Thursday, December 4, 2014

Your salvation on the Internet depends on two human variables

“I am I and my circumstance; and, if I do not save it, I do not save myself.” You may already have heard these words more than once and certainly this will not be the last. This way Ortega y Gasset explained one of his philosophical pillars, vital reason. Every person (user) is influenced by two factors: what he thinks and what he lives. We can not understand human nature isolating reason (absolute concepts) from vitality (subjective experiences).

In this sense, Internet understood as a technological network created as a reflect of our communication ability can not get away from this fact.

Here's how an intrusion to Sony’s intranet is firstly interpreted as an attack for political purposes, later for  leaking several films of what we had never heard of, and ends up with a proof of concept of a malware intended to overwrite the hard drive of the infected systems.

So such a traditional channel as e-mail is still used by the industry of crime for phishing campaigns. In this case, only reason and knowledge can keep you safe from an alleged email from Correos (Spanish mail service), that actually is a cover for a new outbreak of CryptoLocker, the most popular ransomware at the moment. This time the message does not include misspellings nor strange email addresses. Attackers use the victim’s name and surnames for notifying that he has a package waiting for him at the nearest office, but he must download the attached receipt.

"I am myself and my circumstance" in the digital world is diluted versus automation and artificial intelligence capable of emulating human reasoning. If those pesky user verification elements called CAPTCHA and Re-CAPTCHAS are becoming obsolete, it's time to deliver new systems that no longer depend on reading text on an image, but on understanding the images themselves.

It's in our nature to exploit the environment for suiting our needs. In computing ecosystems security experts take any limitation to exploit it. For instance, Internet Explorer 11 handles shared memory in a seemingly safely way. However, a routine control element (DACL) allows an attacker to write on the shared memory (typically read-only), bypassing Internet Explorer’s controlled environment (sandbox) and putting his hands on different parts of the operating system.

Another characteristic of human nature is that money helps move the entire social machinery. Therefore Banking is not only a target for cybercriminals, but for astute professional who do not hesitate to hire groups of cyber-spies to launch phishing campaigns hitting corporate workers across different sectors so they can gain a strategic advantage when investing on one or another market.

Consequently salvation depends on two axes: reason and vitality, yin and yang in the Oriental culture. Reason drives some people to send very long WhatsApp messages to crash the application on Android handsets. Others moved by vitality offer tutorials on how to retrieve data and avoid this DDoS attacks on this instant messaging service.


Post a Comment