A Permanent Denial of Service attack, or a PDoS attack, is denial-of-service via the intentional sabotage of hardware. Phlashing is one such method of PDoS. An attacker bricks a device or destroys firmware by uploading a corrupted BIOS to a device, or via remote administration of the management interface, effectively making the device and/or an entire system useless. The victim has no other choice than to repair the device or buy a new one.
PDoS attacks have been a known possibility for several years, but haven’t yet generally gained traction with cybercriminals, although last year’s wave of BrickerBot attacks were PDoS botnets. These types of botnet are connected to unsecured Internet of Things (IoT) devices.
Such PDoS attacks are exposing the gaping insecurity problems of the majority of IoT devices.
Pascal Geenens, a European researcher for Radware, was the first to document what he called the Permanent Denial of Service botnet. The BrickerBot botnets target IoT devices running an outdated version of the Dropbear SSH server with public, geographically widespread IP addresses. Once it infects an IoT device, BrickerBot quickly disconnects the device from its surrounding connected network, and will not re-connect once rebooted. Factory resets also fail to restore it, resulting in a bricked device.
“Down the road, APIs exposed on the internet connecting smart and intelligent agents with IoT devices and cloud services will become an even larger threat,” Geenens warned recently. These exposed APIs create a large attack surface that increases with every service that is added. “A PDoS attack on just one of the APIs in an ecosystem will result in a large blast radius,” says Mr Geenens.
PDoS attacks can also be conducted physically, for instance via the use of a USB stick. An article on Help Net Security described a USB stick dubbed USB Killer 2.0. After this tool is plugged into a device with a USB host interface, it uses a voltage convertor to charge the device’s capacitors to 220V and unleashes a negative electric surge into the USB port. The surges carry on until the device is no longer able to draw power, and certain components need repairing before the device will work again. They may even cause the device to catch fire through overheating it.
Industry experts have speculated that PDoS attacks won’t become widespread as they are unlikely to be as lucrative for cybercriminals as other kinds of attack. The fact that an attack is irreversible means that attackers can’t demand a sum of money to stop it. The only way to potentially turn a profit would be to threaten a PDoS attack hoping that an individual or organization would pay the ransom sum to prevent it.
However, the recent Petya virus appeared to be a wiper. Even after ransoms were paid, victims were unable to get their files back. The ransom demand was thought to be a cover tactic to help the attackers go deeper into computer systems.