aspects of IoT Security, from the technologies and testing methodologies to the vulnerabilities. The main focus will be offensive security: attacking and testing devices and platforms.

If you need help selecting a training or just want to reach to us, please do not hesitate to contact us and we will provide any additional information you need.

We are looking forward to seeing you there!

Follow us on Twitter, LinkedIn or Xing to get updates.

Update: The date dates have been updated.

We are proud to announce that after lots of work we are adding a new capability to our IoT Testing portafolio: 2G. With our new cellular network we have full visibility of Voice, SMS and Data transmitted using this technology.

IoT 2G Attack surface

Until now, our clients had to trust the device manufacturers on what what was being transmitted over the 2G interface or perform a full source code analysis. By using our own cellular network in an EMF shielded room or tent, SevenShift now has control of the 2G network, allowing us to see and attack all communications.

SevenShift 2G Network equipment

 

 

Why 2G, in a world where many other faster protocols are available?

Costs are an important factor in IoT, especially consumer IoT, where the manufacturers try to keep the unit cost as low as possible. This allows them to reduce the price on the devices and of course increase their margin.
The initial cost of the modem / communication modules have a great weight in this area, for example we found this pricing overview here, which illustrates the point:

 

SigFox (TD1207R) LoRaWAN (RN2483)
2G
(u-blox SARA G350)
3G
(u-blox SARA U270)
WiFi
(Cypress BCM43362)
11,00 €
12,43 €
11,56 €
29,18 €
10,48 €

 

As you can see, using a 3G modem more than doubles the price of a 2G modem.
The table above is by no means up to date and will vary depending on the manufacturer and unit count, but it gives us a good idea.

What can we do with the new 2G capabilities?

We are now in the position to perform all the tests we are used to perform for other IP based technologies:

  • Create an accurate communication matrix of the device: with whom, why and how it communicates with.
  • Perform Man in the Middle (MiTM) attacks
  • Verify correct use of encryption, including correct usage and validation of SSL / TLS certificates
  • Attack the device via the 2G interface
  • Emulate any GSM network and observe the behavior
  • And much more…

If you want to book 2G tests for your devices, contact us now.