Camouflaged with Size: A Case Study of Espionage using Acquirable Single-Board Computers

TL;DR

This paper investigates the security risks of using small Single-Board Computers like Raspberry Pi for espionage, demonstrating how attackers can exploit their size for unauthorized access and suggesting defense strategies.

Contribution

It provides experimental validation of SBCs as espionage tools and discusses detection and prevention methods for organizations to mitigate these security threats.

Findings

SBCs can be covertly used for malicious activities in real-world networks.

Traditional security measures may not detect small SBC devices effectively.

Organizations need to adopt specialized detection mechanisms for SBC-based threats.

Abstract

Single-Board Computers (SBC) refer to pocket-sized computers built on a single circuit board. A number of studies have explored the use of these highly popular devices in a variety of domains, including military, agriculture, healthcare, and more. However, no attempt was made to signify possible security risks that misuse of these devices may bring to organizations. In this study, we perform a series of experiments to validate the possibility of using SBCs as an espionage gadget. We show how an attacker can turn a Raspberry Pi device to an attacking gadget and benefit from short-term physical access to attach the gadget to the network in order to access unauthorized data or perform other malicious activities. We then provide experimental results of placing such tools in two real-world networks. Given the small size of SBCs, traditional physical security measures deployed in organizations may not be sufficient to detect and restrict the entrance of SBCs to their premises. Therefore, we reiterate possible directions for network administrators to deploy defensive mechanisms for detecting and preventing such attacks.