 Hey guys, thanks for coming. So let's get started. Okay, so my name is Dan Regalado. We're going to be talking about an efficient pump. We can see it here. Let's talk about the disclaimer first. This is just for educational purposes. All the vulnerabilities that we identified, we discussed with the vendor. They are committed to the 360 days fix. They work with us pretty close. They respond right away, so I really appreciate the vendor around it. And we cannot disclose those details. We will show obviously the demos, but once the vendor is ready with the fixes, we can then publish the details. A little bit about us. We are Simbox. We're an IoT security company. I work there as a principal security researcher. And had the great, blessed to be part of a great hacking book as a co-author. And I'm running the Hack Defender Academy. Okay, so we're going to be talking about the efficient pump overview. So I'm going to give you guys a quick demo of how it works in case you don't know. And why we pick this specific medical device, the pump, what is the attacker's goal, the challenges during the investigation, the potential vulnerabilities. Obviously we're going to be giving you demos. So the efficient pump is, first of all, it's very expensive. It's more than $1,000. And you can imagine a hospital we can see around from 400 to 1,000 of these guys sitting in a facility. All of them connecting. We'll see the details. It is used to deliver fluids, medications, blood, et cetera, to the adults, pediatric and neonatal patients. So it just goes all around the hospital and then they just plug this guy. I'm going to show you in a second. So you will see a bag, you know, and then the other side, this is going to be connected through the human arm. And they're going to start doing the fluids and it's automated. And that's the main thing that you can program and say, okay, 50 milliliters for the next two hours, you leave it there, and it's going to start feeding the liquids. And if there is some issues, can you imagine that, for example, if it is insulin, and this requires to have 100 milliliters, let's say, and for some reason it's just giving 50 milliliters. It's not enough, so the patient is going to be not doing good in health. Or in the opposite side, if you put more than expected, it's also something that you don't want to have. So let me just quickly show you. I'm going to be switching back and forth here. I'm just going to turn it on and show you how it works. So these are the main components I'm going to describe. All of them, this is the main unit. This is running the protein system. We're going to talk about the protein system. In the left side is the actual pump. So this pump here is, this guy is the one who is going to have the bag with the liquid. And then in the other side, you are going to have the, the, the, connecting to the, to the patient. Okay. Let's just turn it on. It's going to be hard for you guys to see it, but at least so that you have an idea, I'm going to put it in the back so that we can also talk about details. So it's going to put it up. This specific pump, you can have two in each side. So you can program many different infusions. And once it boots up, it is pretty, it's pretty simple. It's going to ask you for a new patient. You are going to see these devices going all around the hospital. And then eventually if it is a new patient, you'll say, yes, a new profile. Or if it is not a new patient, it will load you the profile of that specific person with all the medication listed for that guy. And then it has some options here obviously to go around and, and to do some configurations. It's really, really limited. You cannot change anything here. You need an external software connected to the serial cable to do some changes. So for example, Wi-Fi connection has a Wi-Fi card in the back. That's something that you need to do through a software. You cannot do it here. This is just read-only. But let's go to the example of, of an infusion, okay? So the, the person is going to come, is going to click here, is going to say, okay, what I'm going to do, let's do a basic infusion. So then here you are going to put in very important the rate per milliliters per hour. And then you are going to put the VTBI, which is the volume, volume to be infused, liquid to be infused. And just, just to, to do some quick test. So let's say we put 50. And then here we put a total of 200. And then we click start. And then the infusion point will start working. And that infusion point is going to start feeding those 50 per hour in a total of 200, total amount 250 per hour. That's pretty simple. That's obviously not working because we don't have the back. But that's the basic idea of the functionality. Let me just, I'm going to turn it on, turn it off, sorry. So that's the main functionality of a pump. So let's see what we can do in a, in a, in a malicious way. So why we pick infusion pumps? It is expected to be worth 10 billion by 2020 year in the market. So that means there's going to be explosion of these pumps. It's so important for us to, to understand what is inside. And this specific device is one of the leaders in the world. So that means you can find it everywhere. Next time you, when you go to the hospital, you will see it. It's important to properly identify vulnerabilities. So what is the attacker's goal of this guy? Right? So obviously, if there is sensitive information inside, like PI data, so like, you know, congressman, which is dealing with cancer, or unfortunately the congressman that is dealing with brain cancer right now. So you don't want to know about that, right? But someone breaks into this, they can use it in a malicious way. And hijacked devices, of course, this can be also ransomware based. It's running in a Linux. We will see details of that. So you can hijack it. You can ask for ransomware. And obviously you can disrupt it. So it doesn't work anymore. The patient doesn't get attended. And it's bad. And of course, you can also use the pump to break into the land. So this can be a breach to break into the network and from there to the whole devices. Not about medical devices, can be anything connected to the access point. Keep in mind that this device connects to an access point. So if you are able to break to the access point through this device, you can get access to the network also. And obviously the most important thing that I think is the case here is the human, right? If you find a way to alter the behavior, then you can be infusing liquid that can harm a human, which is something that we don't want to know. I don't know if I'm not a doctor, but probably you can kill them. I don't know. Probably. Okay. Main challenge. It's very important to mention that this guy is a black box. We just get it. We just get it in the package. We don't know what it is. We started working on it. We realized that in order to interact with this guy, it runs a real time operating system. I'm going to talk about that. But just to debug it, it's a $5,000 debugger. So plus, it doesn't work through JTAC. This guy supports JTAC. I want to talk about that. But in order to interact with this, you need to have an Ethernet connection to the board. And it costs $5,000. Even with this guy, we cannot interact with the debugger that is developed by INEA. It comes with a Linux image real time operating system, fully stripped binary. So that means that you won't see anything like here. It's 35 each thousand functions, only numbers. There is nothing, no functions, names. You don't know anything about it. It's ARM. So it's very good coding practice, security practice from the vendor that it is fully stripped. It's very hard. And plus, they have error handling. So every time I crash something here, it just shows me error message. One, two, three, four, five. And it doesn't give me stock trace. It doesn't give me any details. So that's a good practice. Okay. So let's talk quickly about the architecture. So this guy runs an Intel X-Cale. This is very funny because X-Cale was from Intel. Then Intel sold it to Marvel. And it was pretend to run a strong ARM. But then they switched to ARM 40, which is the version that is running right now. It has models that run with a system on a chip, which is just a small chip running everything inside. Here is the datasheet. But basically this guy is able to run Windows and Linux because it was based on Intel and then switched into the ARM architecture. Here is a little bit details of these internals. So here is the JTAG that I mentioned so that you can interact with the processor. But unfortunately with that debugger that I mentioned, you cannot do it through JTAG. Here is the PC card. This is very important, guys. Inside the pump, probably you will see it here in a second. It uses this small compact flash card. That compact flash card, as you can see, is mentioned here. So that one is going to be able to boot the operating system. The operating system is inside that card, which means you can play around it. We will see how. Obviously it has LCD, it has RAM, it has DRAM, and it has a flash RAM also that we will see how we can play with that. So it knows what is called real-time operating system. A real-time operating system is a system that needs to support deadlines, which means, for example, a really good example is an airbag in the car, right? So if there is something in the car that the airbag needs to be triggered right away, it must be done immediately. It cannot be a delay of one or two seconds. It must be on real-time. That's the reason of these architectures that airbags or ABS in the cars or those specific critical systems, they need to react right away. That's the purpose of real-time operating systems. This specific company, INEA, is the creator of this real-time system. It's a Linux based ARM system, and it is all around. It is in medical, it is in industry, it is in automotive, it is all around different industries, industrial, CS also. And as I said, it must meet a deadline, otherwise it's a problem. Another detail is this specific architecture, only one process run at a time. We will see that in a second. And here is a second thing that I found inside which is called FlashFX. This is a genetic block device driver, which is basically the interface between the system and the hardware. But the good thing about this from security perspective is that this specific flash driver allows you to talk to the flash which is in the chip as a normal mount drive, which means this facility allows you to easily play with the flash instead of doing it in a hard way. Obviously, as expected, the flash stores sensitive information like credentials to get access to the network, to get access to the access points, so there's something stored in those kind of flash as usual. Very interesting, there is a file system manager called Tequila, so I don't know why they call it that way, but, and Google it, there is no information about that Tequila, but basically it's just a file system manager for this flash FX, so that really motivates me when I was doing this research because it's from Mexico, you know, right, Tequila? Okay, here is the compact flash card. This is the card that I mentioned. It is inside the pump. This guy that you are seeing there is this right here. It is this exactly. Inside it is the flash, the compact flash. This is exactly this one. And it runs, as I said, the INEA OC system stores medical information like the profiles of the different patients, like the medications per patient. And here is some content, obviously some things I removed. It has some firmware there. Here is the binary, the health binary that I talked to you, the real time operating system. This guy comes with the kernel and the application running this guy. So this has, it's a seven megabyte file, fully stripped symbols, so you can imagine it's very hard to deal with it. Here is more information about the patient profiles, some information about the configuration of the pump. And here is the auto run. This guy, this guy boots, it will read the auto run and then it will execute whatever it is inside. Okay. So the auto run stores the command to boot up this guy, right? So since we have access to the flash card, we can play with that. So it performs an integrity check, which means that when you run this operating system, it will do an integrity check to make sure it's not altered. And here is the first vulnerability that we have to bypass integrity check. At this point we cannot release the details, but the main thing is that we can alter that Linux binary, we can alter it and then start playing with it. What are the consequences of that? So I prepared a quick demo for you guys so that you can see how it should work. So what I'm going to do is I'm going to switch, this is the original compact flash card. And I'm going to just switch it with this one. This one comes with the bypass of that real time operating system. It comes with some modifications. Let's see what are those modifications and what would be the consequence. So you need to plug this in very, very careful because otherwise it won't run and I already burned many different cards. So, okay. So let's start it up. Probably you can see something around it. So the first thing that you can change is just the boot up. Here is where you can put a ransomware message, that's obviously one of one case, right? You can put a ransomware, pay me bitcoin money and then it doesn't boot up and then you get scared people, it doesn't work and then you can start playing with that. So that's because we modify the boot process. Now, once inside, one of the things that is very important is here in the options. In order to see the network status of the pump, you need to enter a P number. By default, if you go and Google it, it's a 32211 for something like that, it's the default one. But since we are able to modify it, we can change it to whatever you want. So for example, my number, February number is 777. So I just change it to 777 here. And I don't care what is the number, right? Because I just go to the image, find that specific thing where it's stored and just replace it with whatever I want. And that gives you access to the configuration. You can see here that the pump is trying to associate with a default Wi-Fi, right? So it's something that is already inside, it's already in the ROM. We cannot touch it, we cannot change it. But at least we know the process. Later we can see how we can modify this. So this is another example, right? You can change P numbers, you can change sensitive access to the pump. But let me show you the most interesting one. So if you remember the fusion pump, right? When it is set up, when you put the rate and you put the volume to be infused. So let's do it again. So here, if you notice something different, I just put it here. Obviously, I just changed to Primera in Spanish, the front, the form. Just to show you that you can change this front. But not only that. Because I can change the screens. What I did, I switched between the rate and the VTI. So basically, the rate is in the bottom and the VTI is in the up. You see that? So what that means is that if someone comes, and let's do it again, someone comes. And they want to prepare the fusion. They're going to say, okay, let me enter the rate. And I don't know, let's say 50. And then they are going to say, okay, so the duration might be three hours, for example. So what is happening here is that we are entering the rate. But the rate is actually the VTI. And the VTI is the rate. You know what I mean? So we swap it. So check it out when I say start. It says 50 here. But it's actually infusing 14. So because it got confused. And then what you are infusing is not exactly what the pump is trying to infuse. Also, if you notice something that I didn't test it yet, when we did it properly, it was giving us an error, right? It was flashing. Right now it's not flashing. It's working. So I cannot do it in humans. But if it is a volunteer, we can test it. We can see what happened. But the point here is that because we can modify the integrity of the Linux system, we can play with it also with the forms. And then we can change them. And the infusion pump at the end is going to do whatever we want. But as you can see here, it is in the opposite way. Let me just put this back. So these are just some examples of what you can do. Obviously, if you have time, we can change everything. We can change the front end so that you can do that. So here is what I said. This is the modified version. And here is the original one. One second. Okay. So here you can see, guys, in the right side is the original version. You remember it was the right here, the VTBI. And here is the way it works. In the right side, I just changed this title just to make it evident. But the most important thing is here, the swap here. I changed the VTBI for the rate, which means the person who is entering here is entering the opposite way. So that way is going to influence the behavior of the pump. And that's just because of the integrity. Okay? So let's move to the next one. So here is some commands that are found that you can use. It's basic Unix related commands, but those Unix commands can help you to do a lot of stuff. So you can do mem copies, you can do formats, you can do mem dumps, you can dump the flash, you can run. This guy specifically here is Rex scripting language. I don't know if you guys heard of Rex scripting language before. It's like a pearl, but I never heard before. It's one of those weird things running in this kind of devices. But that one can help us to actually do more stuff, because we don't need to play with ASM assembly. We can play with just pearl script, like pearl script. Here is what I was telling you. This is the process running inside. As you can see, there is just one process running at a time. When I run PS, it is the one running right now and the other ones are in receiving delay mode. Here is the PXCA status that I show you. We confirm that it is an ARM system. It is in supervisor mode. It is the Intel manufacturer, even though now it's Marvel and the version. And here is the most important thing, guys. So we found a way to read the flash without using any chip related. That's very important because it is easier. In the chip identified that in the left side, there is all the credentials to connect. This guy talks to a server in order to do hard bits and exchange information. So that is here. And it is in plain text, the AES keys, plain text. The credentials are there. Which means you can use this to decrypt information from this guy and the server. But also in the right side, we can see, you remember the Wi-Fi configuration is here. So that means that we know what is the credentials and then we can do two things. We are going to describe that. But by doing this information, we cannot change this guy, but we can change it through our interaction. So the first thing that attacker can do, obviously, is to gain access to the network. So he knows the credentials, he knows the SSID. I just need to go and plug in to the radius. I just log in and get access to the same LAN segment where this guy is running. That's the first thing. And you can attack other hosts, right? So you go, you retrieve the cards, Wi-Fi information as we display the information. Then you connect to the corporate access point and then you can start reaching other different assets within the network. That's the first thing. The second thing is man in the middle, which means we can impersonate the access point. Since we know the configuration file and we find a way to override the ROM, the internal ROM memory, sorry, we can reconfigure this guy and say, hey, don't forget about that, connect to me. As I said, there are from 400 to 1,000 of these devices in a network. So you can either man in the middle of them or you can just ask them to talk to you so that you can start decrypting the information. So this would be the scenario, right? So you have the ROG IP, you reconfigure them and then you can actually ask them to talk to you either by using the same SSID so that they reach out to you if you are closest to the access point or you can just replace the full Wi-Fi configuration. So let's see how that works. So that's going to be my last demo. So I'm going to replace again. This is the flash card. This flash card, what it's going to do is at boot time, it's going to go and replace the configuration of the Wi-Fi and to put our own configuration. And in the left side, I have a router which is already configured with our own access point and the intention is that this guy is going to connect to us. Let's see. So we just flip this guy. Give me one second. So normally if you don't connect this properly, the Wi-Fi is going to just stop working. It's a lot of problems. So hopefully it works now. So I'm going to turn this guy on and then it's going to start booting up. During the boot top process, it's going to replace the configuration file. Probably you don't see that at the beginning. It says if you remember the SSID was default, adult. So let's see now. So it says new patient. We go the same thing. Let me show you the Wi-Fi configuration. Again, it asks for the access menu, but we already replace it. You can see that now it's trying to authenticate the simbox inside, which means we replace the configuration with our own one. And now if we have an access point with this SSID, it will connect to us. So let me do it right now. So I have here my access point with my radius. What is going to happen is that as soon as I boot it up, it's going to say associated here. Let's see. So we have here. So here is my radius. The radius is running now. It is going to start processing requests. It's going to take some seconds to hopefully get this guy authenticated because he's retrying and retrying and retrying. So let's see if we pick it up there. It's going to take probably 10 seconds around. Or 15. Or 20. Let's see. What is there? It is authenticating. Yeah. Okay, it's disassociated. Let me check something. Let me just quickly check if I am connected to the pump. Yeah, it's there. Okay, let's see. Okay, it is now it's receiving information. And it's associated. Do you see that here? It says associated. And now let's go to the net address. And I got an address that I assigned to the pump. So at this point, it is not stable. You can see it is flipping. It's going to get the access, the IP once again and again because it is trying to connect to the server. Since it is not server, it is trying to authenticate again and again and again. But as you can see, we are giving it the IP address. So as soon as we have established connection with the server, so we are able to just replace whatever we want and then take it to us, do money in the middle. But at the end of the day, the most important thing here is that we can fully replace the configuration stored in the internal run. Okay. So this is what we just saw. We saw that we got associated and we got the IP address. So which is confirmed that we can replace it. And finally summary, we talk about the integrity check by past where we can change the forms, we can change the PIN numbers and we can keep playing, right? It's up to us to whatever we want to change because at that point, the file can be altered. We talk about changing those settings of course, the Wi-Fi settings. We talk about changing the infusion setup to affect the clients, you know, change the VTBI with the rate and that can confuse, execute commands in the internal shell which can be used to destroy this guy completely and impersonate obviously the access point with our own or either we impersonate it or we just put our own so that they can connect to us. And override the flash memory internal one as I said, which means it's persistent. So my change that I do here since it goes in the internal RAM, that means that if someone comes and just get this guy out and load a new compact flash card, the change remains because it's stored in the internal RAM. It's persistent. And you're going to say, okay, so this is physical access. Yes, it's physical access, but just think about some examples. The ATMs, they are always hacked physically and it is $500 million being stolen and it keeps doing it. So which means is that, and also another thing is that this just takes two seconds, two minutes and five seconds to boot it up so you can sweep the compact flash card. But the most important thing guys is that we need to assume that it's going to be physical attack. So we don't need to say, oh, it is a physical attack and that doesn't work. The insider threads are more bigger than the outsiders and also we need to assume someone is going to get access here. If we assume that someone has physical access, we need to think about how we can protect these guys. That's the main point. Next steps, this is just a starting point. Obviously now we got the associated point, we have an IP address, we can talk to this guy. So our next step in this research is now the remote attacks to start playing with remote information. That's in our next phase. We can play with the rex scripting language that I said to help us to create rats or reverse shells. I found actually an implementation of this rex scripting language that is running this guy. One guy already implemented it in an IBM mainframe. So it's totally doable. This is called hooking that's very advanced because this guy doesn't have symbols. But what you can do here is that you can intercept the calls of the BTI, the rate and in memory change it on the fly, which is very hard but it's possible with time. We're going to try to do that. Finally, we're going to understand it's a DCMP protocol, the DCMP protocol talks with the pump and with the server. We're going to try to understand it and see how it works and decode it. And that's pretty much it guys. Thank you so much.