2024-12-07 –, Track 2
A fun look at network over powerline systems. The use and abuse of these solutions, what kind of attacks are possible, what are the limits, and how can you defend yourself?
Sometimes things just need to be looked at differently.
Ethernet over power lines (IEEE 1901, Powerline, PowerPlug, you might or might not know it under different names) has been around for quite some time. That being said, while maybe might have heard of it, it seems to be a technology that never took off.
The technology allows for Ethernet traffic to be routed over alternating current (AC) power lines. This can help avoid clumsy cabling in small flats, or remove the need for long cable runs, providing a neat alternative to running new Ethernet cables. It can also be viewed as an interesting attack vector.
While work has been done to stop different power line devices intercepting other devices traffic, allowing multiple networks to be hosted together, this leads to new problems when it comes to securing your own infrastructure.
The talk will do into some background on the tech (very briefly) to explain its intended purpose and use cases. We will then look at how it can be used as part of attacks/engagements. We will then look at how one can defend against this.
We will looks at some interesting things I discovered along the way.
I am a Cyber Security Researcher working for Nedbank. I'm a big fan of learning and pulling things apart. I have previously given talks on at BSides: "Securing the Industrial Internet of Things", "Hearing the Internet Background Radiation" and "Hashing the $#!+ out of firmware".