Doctor Who dramatized Cher’s song about manipulating it. This hacker went one step farther and completed the task. This is how time was tampered with.
“We must use time as a tool, not as a couch,” John F. Kennedy stated in a 1961 address to the National Association of Manufacturers in New York City. Fast forward fifty years, and one hacker has shown how to achieve just that: by hacking time.
What exactly is time, anyway?
What is the definition of time? That’s a difficult question to definitively answer.
Simply look up a term to see what I’m talking about. From a technological standpoint, however, time is determined by how we measure it: it is what those measurements tell us. So, what if those readings, even those from the world’s most precise atomic clock sources, could be tampered with?
Hello, and welcome to the world of time hacking. Welcome to the world of Adam Laurie, the head hardware hacker with IBM X-Force Red, a seasoned hacking squad. It’s important to remember that hacking is not a crime, and this story serves as a good example of that.
Distributing time, manipulating time
Laurie explains what he’s talking about here in the intro to his keynote session at Black Hat Europe: “What we’re talking about here is how the distribution of the consensus of what we consider the current time is secured.” That is, the time as determined by those atomic clocks and disseminated via the internet.
“Does a 0day that skews time remain a 0day or vanish into its own paradox?” Laurie thought for a moment. Sure, it’s amusing, but there’s a serious aspect to it all: everything from financial transactions and blockchain to navigation, transportation, and the communications protocols we use every day is dependent on that distributed time signal being properly synchronized.’
According to one statistic cited by Laurie in his presentation, if this time synchronization fails, the economy will suffer a daily loss of more than $1 billion.
Laurie outlined how skewed time windows would cause transmissions to collide and disrupt the system on IBM’s Security Intelligence blog. “Because time is at the heart of our most critical tasks,” he explained, “I thought it would be intriguing to investigate how an attacker could control time.”
Here’s how time got hacked
Laurie looked into the transmission channels employed because the accurate time measurement from the multiple atomic clocks had to be distributed to the systems employing it in order for them to function properly. The Network Time Protocol (NTP), GPS, and radio frequency transmissions are examples of this.
The system that receives these broadcasts uses them to synchronize time, and if one of them looks to be out of sync, it relies on the consensus of the others. This is when things start to get fascinating, and, to be honest, a little scary. Laurie refers to such time signals as a “one-way broadcast transmission,” and one that hasn’t been validated. So, what happens if a hacker impersonates them?
Laurie was able to accomplish this using his own Heath-Robinson time signal device, which consisted of a Raspberry Pi, an RFID antenna, and some open-source software. He was able to reset time to anything he chose by overriding the low-frequency clock synchronization signal.
Yes, this was a time signal hack that only used one radio frequency communication mechanism. He has, however, underlined the vulnerability of GPS in this regard. The general message is that the time protocols we use are unsecure and antiquated.
Things need to change, and they are, hopefully. A year ago, a Request For Comments (RFC) standard called Network Time Security (NTS) was published, which adds cryptographic security to the client-side operation.
The bad news is that getting RFCs finished and recognized as an internet standard takes a long time. The Resilient Navigation and Timing Foundation is likewise working to strengthen GPS systems worldwide against jamming and spoofing assaults.
What does Doctor Who say?
Doctor Who’s 10th Doctor once claimed to have a “timey-wimey detector” that “dings when there’s stuff.” Hopefully, after Laurie’s talk, there will be a lot of dinging and some real-world urgency put to the subject of time hacking.
However, I suppose we’ll have to wait and see. One thing is certain: ethical hackers like Laurie are helping to raise awareness about this issue; all that’s left now is for the Internet Society’s Time Lords to tie up all the loose ends.