This week, researcher Rich Smith, head of research for offensive technologies at HP Systems Security Lab will demonstrate how network-enabled firmware could become susceptible to a remote PDOS attack. This type of attack dubbed phashling, will be addressed at the third EUSecWestSecurity Conference on May 21/22 at the Sound club in Leicester Square in central London, U.K.
Theoretically, during a PDOS attack, the attacker turns an embedded hardware system such as a printer or router into a non-functioning brick by flashing it with broken firmware. If you have ever had the unfortunate experience of suffering an electrical outage during a flash upgrade, you know what a disaster I speak of!
Though PDOS has not been seen in the wild yet, criminal hackers have been exceptionally adept at adopting new and diverse attack vectors. The common gist of a PDOS attack would be:
1-Deny the service
2-Request ranso
3-Release PDOS upon payment
I do not consider that PDOS will become a serious attack vector. Controls such as TFTP should be addressed with implementation of authentication protocols in order to secure firmware upgrades.
Ironically, PHLASH.exe is the name of Phoenix’s BIOS upgrade tool…
