Wednesday, September 3, 2014

Cyber Butterfly Effect

"A butterfly can flap its wings in Peking and in Central Park you get rain instead of sunshine". Almost anyone recognizes this quote in the 'Jurassic Park' film. It is the essence of the Butterfly Effect, that summarizes the Chaos Theory, says the mathematician Ian Malcolm in his first tour to the dinosaurs recreational park. The chaos is present every day in our security. First things first ...

The Institute for National Security Studies (INSS) and Cybersecurity Forum Initiative (CSFI) have published a comprehensive report on threats to national security in the context of cyberspace, which runs from cyberattacks on American banks to targeted attacks from Russia to Western Europe, through Machete, the last cyber espionage campaign whipping Ecuador. Real chaos at global level. Tripwire offers us a valuable executive summary of the report on its blog.

If we focus on regional threats, we will easily arrive talking about North Korea. The country might seem isolated (just like Jurassic Park), from the point of view of technology, but with a growing operational readiness for cyber war, according to a report by researchers at Hewlett-Packard. To the extent that its elite unit of hackers in government service, which is called Unit 121, would be the third largest army for cyberwar, just behind the United States and Russia.

As we know, cyberwar is not about throwing missiles over the Internet, or is not just about that. This is also to look for any way to disrupt the economic interests of a nation. Attacks like the one just experienced by the domains supplier Namecheap, may well be part of a cyberwar action. In this case, the booty of criminals goes through a not insignificant amount of usernames and passwords, up to 1.2 million, according to initial reports being handled.

And passwords could be precisely and once again, at the origin of #celebLeak, the leak of nude photos of celebrities that has put iCloud in a bind. Apparently, early research lead to Find my phone app, because it does not attempt to limit account access. If we add the traditional lack of zeal in setting strong passwords, brute force is enough to hack a large number of accounts.

The Cyber ​​Intelligence does not belong only to national security: it is also present in the most basic social engineering attacks, led by spam to obtain credentials with little effort. Bad guys like financial phishing, especially when using the name of PayPal, according to last research from Kaspersky Labs. In fact, the most basic attacks target thousands of devices each day, to be used in DDoS operations or other actions under an illegitimate flag. Viruses from USB, obfuscated Javascript code in HTML and Adware remain at the top of most widespread infections, according to a report from the company ESET.

As we can see, a worm infects a computer in Barcelona, ​​and a company sinks in California, or North Korea makes a cyberattack. The Butterfly Effect. Chaos Theory. Likewise... a reader shares this post and a cybercriminal network is dismantled by the authorities, why not? Trying it costs nothing, and who disengages security will end up like the dinosaurs... disappearing.


Post a Comment