Seoul — The ACM WiSec Conference — On Tuesday, three research groups presented on the topic of cyberattacks at the ACM WiSec conference in Seoul. The researchers highlighted how attackers can exploit vulnerabilities in data protection and authentication to launch such attacks. They emphasized the critical need to safeguard devices and networks from emerging methods of cyber intrusion.
One of the key discoveries presented at the conference was made by Aya Fukami and Richard Buurke, scientists at the Netherlands Forensic Institute. They identified a significant security vulnerability in the Replay Protected Memory Block (RPMB), a secure memory component in digital devices.
The scientists demonstrated how attackers could manipulate critical data within the RPMB by bypassing authentication checks and gaining control over the device. They pointed out that this poses a serious security risk, as the RPMB is intended to securely store important information, such as booting and security-related data. By exploiting this vulnerability, attackers could carry out malicious activities, including downgrading software, unlocking the bootloader, or tampering with Android system images. The scientists emphasized the importance of enhancing security measures to prevent potential attacks on the device’s memory security.
Heloise Gollier, a PhD candidate with the DistriNet research group at Katholieke Universiteit (KU) Leuven, emphasized the importance of reducing vulnerabilities in both hardware and network protocols. She introduced attack methods to highlight Wi-Fi vulnerabilities, demonstrating how clients can be tricked into connecting to the wrong network despite using secure protocols. In her simulation, the attacker created a fake network to deceive devices into connecting to it, thereby illustrating how clients can be tricked into connecting to the wrong network despite using secure protocols. Gollier stressed the need to understand and address such vulnerabilities to protect both hardware and network protocols.
“We have tested our attack against several different devices and have found that all of them are vulnerable. This means that all devices are vulnerable as long as the protocol is vulnerable,” Gollier warned.
Xingya Zhao, a research assistant at Ohio State University, revealed vulnerabilities in wireless communication systems, particularly in Wi-Fi protocols. Zhao demonstrated how hackers could exploit these systems by sending fake signals to intercept data. She warned that attackers could disrupt communication between devices and access points by making the signals noisy—in other words, by introducing random interference or disturbances to the signals, rendering them unreadable or unreliable.
“Attackers can join as malicious clients and send fake channel state information feedback to intercept data intended for other users. They also explored attacks targeting networks with implicit channel feedback,” Zhao highlighted.
Zhao further emphasized the importance of addressing vulnerabilities in Wi-Fi protocol communication systems and stressed the need for improved security measures to defend against attacks.
