Showing posts from July, 2017

“Howdy Neighbor” Smart House

“Howdy Neighbor” Smart House “Howdy Neighbor” is GRIMM’s Internet of Things (IoT) Capture the Flag (CTF)-like challenge. As smart devices become ubiquitous within the common household, so are threats to these devices. For example, last year, it was  reported  that researchers could use a smart lightbulb network vulnerability to attack an entire city. Howdy Neighbor is a model smart house that simulates how multiple interactive “smart” home products, including webcams, smoke detectors, power meters, HVAC systems, smart ovens and refrigerators, video game consoles, smart TVs, toasters, coffee makers, locks, and light bulbs (etc.!), can be hijacked by attackers of various skill level to expose real-world vulnerabilities, and is a great way to learn about common oversights made in development, configuration, and setup of IoT devices. More than just showing folks how your Nest can smart thermostat can take over your home, we created Howdy Neighbor to actually demonstrate the problem an

What is “3PO”?

What is “3PO”? “3PO” is GRIMM’s mobile car hacking lab. Since nearly every modern car is Internet-connected, you no longer need physical access to break out of, or break into a vehicle. Hackers prove vehicles are not only insecure from a cybersecurity perspective, but because of that, also unsafe. From controlling the steering, accelerating, braking, and communications, this presents an extremely large attack surface. As automotive original equipment manufactures (OEM) and their Tier 1 direct suppliers have become more aware of the threat, their need for end-to-end hardware and software vulnerability assessments has grown. In an industry where most companies just tell you you have a problem, we created 3PO to actually demonstrate the problem, as well as raise awareness and help train folks while at conferences and exhibits. It might not look like it, but 3PO is actually a fully-working car. Sure, it folds up into a box for easy transport, but it is made up of the Electronic Contr