Peripheral hardware refers to devices that are connected to a computer or other computational devices to enhance their capabilities or provide additional functionality. These devices are external to the computer’s central processing unit (CPU) and are often connected through various ports and interfaces. Examples of a peripheral hardware devices are keyboards, computer mouses, printers, external hard drives, USB flash drives and others.
The Raspberry Pi is a versatile platform that supports a variety of peripheral hardware devices. It functions like a regular computer, capable of internet browsing, HD video playback, and productivity tasks. Originally intended for ethical use, it has the potential to become a rogue device when manipulated with a payload, allowing it to perform malicious and clandestine activities (Raspberry Pi Security).
Manipulated Peripheral Device
A manipulated Raspberry Pi was discovered in a peripheral hardware device, in the natural gas industry. It was found that a Microsoft mouse had a Raspberry Pi module hidden inside and had gone undetected within environment for months… (Raspberry Pi Risks)
The module programmed the Raspberry Pi to execute a PowerShell script, constructing and activating a concealed communication channel through the wireless interface. This allowed it to bypass the air-gapped environment and exfiltrate highly sensitive data.
Peripheral Hardware: Raspberry Pi Detection
Sepio detected the Raspberry Pi attack tool by collecting Physical Layer (L1) information on the endpoint which determined the presence of the manipulated peripheral hardware device. The Physical Layer Visibility provided information on which endpoint machine the device was connected. Which accelerated the investigation.
Enterprises face the challenge of accurately gaining visibility into hardware assets, particularly in today’s complex IT/OT/IoT landscape. To tackle this issue, one must achieve comprehensive visibility into their hardware assets, irrespective of their characteristics and the connection interface used by potential attackers.
Sepio’s Asset Risk Management (ARM) platform is the leader in Visibility, Control and Mitigation of hardware assets. Is disrupting the cybersecurity industry by uncovering hidden hardware attacks operating over network and USB interfaces (USB Attacks).
Sepio’s solution, identifies, detects and handles all network devices including peripherals. No device goes unmanaged.
Sepio Peripheral Hardware Detection
Complete Visibility of All Hardware Assets
With all devices and anomalies detected, enterprises benefit from a greater overall cybersecurity posture. Gaining full visibility of all hardware devices, from Raspberry Pi on peripheral hardware devices to endpoint peripherals and connected devices (IT/OT/IoT), Sepio uses unique physical layer hardware fingerprinting technology and data augmentation from endpoints and networks.
Full Control Through Predefined Policies
Enterprise-wide policies enable compliance, regulation and best practices. With predefined templates and no baselining or whitelisting, and no requirement for a clean environment start, Sepio provides a fast and easy setup.
Rogue Device Mitigation (RDM)
Threat mitigation, upon discovery of rogue or threatening devices, including the identification of Raspberry Pi on peripheral hardware devices. Integrations with existing security platforms such as NACs and SOARs for mitigation and remediation enhancements.Manipulated Peripheral Device (pdf)