The Best Defense is a Good Offense

J0216075The US has made the strategic choice to put its resources into engineering better attack tools and an infrastructure to support them. In a way it’s a smart choice. It’s a truism that the cyber battlefield is asymmetric—a defender has to get it right every time, while an attacker only has to succeed once. If the US spends a billion dollars in cyber defense, it will still be vulnerable. But spend it on cyber attack, and you get the most advanced computer espionage and sabotage tools that history has ever seen.

 The tool hides itself encrypted in the Windows registry, so that anti-virus software can’t find it on the computer’s disk. It carves out its own virtual file system on your machine to store data for exfiltration.  It uses a well-engineered piece of software called a bootkit to control the operating system from the ground up. There are update mechanisms, dozens of plug-ins, a self-destruct function, massive code obfuscation, hundreds of fake websites to serve as command-and-control. One of the NSA’s malware plug-ins can even reprogram your hard drive’s firmware, allowing the implant to survive a complete disk wipe.

via Surprise! America Already Has a Manhattan Project for Developing Cyber Attacks | WIRED.

Hackers Are Winning The CyberWar – So Far

Virus writers are having a field day. A new industry has blossomed called Exploit Kits. Talented programmers sell their exploit kits for $3000 a pop to help their brethren malware writers deliver their payloads more effectively.

Late 2012, the NY Times published a controversial piece questioning the effectiveness of modern antivirus software. The shocking conclusion was that after an exhaustive analysis of over 40 antivirus products, there was only a 5% chance of detecting and defeating a new threat. That is, if a computer had 40+ antivirus products running simultaneously, there is a scant 5% chance that the computer would be safe from new threats.

Computer BugsThe US Department of Homeland Security advised last week that users disable Java. This is unprecedented. The government felt this is a computing problem so severe that it must intervene. Java is a real and present threat to not only our national security but our computers, privacy and wallets. The DHS has no motivation to sow misinformation or fear, and they should be heeded. Continue reading “Hackers Are Winning The CyberWar – So Far”

Learn About SpyWare

Spyware Warrior: Rogue/Suspect Anti-Spyware Products & Web Sites

This is one of the best sources for protecting yourself on the Net. It’s not Viruses so much nowadays, but these more insidious forms of Malware. Some of it comes disguised as protection! Here is a list of bogus ones and further down the page a list of good ones. Many are free. There is also a list of removal tools, if it is already too late.

It is a good idea to run 2 of these catch the ones that get missed, as this is a constantly changing battlefield. Choose your weapons carefully. I use Spybot. The new version updates automatically and tries to defend you. But, I also run Super Anti Spyware. While you have to manually Update it, it finds more hidden bad guys and does a better job of removing them.