This video shows off some of the realistic attacks that can be performed against office-type landline telephones these days:
The presentation in this video was made by by by Ang Cui, a researcher from the Columbia University Intrusion Detection Systems Lab.
More information about the ‘symbiote’ protective software mentioned in the video is on their site. Weird that hacking your own phone to address failures in the firmware might be the best way of improving the security of your network…
I wonder if the Columbia researchers collaborate at all with U of T’s Citizen Lab…
When Firmware Modifications Attack: A Case Study of Embedded Exploitation
Abstract—The ability to update firmware is a feature that is found in nearly all modern embedded systems. We demonstrate how this feature can be exploited to allow attackers to inject ma- licious firmware modifications into vulnerable embedded devices. We discuss techniques for exploiting such vulnerable functionality and the implementation of a proof of concept printer malware capable of network reconnaissance, data exfiltration and propa- gation to general purpose computers and other embedded device types. We present a case study of the HP-RFU (Remote Firmware Update) LaserJet printer firmware modification vulnerability, which allows arbitrary injection of malware into the printer’s firmware via standard printed documents. We show vulnerable population data gathered by continuously tracking all publicly accessible printers discovered through an exhaustive scan of IPv4 space. To show that firmware update signing is not the panacea of embedded defense, we present an analysis of known vulnerabilities found in third-party libraries in 373 LaserJet firmware images. Prior research has shown that the design flaws and vulnerabilities presented in this paper are found in other modern embedded systems. Thus, the exploitation techniques presented in this paper can be generalized to compromise other embedded systems.