The field of cryo-mechanics has dipped into cybersecurity, as Ang Cui, a cybersecurity researcher and founder of cybersecurity firm Red Balloon Security, demonstrates in a new demo. The concept of stealing data from chips by freezing them isn’t new, but this cryo-mechanical robot has automated the process, increasing the efficiency and scope of such an attack.
Cui recently corresponded with The Register in an exclusive interview. In the discussion, he explained the process involves freezing the RAM, removing it from the device, and pressing it into a specially designed socket capable of duplicating the physical state at the time of pressing. This process is incredibly time-sensitive, making it difficult to pull off without developing a way to automate the procedure.
The cryo-mechanical robot is essentially a CNC machine. It’s connected to a custom reader designed with a field-programmable gate array (FPGA). It also uses an ESP32-based controller that’s operated using MicroPython. A few components were removed from the CNC machine, including its X-axis actuator and motors.
The data reader relies on what’s known as a conductive elastomer IC test socket. This is what the frozen chips are pressed into. Cui likens its consistency to hard gummy bears. A piston pushes the frozen chips into this socket without damaging the chips or the surrounding PCB. Once a copy is made, the data can be evaluated.
The new cryo-mechanical robot was successfully tested on a couple of devices, including a Siemens SIMATIC S7-1500 PLC, which revealed firmware binaries that had been encrypted. They also pulled runtime ARM TrustZone memory from DDR3 DRAM inside an 8800 series Cisco IP Phone.
Cui explains these types of attacks, known as cold boot attacks, can be thwarted using physical encryption—something found in modern gaming consoles like Xbox and PS5. However, most processors in everyday computers are not physically encrypted, making them vulnerable to this type of data extraction. To read more about this cryo-mechanical robot, check out Cui’s interview with The Register.