From Thursday 07th to Saturday 10th of March, RootedCON took place on Ciudad de la Imagen, Madrid. RootedCON is one of the main cybersecurity events in Spain and, this year, around 4000 people attended the more than 100 conferences that were upheld during those days. GiCP was also present on this congress and we attended several conferences. We summarize the most interesting ones for us in the following paragraphs.

One of the first conferences we attended was “The Lord of the Keys: The Return of Post-Quantum Cryptography”. Showing clear speaking skills, Sandra Guasch Castelló, a privacy engineer at SandboxAQ, explained the current state of the art for Post-Quantum Cryptography (PQC) according to the 4th round for NIST standards. In addition, Sandra discussed the main advantages and disadvantages of those algorithms, making a division among the different PQC families: lattices, hashes, isogenies… and its main applications how to adapt it to classic cryptography, creating hybrid cryptography schemes that are already been adopted by some of the top companies in the sector such as Cloudflare or AWS. On GiCP we are very interested in PQC state of the art, as we apply it to build a trust ground for digitalization in different areas, within the framework of our participation in projects like SPIRS or QCDI.

Another very interesting speech was the one in which David Reguera García (aka Dreg) surprised the attendants with his latests invention: the buzzpirat v3.0. Designed by David Reguera and Juan M. Martinez Casais, this tools aims to ease and simplify the process of hacking hardware (microprocessors) which usually is tedious and risky, since a single mistake may destroy a circuit. Buzzpirat has a extensible interface that allows it to work with different types of chips, labeled cables (also for color-blinded people), robust firmware allowing command base communication and “big button” tools (such as flashrom). The most notorious improvement vs other tools in the market the security protections implemented that prevent damaging the hardware due to errors while setting up and building the hardware analysis lab (overtensions, shortcircuits, inverted polarities). Buzzpirat , for both professionals and learners, is a tool to “learn, practice and play”, and bringing the world of hardware hacking from “security through obscurity” to “security through community”.

Related also with the lowest level of hardware, we attended the talk from Alejandro Vazquez about bootkits UEFI. Bootkits are no other thing than rootkits executed during the boot phase. UEFI (Universal Extensible Firmware Interface) is the “program” executed just at the beginnning of the boot phase to check hardware inegrity and start up the OS. After the introduction, he showed how to combine both concepts to explode a Windows system from the boot. Furthermore, he has created a tool to ease thedevelopment of bootkits, named “Abismo“,which can be found in GitHub. This kind of research reminds us that we cannot assume that just because of it is working, it should not be updated/reviewed. As threats get more and more complex, it is vital that all the parts of the platform (hardware, firmware, software) are secure, by design and during the their lifetime.

On Friday morning, Selva Orejón gave an speech on geopolitics and cyberintelligence and highlighted the multifaceted nature of attacks on brand trust and their implications for targeted companies and institutions. Malicious agents utilize various tactics, such as misinformation and reputational attacks, to undermine trust in big corporations and governmental bodies. These attacks exploit the lack of control and poor user habits, often leveraging Artificial Intelligence systems to disseminate fake news on a massive scale. The result is a pervasive erosion of public trust across all aspects of life, leading to a state of chaos that can be exploited for a wide range of further attacks. Selva’s analysis underscores the critical need for robust cybersecurity measures and public awareness to counter these evolving threats in the modern digital landscape. On GiCP we are aware of this situation and we are working to give solutions to this problematic under the scope of TRESCA Project and XAI-DisInfodemycs Project, among others.