PlugBot Attacks the Future of IT Security

by Geoff Dutton

The PlugBotImagine this: I walk into a large company and, with a little social engineering and my amazing charm, I’m able to get passed the receptionist. With me, I have a small computer about the size of a power adapter that I simply plug into any outlet that’s somewhat hidden.

I was able to build this small computer with cheap hardware from manufacturers like Gumstix or Ardunio with little hardware knowledge and basic programming skills. I now have a “pivot point” into the large company’s network — and quite possibly — full control over any computer connected to that network.

This is exactly what Jeremiah Talamantes, founder of RedTeam Security, predicts will be the next threat in IT security. To combat it, he invented The PlugBot, an open source a covert hardware bot device designed for use during physical penetration tests.  PlugBot is a small computer with an ARM11 cpu, about 512mb of ram, an ethernet port, built in wifi, SD card slot, a USB port and even a small solid state hard drive; it’s powerful enough to scan, collect and deliver data remotely.

The PlugBot 2

“We created tool for ‘the good guys’ — IT security consultants,” he says, “and the ‘aha’ really came from scratching our own itch.”

Talamantes has been working on the project since July 2010 and has the official launch is scheduled for May 19 at TakeDownCon, where he will be speaking about the future of IT security trends.

Not only will RedTeam sell PlugBot, but they will also be avid users of the tool when testing the security of their Fortune 500 clients.   Funding for the open-source project is sourced, in part, by organizational sponsors and individual donors.