jump to navigation

The Best Defense is a Good Offense February 20, 2015

Posted by tkcollier in Geopolitics, In The News, Science & Technology, Technology.
Tags: , , ,
add a comment

J0216075The US has made the strategic choice to put its resources into engineering better attack tools and an infrastructure to support them. In a way it’s a smart choice. It’s a truism that the cyber battlefield is asymmetric—a defender has to get it right every time, while an attacker only has to succeed once. If the US spends a billion dollars in cyber defense, it will still be vulnerable. But spend it on cyber attack, and you get the most advanced computer espionage and sabotage tools that history has ever seen.

 The tool hides itself encrypted in the Windows registry, so that anti-virus software can’t find it on the computer’s disk. It carves out its own virtual file system on your machine to store data for exfiltration.  It uses a well-engineered piece of software called a bootkit to control the operating system from the ground up. There are update mechanisms, dozens of plug-ins, a self-destruct function, massive code obfuscation, hundreds of fake websites to serve as command-and-control. One of the NSA’s malware plug-ins can even reprogram your hard drive’s firmware, allowing the implant to survive a complete disk wipe.

via Surprise! America Already Has a Manhattan Project for Developing Cyber Attacks | WIRED.

Facebook Attacks 2011 January 12, 2012

Posted by tkcollier in Technology.
Tags: , , ,
add a comment

New Super Worm Attacks Infrastructure September 25, 2010

Posted by tkcollier in Technology.
Tags: , , , ,
add a comment

Stuxnet works by exploiting previously unknown security holes in Microsoft’s Windows operating system. It then seeks out a component called Simatic WinCC, manufactured by Siemens, which controls critical factory operations. The malware even uses a stolen cryptographic key belonging to the Taiwanese semiconductor manufacturer RealTek to validate itself in high-security factory systems.

The worm then takes over the computer running the factory process – which for WinCC would be “mission-critical” systems which have to keep functioning under any circumstance – and “blocks” it for up to a tenth of a second. For high-speed systems, such as the centrifuges used for nuclear fuel processing being done by Iran, that could be disastrous, experts suggested.

“This is a very sophisticated attack – the first of its kind – and has clearly been developed by a highly skilled group of people intent on gaining access to SCADA [supervisory control and data acquisition] systems – industrial control systems for monitoring and managing industrial infrastructure or facility-based processes. In contrast to the bulk of indiscriminate cybercrime threats on the internet, this has been aimed at very specific targets. It’s different also because there’s no obvious financial motivation behind the attack – rather the aim seems to be to sabotage systems.”

via Stuxnet worm is the ‘work of a national government agency’ | Technology | guardian.co.uk.

The War on Spam & Cybercrime January 17, 2010

Posted by tkcollier in Technology.
Tags: , , ,
add a comment

While Western governments debate the efficacy, or legality, of going on the offensive against Internet spies and criminals, more Internet security companies, and academic researchers, are taking the initiative. The most recent victory was the elimination of the Neustar of Lethic botnet, which represented about ten percent of all spam email sent.

The biggest victory took place in 2008, when a small ISP, McColo Corporation, was taken off line. This caused worldwide spam traffic to decline by over 50 percent in one day. Before that, two similar ISPs, the Russian Business Network and Intercage, had a less dramatic impact on spam traffic, and Internet based criminal activity in general, when they were shut down.

Internet crime, particularly spam (unsolicited email) has become a big money maker. Because of the very low cost of sending it, you need only one response for several million spam messages, to make lots of money. But the same ISPs that host the spammers, also host operations that try to sneak into business, government and personal computers to steal stuff (bank account information, trade secrets, classified military information).

via Information Warfare: The War Below.

%d bloggers like this: