image image

Hardwear.io Netherlands 2024 Links


Markus Vervier

eSIM/eUICC Security for Security Experts calender


Trainer: Markus Vervier

Date: 21st to 23rd Oct 2024

Time: 9:00am to 5:00pm CEST

Venue: Amsterdam Marriott Hotel

Training Level: Basic to Intermediate


Register

Training Objectives:

The three-day training course will provide security experts with an in-depth understanding of the security challenges and attack vectors associated with the eSIM technology stack.

The course will explore the attack surfaces of eSIM itself in both mobile and desktop environments, secure deployment practices, and local attack vectors.

Furthermore it will outline the offensive uses in red-teaming operations, potential fraud scenarios, and novel security challenges that eSIM might enable.


Training Detailed Description:

Day 1 - Understanding the eSIM Ecosystem and Attack Surface

Morning Session

Introduction to eSIM/eUICC Technology

  • Overview of eSIM/eUICC
  • Evolution from traditional SIM to eSIM
  • Key differences between eSIM/eUICC and traditional SIM/UICC cards

GSMA Security Standards and Effectiveness

  • Overview of GSMA security standards for eSIM
  • Evaluation of the effectiveness of these standards
  • Potential gaps and areas for improvement

      • eSIM Architecture and Components

      • eSIM profiles and their lifecycle
      • Components involved in eSIM profile deployment (SM-DP+, LPA, etc.)
      • Detailed architecture of eUICCs
      • eUICC hardware overview (vendors, integrations, etc.)

      Afternoon Session

      Secure Deployment of eSIM Profiles

      • A profile's journey from SM-DP+ to it's dedicated domain on the eUICC
      • Security measures and best practices for profiles (keys, applications,etc.)
      • Risks from profiles intended for debugging

          • Day 2 - Secure Deployment and Local Attack Vectors

          Morning Session

          Attack Surface Analysis in Mobile Systems

          • Exploring eSIM attack surfaces in different mobile end user devices
          • Comparison with traditional SIM vulnerabilities
          • Case studies on mobile eSIM security attacks

          Attack Surface Analysis in Desktop Systems

          • eSIM implementation in desktop systems (e.g., Windows 10, Windows 11)
          • Differences and similarities with mobile systems
          • Unique challenges in desktop eSIM security

          Afternoon Session

          Local Attack Vectors in Desktop Environments

          • Focus on the Local Profile Assistant (LPA) service
          • Potential for privilege escalation attacks
          • Identifying and mitigating local vulnerabilities

          Day 3 - Offensive Security and Red-Teaming with eSIMs

          Morning Session

          eSIMs in Offensive Red-Teaming Operations

          • Using eSIM technology in red-teaming
          • Simulating sophisticated cyber threats with eSIMs
          • Real-world scenarios and demonstrations

          Bypassing Traditional Security Measures

          • Techniques to circumvent security measures using eSIMs
          • Exfiltration of sensitive data via eSIMs
          • Network infrastructure compromise strategies

          Afternoon Session

          Hands-on Red-Teaming Exercises

          • Practical red-teaming exercises involving eSIMs
          • Developing and executing attack plans
          • Analyzing and reporting findings

          Summary and Best Practices

          • Recap of key learning points
          • Best practices for securing eSIM technology
          • Future trends and advancements in eSIM security

          Who Should Attend? | Target Audience:

          The training is aimed at security engineers, security researchers, and developers with experience in mobile network and/or device security.


          What to Bring? | Software and Hardware Requirements:

          Required hardware:

          • System able to run VirtualBox x86_64 based VMs
          • A minimum 40GB of disk space
          • 16 GB of RAM
          • Local Admin Privileges to deploy new VMs

          Resources Provided at the Training | Deliverables:

          • Training VM image including all the tools
          • Techniques and attacks against eSIM stack components
          • Attacks facilitating eSIM technology

              • What to Expect

              • Understanding about eSIM technology in the context of security.
              • How to apply new technology for offensive security.
              • How to investigate such new technology for new attack vectors.
              • Spatial and hands-on security analysis of complex eco-systems and technology stacks.

              What not to Expect

              • Mobile Network security crash-course
              • Hardcore Hardware-Hacking
              • Vendor-specific training
              • Cryptanalytic attacks against encryption algorithms or established protocols
              • Extensive coverage of traditional SIM security

              Conclusion

              By the end of this three-day training course, participants will have gained a comprehensive understanding of the security implications of eSIM/eUICC technology

              They will have the ability to identify and mitigate potential vulnerabilities, and the skills to use eSIMs in offensive security operations. The course aims to inspire proactive approaches to securing eSIM technology, ultimately promoting a more secure and connected world.

DON’T FALL BEHIND. Stay current with all things Hardwear.io!

Logo