McAfee Labs Advanced Threat Research

Autonomous and connected vehicles demonstrate a nascent but rapidly growing target for threat actors. Vehicle-to-X (V2X) communication—with vehicles connecting to each other, surrounding infrastructure, pedestrians, the cloud, and personal devices—provides many new capabilities and new security responsibilities. ATR investigates the attack surfaces in autonomous vehicles as well as the machine learning algorithms and physical-to-digital attacks related to them.

Multiple threats and attacks over the past few years have proven that industrial control systems are a growing target for malicious actors with numerous potentially dangerous outcomes. ATR is currently investigating multiple areas of SCADA and ICS implementations, including human machine interface (HMI) software, programmable logic controllers (PLCs), and network protocols common to this vertical, such as MODBUS, ICCP, DNP3, and others.

The digital transformation in the healthcare industry is truly unlike any other industry. The rapid advancement and innovation—from medical devices and surgical advances to patient management and care—brings new opportunities that can help improve lives, but potential security issues can literally have life and death implications. Our research explores medical devices, networks, protocols, and security practices within the industry to help healthcare organizations continue to innovate securely.

In this internet of things (IoT) world where just about everything is talking to something, the secure transmission of data is critical. If basic encryption and authentication are not used, protocols such as wireless networking, Bluetooth, baseband, broadband, and radio can be sniffed, reverse engineered, and potentially compromised. Our research looks at radio frequency, including near-field-communications (NFC and RFID), and wireless transmissions to determine potential impacts to network and proximity devices.

Enterprise software has long been a rich target for malicious actors due to the attractive return on investment for discovering vulnerabilities. When a single flaw in Windows, for example, can affect millions of users, it will quickly be leveraged in exploit kits, phishing attempts, watering hole attacks, and much more. By discovering and disclosing these critical vulnerabilities in the world’s most popular software, the Advanced Threat Research team continuously reduces the overall attack surface for one of the most attractive targets for cybercriminals.

With the ever-expanding market for smart homes and home-automation devices, consumer electronics are a growing target for threat actors. Many of these products have little to no security, yet we allow them in our homes or even businesses without thinking twice. The Advanced Threat Research team searches for vulnerabilities in these devices to identify threats and guide manufacturers toward more secure products, reducing the potential for attackers to gain access to home or business networks. Our efforts focus on researching upcoming “smart” products as well as devices that are already deployed in these environments.