Welcome!

iPhone Authors: Elizabeth White, Kevin Benedict, Yeshim Deniz, Matthew Lobas, Shelly Palmer

News Feed Item

Zero-Days, Prizes, Sponsors Announced for ISE Router Hacking Contest

Independent Security Evaluators (ISE), the organizers of the SOHOpelessly Broken competition, today announced vulnerability submittals and prizes for this first-ever router hacking contest at the esteemed DEFCON security conference. The competition runs 7-10 August 2014 during DEFCON 22 at Rio Hotel & Casino in Las Vegas Nevada.

Each of the two contest tracks has separate prizes. Track 0 of the competition seeks to demonstrate previously unidentified vulnerabilities in off-the-shelf consumer wireless routers, while Track 1 is a live Capture The Flag (CTF) event. Between the two tracks, there is over $10,000 in prizes available, including $5,000 cash, hotel accommodations, badges for next year’s DEFCON conference, trophies and more.

Along with the prizes, ISE also announced a new Gold Level sponsor, the appliance startup Itus Networks (www.itusnetworks.com/kickstarter). “SOHOpelessly Broken is a great way of showcasing the insufficient protection provided by today’s routers,” says Daniel Ayoub, co-founder at Itus Networks, “and we are all about securing home networks for consumers.”

Preliminary data published by contest officials shows that registration is nearing contest capacity. Most notably, 13 new zero-day exploits will be demonstrated. “Strong registration figures combined with this impressive array of zero-day exploits demonstrates that the research community shares our passion for solving this consumer security crisis,” says Ted Harrington, Executive Partner at ISE and one of the contest organizers.

This elite competition was formed in response to a series of 2013 studies1 that discovered a security epidemic affecting small office/home office (SOHO) wireless routers, wherein vulnerabilities allow an attacker to take control of the device and thereby intercept and modify network traffic. Abundant news coverage extensively reported the malicious exploitation of these devices, yet little progress has been made by router manufacturers to address the issues in a meaningful way. This contest aims to bring together the brightest minds in security to identify new and existing security vulnerabilities in these widely deployed devices in order to drive change that is otherwise not happening. “By demonstrating that the issues persist and that consumers are still exposed, pressure will be applied to the manufacturers to take the necessary action to better protect their customers who are currently not empowered to protect themselves,” says Steve Bono, founder of ISE and one of the leaders of the event.

Individuals interested in participating as contestants or as judges are encouraged to contact contest organizers as soon as possible through the contest website, www.sohopelesslybroken.com. Available spots are limited. Sponsorship and advertising opportunities are also available. The official hashtag of the event is #sohopelesslybroken.

About ISE

Founded in 2005 out of the PhD program at the Johns Hopkins’ Information Security Institute, ISE is a select team of hackers, computer scientists, reverse engineers, and cryptographers that utilizes a unique perspective typically perpetrated by the adversary in order to help enterprises harden systems and defend assets against sophisticated adversaries. ISE is most commonly recognized for being the first company to exploit the iPhone, as well as other high profile research surrounding ExxonMobil, Texas Instruments RFID, Android OS, Diebold eVoting Machines, and numerous others. Forthcoming ISE research surrounds security issues in healthcare, to be released in Fall 2014.

1 http://securityevaluators.com/content/case-studies/routers/soho_router_hacks.jsp

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.