Imagine this: I walk into a large company and, with a little social engineering and my amazing charm, I’m able to get passed the receptionist. With me, I have a small computer about the size of a power adapter that I simply plug into any outlet that’s somewhat hidden.
I was able to build this small computer with cheap hardware from manufacturers like Gumstix or Ardunio with little hardware knowledge and basic programming skills. I now have a “pivot point” into the large company’s network — and quite possibly — full control over any computer connected to that network.
This is exactly what Jeremiah Talamantes, founder of RedTeam Security, predicts will be the next threat in IT security. To combat it, he invented The PlugBot, an open source a covert hardware bot device designed for use during physical penetration tests. PlugBot is a small computer with an ARM11 cpu, about 512mb of ram, an ethernet port, built in wifi, SD card slot, a USB port and even a small solid state hard drive; it’s powerful enough to scan, collect and deliver data remotely.