Analysing 3D Printer Songs For Hacks

3D printers have become indispensable in industry sectors such as biomedical and manufacturing, and are deployed as what is termed as a 3D print farm. They help reduce production costs as well as time-to-market. However, a hacker with access to these manufacturing banks can introduce defects such as microfractures and holes that are intended to compromise the quality of the printed component.

Researchers at the Rutgers University-New Brunswick and Georgia Institute of Technology have published a study on cyber physical attacks and their detection techniques. By monitoring the movement of the extruder using sensors, monitored sounds made by the printer via microphones and finally using structural imaging, they were able to audit the printing process.

A lot of studies have popped up in the last year or so including papers discussing remote data exfiltration on Makerbots that talk about the type of defects introduced. In a paper by [Belikovetsky, S. et al] titled ‘dr0wned‘, such an attack was documented which allowed a compromised 3D printed propeller to crash a UAV. In a follow-up paper, they demonstrated Digital Audio Signing to thwart Cyber-physical attacks. Check out the video below.

In this new study, the attack is identified by using not only the sound of the stepper motors but also the movement of the extruder. After the part has been manufactured, a CT scan ensures the integrity of the part thereby completing the audit.

Disconnected printers and private networks may be the way to go however automation requires connectivity and is the foundation for a lot of online 3D printing services. The universe of Skynet and Terminators may not be far-fetched either if you consider ambitious projects such as this 3D printed BLDC motor. For now, learn to listen to your 3D printer’s song. She may be telling you a story you should hear.

Thanks for the tip [Qes] Continue reading “Analysing 3D Printer Songs For Hacks”

FANCY BEAR Targets Ukrainian Howitzers

Just in case you’re one of the people out there who still doesn’t believe in “the cyber” — it appears that the Russian military served malicious cell-phone apps to the Ukrainian army that allowed them to track a particular artillery cannon.

The legitimate version of the Android app helped its operator use the 1960’s-era former Soviet howitzer. The trojanized version of this application did just the same, except it also phoned home to Russian military intelligence with its location. In addition to giving the Russian army valuable information about troop movements in general, it also led to the destruction of 80% of the cannons in question over two years.

The cited article goes into depth about how certain it is that a hacking group, referred to as FANCY BEAR, are nearly certainly responsible for the attack. The exploit has fingerprints that are not widely known outside of the security research community, and the use of the exploit against the Ukrainian army pretty much ties FANCY BEAR to the Russian military.

This is also the same exploit that was used against the Democratic National Committee in the United States. Attribution is one of the hardest parts of white-hat hacking — attackers don’t want to be found and will leave misleading clues when they can — but the use of the same proprietary malware in these two attacks is pretty convincing evidence that Russian military intelligence has also hacked into US political parties and NGOs.

(Banner image by Vitaly Kuzmin, CC-BY-SA 3.0.)