"Malicious circuits" could embed malware directly into hardware

Thu May 8, 2008 10:54AM EDT

See Comments (10)

You thought you had your hands full with spam and your garden-variety software viruses, eh? Well, hang on to your seat: A new type of threat is just now being tinkered with in research labs. Called "malicious circuits," the new potential threat involves designing (or surreptitiously redesigning) microchips that can perform evil deeds without having to rely on software being installed on a computer.

If it sounds theoretical and far-fetched, think again: It's already possible, and it's been proven on a microchip called Leon3. Leon3 is an open-source chip design containing 1.7 million circuits. Because it's open source, anyone with the knowhow and the inclination can contribute to the design of the chip. As a proof of concept, researchers at the University of Illinois at Urbana Champaign took the chip design and modified it through the addition of just 1,341 logic gates, a pittance compared to the overall size of the chip. Those changes give an attacker three ways to compromise the system, including a backdoor that would give anyone with the knowledge of the hack complete access to the system and another that would allow theft of any password as it's typed on the machine.

The really scary thing is that, since the attack lives in hardware, not software, it's virtually impossible to detect. For example, antivirus software can only scan your computer for active processes that are outside the realm of normal operation. But a malicious circuit requires no software, existing at such a low level as to make defense against it far more difficult. It's the computer equivalent of a double agent who's been living in deep cover for 20 years.

Because the knowledge and effort involved in such an attack is so extreme vs. that of a software-based attack, malicious circuits aren't likely to be a major threat for the average user, but the potential danger here is real. All it would take is for one designer to target a popular chip design, then lay low as it's shipped into the industry. Imagine what might happen if an Intel CPU was compromised. Highly unlikely, sure, but devastating if it ever came to pass.

Comments on "Malicious circuits" could embed malware directly into hardware

Post a Comment

Join in the discussion. Here you'll see the comments in the order they were posted.

  • 7 Posted by aa4mw on Thu Sep 3, 2009 2:43PM EDT Report Abuse

    The distinction between hardware and software is largely arbitrary anyway. The design techniques are very similar for both, only the final implementation is different. That being said I would be very surprised if NSA did NOT have a team devoted to including such "back doors" in just about every CPU design for their own use.

  • 8 Posted by idlegrrl on Thu Sep 3, 2009 4:22PM EDT Report Abuse

    About when will this be more of a problem, and are manufacturers taking safety precautions now? This needs to stopped before it starts. Also, in reply to the post that stated that all chips are supposed to be manufactured on U.S soil, well, that doesn't necessarily make them immune. Someone on the inside could very well commit espionage, and place the malicious hardware on systems manufactured and sold supposedly on "safe" territory to unsuspecting users.

  • 9 Posted by mattlaguardia on Thu Sep 3, 2009 7:11PM EDT Report Abuse

    It takes a concerted effort to reprogram something like an FPGA. Often, one cannot even access these types of circuits without accessing a header port on the device's PCB itself. Couple that with the facts that a) your average 'hacker' doesn't often know verilog or similar languages required to do FPGA programming, and b) reprogramming a circuit usually requires several hours of time. Possible, but would take a lot of effort.

  • 10 Posted by mariano_vrxyz on Thu Sep 3, 2009 7:06PM EDT Report Abuse

    The corporate espionage is a reality today. But, the "Malicious circuits" are also a reality today . I know that since the 70's in the desing's electronical circuits was used the DES algorithm...

More Posts: First Prev 1 2 Next Last

Post a Comment

Sign In to Post a Comment

My Tech

Please enable your browser's cookies to activate the My Tech column.

Also on Yahoo! Tech

Computers Home Office Wi-Fi & Networking Phones & PDAs Cameras & Camcorders TV & Home Theater Portable Audio
 

Site Map | Tour | Subscribe to Yahoo! Tech

Question and Answer content at Yahoo! Tech is written by Yahoo! users at Yahoo! Answers. Yahoo! does not evaluate or guarantee the accuracy of any Yahoo! Answers content. For more information, read the Full Disclaimer.

Opinions expressed by the Advisors are their own and do not necessarily reflect the views of Yahoo! Inc. Yahoo! receives no compensation from any manufacturer or distributor nor does it compensate any Advisor for the coverage of any product or service in any Advisor's content.