Publications

Our emploees participate in the security community and give talks about current topics regarding cyber security.

  • Epidemic? The Attack Surface of German Hospitals during the COVID-19 Pandemic
    Johannes Klick, Robert Koch, Thomas Brandstetter.
    NATO CCDCOE Annual International Conference on Cyber Conflict (CyCon), Mai 2021.
  • From Signal to Bits with SDR – Hands-on wireless reverse engineering.
    Tobias Zillner.
    ITSeCX Konferenz 2017.
  • ZigBee Smart Homes A Hacker’s Open House.
    Tobias Zillner.
    CRESTCon 2016 London, UK.
  • Let’s see whats out there – Mapping the wireless IoT.
    Tobias Zillner.
    Black Hat Asia 2016, Marina Bay Sands, Singapore.
  • Memory Forensics using VMI for Cloud Computing.
    Tobias Zillner.
    Black Hat USA 2016, Las Vegas, USA.
  • Let’s Hack IoT.
    Tobias Zillner.
    Information Security Summit 2016, Hongkong, China.
  • Hacking the wireless world – From building a FM Radio receiver to hacking wireless microphones.
    Tobias Zillner.
    ITSeCX Konferenz 2016.
  • IOT Village: Security of Wireless Home Automation System.
    Tobias Zillner.
    Defcon 23, Las Vegas, USA, 2015.
  • Verwundbarkeit Vernetzter Industriesteuerungen – ein Lagebild.
    Jan-Ole Malchow, Johannes Klick, and Volker Roth.
    IHK Technologieforum 2014 – Sicherheit in Unternehmen, Industrie und Handelskammer Berlin Brandenburg
  • Cyberwar: Angriffsvektor Industriesteuerungen.
    Johannes Klick.
    Summer School – Krieg im 21. Jahrhundert, Akademie der Bundeswehr für Information und Kommunikation, 2014.
  • Industrial Risk Assessment Map (IRAM) – Ein graphisches Werkzeug zur Bedrohungsanalyse.
    Johannes Klick and Jan-Ole Malchow.
    2. IT-Security Industrial & Automation Conference, 2013.
  • Find Them. Bind Them – Industrial Control Systems (ICS) on the Internet.
    Johannes Klick and Daniel Marzin.
    Positiv Hack Days III – on either side OF A FENCE, Moskau, Russia, 2013.

Our emploees are scientificitally trained IT experts. Please find here a list of publications regarding cyber security.

  • Towards Better Internet Citizenship: Reducing the Footprint of Internet-wide Scans by Topology Aware Prefix Selection.
    Johannes Klick, Stephan Lau, Matthias Waehlisch, and Volker Roth.
    In Proceedings of the 16th ACM SIGCOMM conference on Internet measurement conference. ACM, 2016
  • Towards Highly Interactive Honeypots for Industrial Control Systems.
    Stephan Lau, Johannes Klick, Stephan Arndt, and Volker Roth.
    In 23rd ACM Conference on Computer and Communications Security, 11/2016. ACM, 2016
  • PLC Guard: A practical defense against attacks on cyber-physical systems.
    Jan-Ole Malchow, Daniel Marzin, Johannes Klick, Robert Kovacs, and Volker Roth.
    In Proceedings of Communications and Network Security (CNS), 2015, pages 326–334. IEEE, 2015
  • Internet-facing PLCs as a network backdoor.
    Johannes Klick, Stephan Lau, Daniel Marzin, Jan-Ole Malchow, and Volker Roth.
    In Proceeding of Communications and Network Security Conference (CNS), 2015, pages 524–532. IEEE, 2015
  • Internet-facing PLCs – A New Back Orifice.
    Johannes Klick, Stephan Lau, Daniel Marzin, Jan-Ole Malchow, and Volker Roth.
    Blackhat USA, 2015
  • ZigBee Exploited – The good, the bad and the ugly.
    Tobias Zillner.
    Black Hat USA, 2015
  • Erreichbarkeit von digitalen Steuergeräten ein Lagebild.
    Jan-Ole Malchow and Johannes Klick.
    In Sicherheit in vernetzten Systemen: 21. DFN-Workshop. Paulsen, C, 2014

The philosophy of Alpha Strike Labs includes responsible handling of vulnerabilities we discover. Because of the lack of security architectures and measures in deployed products, it is often sufficient to identify only a weak link in the chain to compromise the entire system. We therefore communicate weaknesses to the manufacturer and support the solution process. Our employee were involved in discovering and reporting the following weaknesses.

  • ICSMA-17-241-01, authorization bypass, possible exploitation of a pacemaker
  • ICSMA-17-009-01A, man-in-the-middle vulnerability, pacemaker information and monitoring system
  • CVE-2015-2177, DoS-Attack of Siemens SIMATIC S7-300 via crafted ISO-TSAP packets.
  • Security Advisory 2015/12/02 (Traeger Industry Comp. GmbH), S7-Firewall / TeleRouter – XSS, insufficient encryption and authentication methods
  • CVE-2014-6617, Softing FG-100 PB, Hardcoded Backdoor
  • CVE-2014-6616, Softing FG-100 PB, Cross Site Scripting
  • CVE-2017-1272, Pacemaker device, Improper authentication
  • CVE-2017-12714, Pacemaker device, Improper restriction of power consumption
  • CVE-2017-12716, Pacemaker device, Missing encryption of sensitive data
  • CVE-2017-5149, pacemaker transmitter, Channel accessible by nonendpoint (man-in-the-middle)