Attending this event?
Friday, March 13 • 10:00am - 10:50am
Inherit Cellular Insecurities in our Critical Infrastructure

Sign up or log in to save this to your schedule and see who's attending!

This talk will focus on the dangers of cellular networks and the devices themselves that orchestrate and control the smart cities cameras, stop lights, and other cellular connected devices. Cellular networks play a vital role in providing network access for critical components that connect to the Internet. But what if the cellular network, and routers are vulnerable?

During the talk I will show you real undisclosed or "reserved CVE's" within the cellular routers themselves and the carrier's cellular networks. I will disclose the secrets that I can't publicly share, and talk in detail about bug chains, GSM/LTE Evil Twins, and other juicy findings that were uncovered during research into the components that run critical infrastructure.

In such a complicated closed source system with many possible deficiencies and vulnerabilities, as a community we need to acknowledge that adversaries will target cellular networks due to the ever expanding availability of inexpensive SDR’s, and Open source LTE frameworks. It is now easier than ever to cause disruption to cellular networks, man-in-the-middle mobile devices, and track cellular endpoints.

In summary, with such a complicated cellular threat landscape, this talk will focus on showing problems and providing solutions for devices that bridge the modern cloud’s technology stack and the critical devices connected in big cities. Solutions such as an RF IDS and IPS systems, that perform cellular based BTS and cellular attacks need to be considered in today's new RF world. New policies need to be created and enforced to ensure that our critical infrastructure is protected in our largest cities.

Summary of talk
1) Cellular History (Some Cellular Tech Basics)
2) Misconceptions and the reality of Cellular Security
3) Common HW Bugs and what to look for when assessing cellular endpoints
4) Penetration Testing Cellular Routers (Used in Critical Infrastructure)
5) Common Cellular Attacks (Rogue BTS, Jamming)
6) Techniques and Tools (SDR's, Antennas, etc)
7) The Cellular Landscape's Future, and 5G Technology
8) Solutions: WIPS/WIDS for Telephony/Cellular Access Points
9) More "Cell Talk" - Some time to talk about any open question(s).
10) Slide that has my contact info

avatar for Adam Toscher

Adam Toscher

Adam Toscher has security and information systems infrastructure experience from twenty years of holding senior and principal level IT Systems engineering roles. In previous Information Technology roles he was the head of corporate infrastructure and has held high level engineering... Read More →

Friday March 13, 2020 10:00am - 10:50am
Track 2
Feedback form isn't open yet.

Attendees (9)