Saturday, May 08, 2021

This Is How They Tell Me the World Ends: The Cyberweapons Arms Race

Today most everything is connected to the internet. The amount of code written is growing everyday. The amount of bugs in the code is also increasing. This creates vulnerabilities in multiple layers. It is impossible for any one person to understand everything their computer is doing. The application software, the operating system, BIOS, network routers and more each have their own code and have their source for vulnerabilities. Unpatched zero-day vulnerabilities remain out there in the wild. Hackers may be lurking in any system.

The world powers have been a source for hoarding vulnerabilities for use in offensive hacking. The US and Israel showed the power when they were able to hack Iran to disable nuclear facilities. Russia took it a step further and caused havoc in Ukraine on multiple times, temporarily shutting off power and shutting down many critical resources. With most everything connected these days, there are many chances for bad guys to infiltrate. In many cases, they already have. They may be after secrets. They me be ransomware gangs in it for money. Or most dangerous, they may be nation-states waiting for war.

The world of hacking is clouded in a lot of secrecy. Highly educated countries on the fringes of global prosperity are likely to produce more vulnerability finding hackers. With limited other prospects, the monetary rewards can be much greater than other legitimate opportunities. Some have scruples on who they sell to. Others, however, will sell to the highest bidder. These bidders will often be nation states. However, the secrecy required by these players may result in a hacker being enticed by a lesser "bug bounty" and the name recognition allowed.

Our society has an interesting dichotomy. We demand extreme openness of anything "public", yet absolute privacy for any "private" activity. However, the boundary can be murky. The public salivated at the juicy revelations in private email conversations unearthed in a Sony data breach, rather than be offended that this data was made public. 

We cannot expect anything to be totally safe. There are likely unpatched vulnerabilities that could allow anything to be shut down or any data to be stolen. Security requires "defense in depth". We must hope that all are critical infrastructure is well protected. Often the most difficult part of an attack is gaining entry. Having systems patched helps reduce the easy attack vectors. We must also worry about social engineering attacks. A carelessly clicked on email or a weak password is often the easy entry.

Social engineering can also take the form of "opinion manipulation". Foreign nations can show discord by fanning flames of differing views. Even subtle coaxing can gradually steer people to extremist views or even views not in their best interest.

We have let computers enter nearly every aspect of our lives. How do we prevent them from being our own destruction?

No comments:

Post a Comment