Vulnerability testing for software and networks is both necessary and ubiquitous, giving rise to tools such as the open source Metasploit framework. This can seek out weaknesses, run exploits and mimic attacks in the wild against corporate services.

The missing link is hardware. Given the difficulty of linking hardware directly to testing solutions, companies have typically relied on purpose-built services to ensure security. According to Dark Reading, however, a new Hardware Bridge API for Metasploit extends the functionality of this tool beyond the virtual, allowing security experts to directly hack their own hardware.

A Storm Is Brewing

While on-premises and cloud-based applications have been the go-to choice of cybercriminals over the last few years, this focus is changing as more Internet of Things (IoT) devices hit the market and more industrial enterprises opt for internet-facing control systems. The result is a potential hardware hacking deluge as attackers look for ways to breach physical systems and cause havoc.

As noted by Electronic Engineering Journal, for example, the growing popularity of 3-D printers comes with concern. If fraudsters are able to alter the firmware of these devices, they can change the configuration of output materials without detection. Sure, the changes would have to be small — joints slightly out of place or holes moved — but when it comes to strength-intensive applications that depend on specific design features, this kind of breach could be devastating.

Hackaday, meanwhile, pointed to the increasing number of “covert channels” that target hardware by bridging the air gap. It’s now possible to use fan sounds as a way to exfiltrate information, temperature variations to introduce malware and vibration to recreate keystrokes. Put simply, a storm of hardware hacks is brewing, and most companies aren’t ready for the rain.

How the Hardware Bridge Works

Dark Reading reported that the new Metasploit hardware bridge aims to reduce the complexity of device-based security tests, specifically in the automotive space. Security firm Rapid7, which owns the Metasploit project, announced plans to roll out support for additional verticals later this year.

So how does the hardware bridge work? Instead of relying on Ethernet, it leverages a combination of wireless communication and direct hardware manipulation, allowing manufacturers to enable support for Metasploit in firmware or create a relay service for devices without Ethernet access.

The Importance of Vulnerability Testing

According to Rapid7 developer Craig Smith, this allows companies “to utilize hardware to reach areas you couldn’t before,” such as a vehicle’s Controller Area Network (CAN) bus system, Dark Reading said. This, in turn, allows automakers to test for threats on devices that are not exposed to traditional networks but could pose serious risk if compromised.

Researchers have already demonstrated the ability to change a moving vehicle’s direction or speed by compromising its network-based components. Given the growing push for self-driving vehicles, it’s impossible to overstate the need for direct, straightforward hardware vulnerability testing.

Software and network testing are solid starting points, but in an IoT-enabled world, they’re simply not enough. Open source, easy-to-use hardware hacking tools represent the next step toward effective, physical cyberdefense.

More from

Vulnerability resolution enhanced by integrations

2 min read - Why speed is of the essence in today's cybersecurity landscape? How are you quickly achieving vulnerability resolution?Identifying vulnerabilities should be part of the daily process within an organization. It's an important piece of maintaining an organization’s security posture. However, the complicated nature of modern technologies — and the pace of change — often make vulnerability management a challenging task.In the past, many organizations had to support manual integration work to get different security systems to ‘talk’ to each other. As…

How I got started: SIEM engineer

2 min read - As careers in cybersecurity become increasingly more specialized, Security Information and Event Management (SIEM) engineers are playing a more prominent role. These professionals are like forensic specialists but are also on the front lines protecting sensitive information from the relentless onslaught of cyber threats. SIEM engineers meticulously monitor, analyze and manage security events and incidents within an organization. They leverage SIEM tools to aggregate and correlate data, enabling them to detect anomalies, identify potential threats and respond swiftly to security…

Tequila OS 2.0: The first forensic Linux distribution in Latin America

3 min read - Incident response teams are stretched thin, and the threats are only intensifying. But new tools are helping bridge the gap for cybersecurity pros in Latin America.IBM Security X-Force Threat Intelligence Index 2023 found that 12% of the security incidents X-force responded to were in Latin America. In comparison, 31% were in the Asia-Pacific, followed by Europe with 28%, North America with 25% and the Middle East with 4%. In the Latin American region, Brazil had 67% of incidents that X-Force…

Cost of a data breach 2023: Geographical breakdowns

4 min read - Data breaches can occur anywhere in the world, but they are historically more common in specific countries. Typically, countries with high internet usage and digital services are more prone to data breaches. To that end, IBM’s Cost of a Data Breach Report 2023 looked at 553 organizations of various sizes across 16 countries and geographic regions, and 17 industries. In the report, the top five costs of a data breach by country or region (measured in USD millions) for 2023…