HITB LAB: Attacking GSM – Alarms, Smart Homes, Smart Watches and More

This 120-minute workshop will cover different attacks on popular GSM-devices: alarms, smart home systems, access control systems and smartwatches for kids. GSM-devices are popular and easy for use: for example, you just need to insert SIM-card in GSM-alarm, and the system is ready for use. But the security of those devices is questionable.

Common alarm-devices was tested properly, researchers found different vulnerabilities and attacks. At this training will be coerced attacks on the GSM part of devices, because this part is not covered properly and there are some easy and effective attacks.

Please bring:

* A laptop with a modern browser
* Headphones
* Favorite editor with script language (optional)

You will be provided with:

* Different GSM-devices: alarms, smart home systems, access control systems and smartwatches for kids
* SIP accounts for calls
* Special accounts at service for calls with spoofed Caller ID

Topics Covered:

1) Introduction and basic information about GSM-devices, typical use cases, discussion about requirements.

2) Number spoofing attacks

3) Bruteforcing and “locking brute-force”

4) Attacking mobile operators.

5) Attacking mobile applications and personal accounts.

6) Defense – basics of protection for GSM-devices

Takeaways:

  • You will get to try these attacks in practice
  • You will learn about different GSM devices, typical targets, and victims.
  • You will know basic and advanced techniques to attack GSM-devices
  • You will be able to create basic security requirements for GSM-devices

MAIN CONFERENCE
Location: Track 3 / HITB Labs Date: May 9, 2019 Time: 4:30 pm - 6:30 pm Alex Kolchanov