The Hardware Pivot

Bio

Intro

"But hardware attacks are too difficult"

"Physical access is too high a barrier for most attackers"

"Only nation-states and their victims need to worry about malicious hardware"

They're right!

Hardware:

is harder than software

costs more to develop

is riskier to deploy

just doesn't scale

10k Hosts in the park

10k hardware implants? No way!

10k unique 0days? Of course not!

1 or more 0days that deliver a software payload that propagates internally?

Now we're talking!

1 or more Hardware Implants that deliver a software payload that propagates internally?

Why Not?

These

hardware

delights have

software

ends!

Why Hardware?

airtight software security practices

airgapped systems

heavily monitored networks

vulnerable supply chain

repudiation

exfiltration

we've got it, might as well use it!

"Because noone's gonna go to that much effort to hack me"

We're in - now what?

Pivot!

Hardware IS hard

Use Physical Access for a Hardware attack

Use Hardware to escalate software privilege

Use software privilege to do all that dirty work

Use Hardware when it's Easy!

organized campaign?

multiple hops through different systems

vs.

targeted hardware implant

red team engagement?

You don't need to be a nation state target to be a hardware attack victim!

simple pentest?

use Physical Access to *inform* the software attack

So What?

Hardware attacks are not difficult

Physical access is not a high barrier

Everyone is vulnerable to malicious hardware

The Hardware Pivot