June 25, 2019
River Loop Security taught an interactive seminar at the CREDC Summer Symposium on June 25th, 2019 in St. Charles, IL.1 Ryan Speers, a Partner with the team, provided attendees an introduction to security assessments on IEEE 802.15.4 and other related protocols like ZigBee. River Loop has done numerous such engagements and maintains KillerBee, the most widely used open-source tool for conducting penetration tests and research on these protocols.
Attendees at the symposium included utility operators, industry or academic researchers, and government regulators.
During this seminar, attendees were provided with ApiMote v4beta devices to test and use to interact with the PHY and MAC layers of these radio protocols.
Industrial devices increasingly connect via gateways or as native IIoT devices, many of which are built on ZigBee (or other protocols atop IEEE 802.15.4). The security of these networks can’t be assessed via IP network scanning or mobile application assessment, yet they present upstream risks into traditional networks or via the data used in mobile apps.
KillerBee continues to be the primary tool for manufacturers and penetration testers to use to assess these networks. We discussed the various options one has to assess their networks using KillerBee and provided a ‘quick start’ orientation to the tool to make it easy for people to successfully get started.
We are excited to continue working at the center of helping end-users, manufacturers, and security experts to measure the risk incurred when a new low-power wireless device is added to a network. While the pace of innovation in this industry remains high, more coordination is needed to help companies better understand their risk and provide clear paths to mitigation.
We would love to hear from you – whether you are a researcher looking to help solve these problems or a company facing difficult or unknown cybersecurity threats. We enjoy collaborating with both device makers and purchasers to solve these issues, and continue working with both large and small companies to ensure the devices they produce or purchase meet industry expectations for security.
We encourage you to contact us if you have any questions or comments based on this post, as we value your feedback and would be happy to discuss your specific questions.
About CREDC Summer Symposium
The CREDC Summer Symposium exists to allow participants to “explore the nexus between energy delivery systems, cybersecurity, and resilience. The event also offers participants opportunities to network with peers, learn about ongoing research & development efforts in academic and industry, and start collaborative research initiatives.”1 CREDC is supported by funding DOE-OE and DHS S&T.