• Link to X
  • Link to Xing
  • Link to LinkedIn
  • English English English en
  • Deutsch Deutsch German de
SevenShift
  • Services
  • Training
    • IoT Security Bootcamp
    • ASSESSING and EXPLOITING CONTROL SYSTEMS & IIoT
    • IoT Security Strategy Training
  • Blog
  • About Us
    • Contact
    • Partners
    • Career
  • Projects
    • Bunkai
    • CRACoWi
  • Click to open the search input field Click to open the search input field Search
  • Menu Menu

New capabilities 2G

News

We are proud to announce that after lots of work we are adding a new capability to our IoT Testing portafolio: 2G. With our new cellular network we have full visibility of Voice, SMS and Data transmitted using this technology.

IoT 2G Attack surface

Until now, our clients had to trust the device manufacturers on what what was being transmitted over the 2G interface or perform a full source code analysis. By using our own cellular network in an EMF shielded room or tent, SevenShift now has control of the 2G network, allowing us to see and attack all communications.

SevenShift 2G Network equipment

 

 

Why 2G, in a world where many other faster protocols are available?

Costs are an important factor in IoT, especially consumer IoT, where the manufacturers try to keep the unit cost as low as possible. This allows them to reduce the price on the devices and of course increase their margin.
The initial cost of the modem / communication modules have a great weight in this area, for example we found this pricing overview here, which illustrates the point:

 

SigFox (TD1207R) LoRaWAN (RN2483)
2G
(u-blox SARA G350)
3G
(u-blox SARA U270)
WiFi
(Cypress BCM43362)
11,00 €
12,43 €
11,56 €
29,18 €
10,48 €

 

As you can see, using a 3G modem more than doubles the price of a 2G modem.
The table above is by no means up to date and will vary depending on the manufacturer and unit count, but it gives us a good idea.

What can we do with the new 2G capabilities?

We are now in the position to perform all the tests we are used to perform for other IP based technologies:

  • Create an accurate communication matrix of the device: with whom, why and how it communicates with.
  • Perform Man in the Middle (MiTM) attacks
  • Verify correct use of encryption, including correct usage and validation of SSL / TLS certificates
  • Attack the device via the 2G interface
  • Emulate any GSM network and observe the behavior
  • And much more…

If you want to book 2G tests for your devices, contact us now.

2018-08-19/by Pablo Endres
Share this entry
  • Share on Facebook
  • Share on X
  • Share on WhatsApp
  • Share on LinkedIn
  • Share on Reddit
  • Share by Mail
https://sevenshift.de/wp-content/uploads/2018/08/2G-Attack-surface-499x300.png 300 499 Pablo Endres https://sevenshift.de/wp-content/uploads/2019/02/Logo-SevenShift-Color-Transparent_border-300x80.png Pablo Endres2018-08-19 13:05:172018-08-19 14:06:36New capabilities 2G

Next Trainings & Events

  • No events
  • Latests news

    • Training strategy 20232023-02-23 - 19:37
    • IoT Security Bootcamp live at BruCON 0x0E (Spring and Conference)2022-03-04 - 09:52
    • 2020_in_review
      Looking back at the year 20202021-01-31 - 16:54

    Where to find us

    SevenShift GmbH
    Im Mediapark 5
    50670 Cologne
    Germany

    How to contact us

    Email: info@sevenshift.de
    Phone: +49 221 952 609 12
    Fax: +49 221 952 609 11

    • Services
    • Training
      • IoT Security Bootcamp
      • ASSESSING and EXPLOITING CONTROL SYSTEMS & IIoT
      • IoT Security Strategy Training
    • Blog
    • About Us
      • Contact
      • Partners
      • Career
    • Projects
      • Bunkai
      • CRACoWi
    @Copyright - SevenShift GmbH 2018
    • Link to X
    • Link to Xing
    • Link to LinkedIn
    • Contact
    • Career
    • Legal Notice | Privacy Policy
    • Terms & Cond.
    Link to: Conference vs Training Link to: Conference vs Training Conference vs Training Link to: Why and how to kickstart a career in IoT Security Link to: Why and how to kickstart a career in IoT Security X-Ray of a micro-controller boardPhoto by Mathew Schwartz on UnsplashWhy and how to kickstart a career in IoT Security
    Scroll to top Scroll to top Scroll to top

    This site uses cookies. By continuing to browse the site, you are agreeing to our use of cookies. For details see our Legal Notice | Privacy Policy.

    OK

    Cookie and Privacy Settings



    How we use cookies

    We may request cookies to be set on your device. We use cookies to let us know when you visit our websites, how you interact with us, to enrich your user experience, and to customize your relationship with our website.

    Click on the different category headings to find out more. You can also change some of your preferences. Note that blocking some types of cookies may impact your experience on our websites and the services we are able to offer.

    Essential Website Cookies

    These cookies are strictly necessary to provide you with services available through our website and to use some of its features.

    Because these cookies are strictly necessary to deliver the website, you cannot refuse them without impacting how our site functions. You can block or delete them by changing your browser settings and force blocking all cookies on this website.

    Google Analytics Cookies

    These cookies collect information that is used either in aggregate form to help us understand how our website is being used or how effective our marketing campaigns are, or to help us customize our website and application for you in order to enhance your experience.

    If you do not want that we track your visist to our site you can disable tracking in your browser here:

    Other external services

    We also use different external services like Google Webfonts, Google Maps and external Video providers. Since these providers may collect personal data like your IP address we allow you to block them here. Please be aware that this might heavily reduce the functionality and appearance of our site. Changes will take effect once you reload the page.

    Google Webfont Settings:

    Google Map Settings:

    Vimeo and Youtube video embeds:

    Privacy Policy

    You can read about our cookies and privacy settings in detail on our Privacy Policy Page.

    Legal Notice | Privacy Policy
    Accept settingsHide notification only