Arun Mane
Founder and CEO Amynasec Labs
BIOGRAPHY
A Trailblazer in Security, Innovation, and Education Arun Mane, a visionary leader and luminary in the field of cybersecurity, wears many hats. He is not only the Founder and CEO of Amynasec Labs, but also the co-Founder and CEO of UnoAcademy, a distinguished training provider. With a resolute focus on Vehicle/IoT/ICS/IoMT security, Arun is also a recognized Hardware, IoT, and ICS Security Researcher, shaping the future of digital protection. Arun’s passions encompass a spectrum of technological domains.
He delves into Hardware Security, SCADA systems, Automotive Security, Fault Injection, RF protocols, and the intricacies of Firmware Reverse Engineering. His inquisitive mind thrives on unraveling complex systems and identifying vulnerabilities that safeguard the digital landscape. Arun’s expertise extends to performing Security Audits aligned with ISO 62443, ISO 21434, NIST frameworks, catering to both government and private clients. His insights have proven invaluable in fortifying digital infrastructures against ever-evolving threats. His prominence shines brightly on the international stage.
Arun has delivered captivating talks at an array of prestigious conferences, leaving a lasting impact on audiences worldwide. Noteworthy appearances include Nullcon in Goa from 2016 to 2018, GNUnify 2017, Defcamp in Romania from 2017 to 2019, Hacktivity in Budapest 2019 and 2023, Rootcon 2020 in the Philippines, BsidesDelhi 2017, c0c0n x in 2017 and 2019, BSides Ahmedabad 2021, EFY 2018, x33fcon from 2018 to 2021, BlackHat USA 2018, Defcon USA 2018, OWASP Seasides 2019 in Goa, and HITB Red Team Village 2020, HITB Phucket in 2023, Seasides Goa in 2023. These platforms serve as a testament to his remarkable insights and thought leadership in the cybersecurity realm.
Hardware Backdooring an e-Scooter
Nowadays, smart cars are equipped with a lot of sensors to make cars smarter which can take decisions automatically or logic written in ECU.
But in the same way, motorcycles and scooters become smart and work on electricity. Scooters are becoming smarter and smarter than traditional one which works on gasoline. Intelligent scooters work on usually on one or two ECUs depending on the working style. No one focuses on the smart scooter yet from per cybersecurity standpoint.
In this talk, we will talk about those vulnerabilities that can affect working mechanisms and functional safety standpoints. Our target is Indian OEM, who sold out more than 1,50,000 in the year and sold out more. The same vulnerabilities can be found in all sold-out e-scooters, We will demonstrate the attack where we took control of an e-scooter with the help of a hardware implant attack. The devices used in this research are cost-effective.
The best part of this research talk, we are not only focusing on only attack part but also on TARA which can be beneficial for Automotive and IoT representatives, cybersecurity experts, and manufacturers.
In this research, we reverse-engineered all functionality of e-scooters with respect to Canbus messages and Safery functionality implemented in e-scooters. Main functionality such as acceleration and Deacceleration, side indicator, breaking mechanism, and so on. After reverse engineering of physical e-scooter, we made our hardware implant to set up inside the scooter and we controlled the entire scooter with the help of identified vulnerabilities. We can stop the scooter while driving the scooter remotely. It is a functionality and safety function flaw we found in the scooter itself. We also attacked other models of e-scooter resulted in the same conclusion. We also performed the TARA report on the e-scooter level as per ISO21434 standard and we found some serious risks, these attacks are derived from the TARA report.
Are you the next cyber security superstar?
If you are passionate about an information security topic or you have strong technical skills developing researches on your own, you should definitely Apply at Call for Papers. By submitting you will have the chance to showcase your work to +2000 attendees.
Other speakers joining this year
Eduard Agavriloae
Senior Consultant KPMG
Adrian Furtuna
Founder & CEO Pentest-Tools.com
Radu Boncea
Head of Department for "Software Engineering and Complex Systems" The National Institute for Research & Development in Informatics
Ready for this year's presentations?
By registering you will unlock access to 60+ speakers and two full days with cyber security news & showcases from worldwide leaders.
COMPETITIONS
Sponsors & Partners
They help us make this conference possible.
POWERED BY
Orange Business is a key division of Orange Romania, specializing in providing cutting-edge communication, technology, and digital transformation solutions tailored to businesses of all sizes. With a strong emphasis on innovation, Orange Business offers a wide array of services, including high-speed connectivity, cloud computing, cybersecurity, Internet of Things (IoT), and managed services. Their mission is to support organizations in their digital transformation journey by enhancing operational efficiency, improving customer experience, and maintaining a competitive edge in a rapidly changing digital environment.
Orange Business combines deep technological expertise with a customer-centric approach, ensuring that each solution is customized to meet the specific needs of their clients. Their commitment to innovation and excellence makes them a trusted partner for businesses seeking to thrive in the digital age.