Showing posts with label Cybergeddon. Show all posts
Showing posts with label Cybergeddon. Show all posts

March 21, 2014

Safely Detonate That Malware


I like the potential of the FireEye Malware Protection System (MPS).

Unlike traditional signature-based malware protections like antivirus, firewalls, and intrusion prevention systems (IPS), FireEye is an additional security layer that uses a dynamic Multi-Vector Virtual Execution (MVX) engine to detonate even zero-day attacks from suspicious files, web pages, and email attachments. 

According to Bloomberg Businessweek, Target's implementation of FireEye detected the malware attack on Nov 30, 2013 and it alerted security officials, but allegedly "Target stood by as as 40 million credit card numbers--and 70 million addresses, phone numbers, and other pieces of personal information--gushed out of its mainframes"over two weeks!

In fact, FireEye could've been set to "automatically delete [the] malware as it's detected" without human intervention, but "Target's team apparently "turned that function off."

FireEye works by "creating a parallel computer network on virtual machines," and before data reaches its endpoint, they pass through FireEye's technology.  Here they are "fooled into thinking they're in real computers," and the files can be scanned, and attacks spotted in safe "detonation chambers."

Target may have been way off target in the way they bungled their security breach, but using FireEye properly, it is good to know that attacks like this potentially can be thwarted in the future. ;-)

[Note: this is not an endorsement of any product or vendor]
Share/Save/Bookmark

February 27, 2013

Cyberweapons Power Up

In you haven't heard of Project Aurora, this is a wonderful segment from 60 Minutes on this cyberwar project. 

Faced with some of the worst case scenarios for cybergeddon, Idaho National Labs set out in 2007 to test what would happen to a 27-ton power generator if the researchers hacked into it from a mere laptop. 

The turbine was sent instructions that would essentially tear itself apart--and in the video you can see what happened--it shudders, shakes, smokes, and ultimately destroys itself. 

The test was a grand success demonstrating our capabilities to conduct cyberwar operations against an adversary.  

Interestingly, Reuters reported the Symantec researchers "uncovered a version of Stuxnet from the end of 2007 that was used to destroy two years later about 1,000 Iranian centrifuges used in their Natanz nuclear uranium enrichment facility for alleged development of weapons of mass destruction. 

The flip side of this cyberwar test is the realization of the potential blowback risk of cyberweapons--where adversaries can use similar technology over the Internet against our critical infrastructure--such as SCADA industrial control systems for the power grid, water treatment, manufacturing, and more--and cause potentially catastrophic events.

As stated toward the end of the video, this is a type of "pre 9/11 moment" where we identify a serious threat and our vulnerability and we need to act to prevent it--the question is will we? 

Share/Save/Bookmark

October 14, 2011

EMP Cybergeddon

Electromagnetic Pulses (EMPs) are the weapons of choice against electronics of all sorts, including cyber.

The Economist (15 October 2011) in an article called Frying Tonight describes how "warfare is changing as weapons that destroy electronics, not people, are deployed on the field of battle."

Here a brief summary:

During the Cold War, the notion was to explode an atom bomb high in the atmosphere (i.e. a High-Altitude EMP or HEMP) "to burn out an enemies electrical grid, telephone network, and possibly even the wiring of his motor vehicles."

Today, that principle is being applied in smaller weapons using microwaves---from powerful batteries or reactive chemicals that generate high-energy radio frequencies.

By zapping electronics, EMPs can take down enemy missiles, destroy command, control, and communications capability, and stop in their tracks everything from enemy tanks to planes and speed boats.

EMP weapons are already being deployed:

- Fighter planes are being developed with EMP capabilities using the active electronically scanned array (AESA) as defensive weapons against air-to-air and surface-to-air missiles, while other planes (like the "Growler") are being outfitted with offensive EMP capabilities.

- Ships too are being armed with EMP guns to defend against high-speed boat "swarms" or to defend against pirates.

- Land vehicles will be armed with EMP cannons such as the Radio-Frequency Vehicle Stopper that can stall enemy vehicles' engines or the Active Denial System used as a heat-ray to disperse crowds.

At the same time, defenses against EMPs are being deployed, such as Faradays cages--which are enclosures of conducting material often in a mesh pattern that protects electrical equipment from getting fried.

What is important to note though is that EMPs are not just battlefield weapons--they can take out our everyday electrical and cyber systems.

A Congressional Research Service (CRS) Report to Congress (21 July 2008) called High Altitude Electromagnetic Pulse (HEMP) and High Power Microwave (HPM) Devices: Threat Assessments states "Several nations, including sponsors of terrorism, may currently have a capability to use EMP as a weapon for cyber warfare or cyber terrorism to disrupt communications and other parts of the U.S. critical infrastructure."

The EMP Commission reported that EMP "creates the possibility of long-term, catastrophic consequences for national security."

One of the major concerns is the "cascading effects" that a loss of electrical infrastructure would cause in terms of people being unable to obtain basic life necessities and thereby resulting in that "many people may ultimately die."

The report finds EMP weapons to be an "attractive asymmetric option" for our adversaries, and that analysts find that "it could possibly take years for the United States to recover fully from the resulting widespread damage."

Therefore, it is critical that we increase our cyber security capabilities not only in terms of fighting conventional malware attacks from within the cyber realm, but we must be thinking in ernest about energy weapons directed at us from without.

We must continue to harden our defenses, invest in new technologies and countermeasures to thwart the enemy, develop punishing offensive capabilities, as well as prepare for the possibility of a strike against our homeland.

Although called "human-safe" (and aside from the traditional weapons of mass destruction), EMPs may be actually one of the most devastating weapons of all to a society dependent of technology.

(Source Photo: here)

Share/Save/Bookmark