Augmented Reality for Enterprise Alliance

Environment Manipulation – Object Manipulation – Visual Manipulation

Back to Infographic

Factors Distinguishing AR Device Vulnerabilities

The largest distinguishing factor in the inclusion of AR devices is the potential vulnerabilities that the devices can introduce to the enterprise. Similar to the impact potential associated with Industrial Control Systems (ICS) devices, AR devices allow bridges to data in physical space. In the case of ICS devices, the manipulation of the ICS is the objective, and the IT infrastructure is the pathway to the objective. AR devices however, allow unique perception of the environmental space in which the device exists by virtue of its external sensing capabilities. Audio, Video, Spatial Mapping, Thermal, and Geographic Location features all collect data that can be used or captured for adverse purposes. These data sets could allow capture of data that would allow an attacker to circumvent a protection mechanism or allow the transition of attack from one vector to another. This change in the attack chain, or vector transition consists of exploiting a network connected to the AR device, capturing the data and using it to attack a non-connected system. Examples include password eavesdropping on an air-gapped system, alarm system PIN capture, token capture, or user behavior tracking.

In examining the security factors associated with AR devices in the enterprise it is important to identify the factors that differentiate the devices from traditional IT systems. Similarities in architecture, OS and communication protocol will allow for like attack vectors from a vulnerability perspective. AR devices have a very specific set of impacts that deal with the unique attributes that AR devices bring to the enterprise.

AR devices by their inherent feature sets provide distinguishing impact characteristics in two areas:

1) As a collector of environmental data

2) As an injector of data to a user

The first differentiator is most significant as the AR devices inherently allow collection of visual, audio, network configuration, user behavior, and environmental behavior along with normal data consumption. These unique elements in the exploit chain allow for significant new methods and impacts as a result of a cyber attack. As the weakest point in any cyber defense is always the human element, these devices can significantly increase the ability to exploit human interface mechanisms and physical protection mechanisms.

Attack Categories for the AR Device

In determining and communicating threats and attack vectors it is advisable to provide a common nomenclature and identification schema. This will allow end-customers and penetration testing groups to address specific threat areas of interest derived from specific customer concerns normally described in narrative format. These attack categories can be used both to frame the scenario and synchronize elements of concern with specific threats, exploits and vulnerabilities.

Data Capture

Attack Objective Target Description
Footprinting Device Identification of the device network based on discovery analysis.
Interception Network Traffic intercepted from the wearable to a linked device.
Protocol Analysis Network Potential cryptanalysis of encrypted traffic.
Excavation Device Legitimate functional data (spatial mapping, video, etc.) extracted from the target device.

 

Data Injection

Attack Objective Target Description
Code Injection Device Injection of malicious code directly to the device through existing protocols.
Object Injection User Injection of digital objects in viewing space in order to hide, distract from or clone legitimate digital objects.
Environment Interference User Injection of digital objects in viewing space in order to overwhelm, confuse or blind a user to real objects in the environment.
Object Manipulation User Manipulation of legitimate digital objects in order to convey invalid information or induce improper user action.
Environment Manipulation User Manipulation of digital objects in order to confuse the user regarding the real environmental state.
Traffic Injection Device Injection of non-specific traffic in order to overwhelm or induce specific state in the device.
Command Injection Device Injection of commands through existing protocols to achieve malicious effects.