Hardware Implants


There’s recent news about some really interesting hardware implants. I wanted to take a bit to share more technical thoughts and details that can’t be reduced to a mainstream article on the topic.

The core of the claim is that someone implanted extra components on some server motherboards that would do malicious stuff, subvert the system and possibly allow it to ‘phone home’. I looked at the claims through a technical and feasibility lens.

I’ve studied hardware implants for a few years now. I’ve done multiple reviews of server hardware looking for backdoors I profit, via @securinghw and @SecureHardware, from people being more interested in hardware security.

That’s the extent of my knowledge. I have no specific information about the implants being reported on. I do feel like my background qualifies me to comment from a technical perspective.

First, how do we build a hardware implant?

With hardware access, there are plenty of ways to backdoor a server. Someone knowledgable could quickly pick out a dozen well marked places malicious firmware could hide on a board and dozens of more components large enough to contain a capable implant inside them.

The biggest target is the BMC. It’s trivial to modify the firmware of most BMCs, and many of them are trivial to exploit remotely because of the poor quality, outdated software they run.

Most of the capabilities of the described attack could be implemented in BMC firmware, be just as stealthy, and be FAR lest costly to design and implement.

Moving beyond firmware modifications, we have a ton of chips on the system that communicate with each other. The BMC and more can give and receive commands over I2C/SMBUS. @gsuberland showed situations where you could send packets from I2C - and lots of things connect to I2C.

But I2C is a shared bus. Anyone on the bus can take control. Microcontrollers that can speak I2C cost pennies and are available in all sorts of packages. Most boards even have I2C bridges that might be customizable to be malicious.

Even if someone were careful enough to check every chip against known parts, we can hide stuff further. Capacitors are often big metal cylinders scattered all over the board. Visual and X-ray inspection would show - a capacitor. What if we stuff components inside though?

Chips are getting smaller. The manufacturing capabilities in china available to everyone - not just state-spectrum actors - is incredible. Want a microcontroller in a tiny package that is normally used for power or RF components? no problem.

Some people picked on the original article for describing a fully capable computer the size of a pencil point. That’s still far fetched - but something the size of a pencil point that subverts the rest of the system to do that is feasible, today. Explain that to nontech audiences.

How do we know something is a hardware implant?

With a little knowledge and healthy paranoia, it’s easy to mistake something as a malicious hardware implant

There are lots of bold claims on the internet about backdoored hardware who are actually just finding engineering solutions to problems - for example, putting 2 pieces of silicon in a single package makes sense when one is flash storage and the other is a microcontroller.

But an inexperienced observer could easily jump to the conclusion that it’s a hardware implant. Likewise, lots of small components these days are actually several components manufactured into a single package for ease of use.

If you really find an implant, are you sure that it’s actually malicious? Plenty of counterfeit prevention (and counterfeit bypassing) modifications fit bill for malicious hardware implants - but they vary significantly in their profit motive.

Because of this, whenever I hear someone say something about malicious hardware implants, i’m incredibly skeptical. And i’m someone whose business depends on and who spends most of their time trying to make people aware of how easy hardware attacks can be.

As an analogy, we’re talking about designing and building a special screw that when used to build a suitcase, opens a secret side compartment when you knock on it just right - except that it’s otherwise secured with a TSA lock that everyone has a key to.

When DO hardware implants make sense?

I just told you how easy they are followed by how rare they are. When would someone use an implant?

The ANT catalog taught me that even though I’m a hardware person with hardware access and limitless capabilities - it makes more sense for hardware implants to grant software access/privilege, and then get out of the way. It’s just more efficient.

There are plenty of software vectors for exploiting a system. None of them require silicon design, hardware prototyping, or manufacturing processes, and none of them leave behind a physical item once they’re implanted.

Installing malicious software on 10,000 systems is a system management problem. Installing malicious hardware on 10,000 systems starts out as an HR problem and moves on from there. It’s just not scalable.

How could we make a hardware implant scalable?

First, it has to be cheap. But cheap microcontrollers cost pennies and are tiny. Solved.

Second, we’d have to hide it. We could build it in to another functioning component (expensive), or just find it in a package that looks like something more common. Solved.

Now, we need to get it on the board. This is the supply chain hack. Maybe we pay off a component supplier. Maybe we intercept component shipments. Maybe we intercept the design process of the board and spec it. But to make it cheap - it probably has to be added at manufacture time.

Now we need to get it to our target. Every board has it, but we probably only care about one targeted customer of the board. This is where it gets complicated. If 10 million backdoored motherboards all ping the same home server, everyone will notice. I don’t have a solution here.

What do i think of the whole deal?

This could be an ANT Catalog moment, or it could be a BadBIOS moment. We have reporting on some pretty amazing capability used in a way we haven’t seen before.

The @NSAPlayset explored what was possible with off the shelf versions of ANT catalog tools, and saw it was all entirely feasible for the general public - but years later. #radbios showed us some of the BadBIOS claims were feasible.

I’m confident there’s some truth to the story. I am also confident that details get lost in translation. Even savvy software security experts fumble nuances in hardware details, so I can only guess what a real-world game of telephone looks like at the other end.

Joe (@securelyfitz) is an Instructor and Researcher at SecuringHardware.com. Joe has spent over a decade working on low-level silicon debug, security validation, and penetration testing of CPUS, SOCs, and microcontroller. He has spent the past 5 years developing and leading hardware security-related training, instructing hundreds of security researchers, pen-testers, hardware validators worldwide. When not teaching classes on applied physical attacks, Joe is busy developing new course content or working on contributions to the NSA Playset and other misdirected hardware projects, which he regularly presents at all sorts of fun conferences.