Authors Top

If you have a few years of experience in Computer Science or research, and you’re interested in sharing that experience with the community, have a look at our Contribution Guidelines.

1. Introduction

When Apple famously denied the FBI’s inquiry to introduce backdoors to their products in order to help law enforcement, a lot of people got their first exposure to the concept of a backdoor. Since then, a lot of confusion has risen around the subject. This is an effort to clean it up.

In this tutorial, we’ll discuss the concept of a backdoor.

2. Backdoor Description and Definition

A backdoor is a piece of software or hardware that is planted on a target and has the purpose of granting elevated access to the system in question.

The target for such an attack can be a personal computer or phone, a network, a router, a smartphone, or even a more specific piece of code or program. Depending on the target, the backdoor is able to tamper with it on different levels. If the target is a PC, the backdoor could offer full root access. If it’s a website’s code, it could offer to bypass the login process and enter as an admin.

Another typical feature of backdoors is that they are purposefully planted on a target. Although there are other ways to get the same results as using a backdoor if, in order to gain access to a system, an attacker uses an unintentional exploit present that is not generally considered a backdoor – just an exploit, a vulnerability.

Furthermore, backdoors are meant to be kept secret. Given that they are there to maintain access to the system repeatedly over a long period of time, getting the information about the presence of a backdoor out would render it useless as it would be very quickly patched.

3. What Can a Backdoor Cause?

Depending on the backdoor’s “quality, ” many things can happen after being infected with a backdoor.

If an attacker can gain root access to a system, the possibilities are seemingly endless. The backdoor is basically used as a means to install any different number of malware, spyware, and miners. In this case, the attacker basically has complete control over the system.

If a backdoor can only grant its user limited privileges, such as a lower privileged user on a system, the attack surface gets accordingly limited. Maybe there are no very severe exploits available from this user’s point. But maybe there are.

In both cases, the usual suspects are always expected. 

First and foremost: Malware. Using the backdoor to get into the system and then installing any kind of malware into it.

On a very similar note, spyware is to be expected. Again using the backdoor spyware to grab any useful information – from generic internet habits to the nitty gritty of installing a keylogger to grab all the keyboard inputs from the user. In combination with prolonged access to the system, the system will be under surveillance for a long time (bye-bye privacy).

Generic usage of the system for unintended purposes is also possible. Some typical examples include using infected systems for Distributed Denial of Service attacks or the more modern approach of planting cryptocurrency miners on stronger systems.

4. Hardware and Software Backdoors

Backdoors can exist both as software vulnerabilities and as actual hardware implementations.

4.1. Software Backdoors

Software backdoors are planted inside a program’s code. Similar to an exploit, they rest inside the code and are seemingly undetectable until they are used. The OWASP Top 10 for backdoors gives a list of the main reasons software unwillingly provides vulnerabilities to attackers that lead to backdoors opening.

4.2. Hardware Backdoors

Hardware backdoors are planted on the actual silicon of a hardware piece. This can be either done during the manufacturing process of a chip by a malicious manufacturer, or it could be later planted on a PC in the form of a USB stick, for example.

Hardware backdoors – especially those on the circuitry level – are among the most difficult attacks to identify and mitigate. Not only is manual testing of the actual chipset needed to guarantee the non-existence of a backdoor, but it is also common practice for malicious manufacturers to only plant backdoors on a limited amount of chips to avoid detection. Furthermore, with the advancements in circuitry design, it is possible to have backdoors that are actively escaping detection by knowing they are being tested so that not even the manual testing of the hardware can guarantee its integrity.

5. Law-Enforcement vs. Malicious

On a few occasions, governments and law enforcement entities have asked silicon and software companies to purposefully plant backdoors that they can only use inside their products. It is not known if such practices are widely adopted around the world, but it is a fact that law enforcement has made such requests – for example, in the notorious Apple and FBI case.

On the other hand, maliciously planted backdoors are far more commonly found in the wild. After an attacker exploits a vulnerability in the system, it is very common for them to open a backdoor – supposing they get the chance through their exploit – and keep using the system later on. A backdoor is a natural product of a successful attack.

6. Staying Safe

So how can we be certain we will not get infected by a backdoor? Well, the bad news is we can never be sure of that – sometimes even our antivirus does not know the 0-day exploit the attacker is using against us. The good news is that by applying the simple practices of system security, we have a very high chance of getting away with it. So let’s keep it simple, not get paranoid, and always follow the following.

Have strong passwords and change them often. No matter how irrelevant or unimportant the service we are subscribing to is, we make our password strong and never reuse old passwords. In fact, using a password manager is usually very helpful in assisting with this.

Keep systems up to date. A lot of the vulnerabilities that can lead to a backdoor are picked out and patched up by developers, so it is in our best interest to keep our stuff up to date.

Use an Antivirus. No need to pay for a fancy broad-spectrum premium antivirus (that is, if we don’t want to), but we should at least have some antivirus and antimalware protection running on the PC. That extra 2 seconds of booting time may save the system.

Be aware. Paying attention to the things we download and run on our PC and taking a second look at those mysterious email attachments go a long way. If something looks sketchy on the Internet, it probably is.

6. Conclusion

In this tutorial, we looked into backdoors and gave a specific definition of them. Then, we looked into the differences between software and hardware backdoors as well as some of the catastrophic results they could bring to a system. Finally, some solid things we should keep in mind to protect ourselves online. Be safe out there!

Authors Bottom

If you have a few years of experience in Computer Science or research, and you’re interested in sharing that experience with the community, have a look at our Contribution Guidelines.

Comments are closed on this article!