Connect with us

Technology

Concerns and Limitation of Cyber Warfare

Alexandra Goman

Published

on

cyberwarfare stuxnet

The discovery of Stuxnet, a malware that targeted a nuclear facility, was somewhat revolutionary and groundbreaking. It targeted ICS which monitor and run industrial facilities. Before that, most of malicious programs were developed to steal information or break-in into financial sector to extort money. Stuxnet went beyond went and targeted high-level facilities. It is not hard to imagine what damage it could have inflicted if the worm were not detected. What is more worrisome, the technology is out. It might not be perfect, but it is definitely a start. Regardless of the intentions behind Stuxnet, a cyber bomb has exploded and everyone knows that cyber capabilities indeed can be developed and mastered.

Therefore, if they can be developed, they will probably be. The final goal of Stuxnet was to affect the physical equipment which was run by specific ICS. It was done in order to manipulate computer programs and make it act as an attacker intended it to act. Such a cyberattack had a particular motivation; sabotage of industrial equipment and destruction could have been one of the goals. So, if they were indeed the goals, it might have been an offensive act, conducted by an interested party, presumably, a state for its political objective. Yet, there are certain limitations when it comes to so-called “cyber weapons” (malware that might be employed for military use or intelligence gathering). 

One of the main concerns of cyber offence is that code may spread uncontrollably to other systems. In terms of another physical weapon, it is like a ballistic missile that anytime can go off-course and inflict damage on unintended targets and/or kill civilians. Cyber offensive technology lacks precision, which is so valued in military. For example, in ICS and SCADA systems one may never know what can backfire because of the complexity of the system.  The lack of precision consequently affects military decisions. When launching a weapon, officers should know its precise capabilities; otherwise, it is too risky and is not worth it. 

In case of Stuxnet, the program started replicating itself and infected computers of many countries. For this moment we do not know if it were planned in that way.  However, provided that that target was Natanz facility, it is unlikely. Symantec Corporation started analyzing the case only with external help; it did not come from Natanz. This exacerbates the case if a country decides to launch an offensive cyberattack.

If the military planning cannot prevent cyber technology to go awry or to go out in the public, it brings more disadvantages than advantages.  Moreover, given a possibility of the code being discovered and broke down to pieces to understand what it does, it may potentially benefit an opposing party (and any other interested party along the way). This is unacceptable in military affairs.

Similarly, when the code is launched and it reaches the target, it can be discovered by an opponent. In comparison to nuclear, when a bomb explodes, it brings damage and destruction, but its technology remains in secret. In case of cyber, it may not be the case, as when a malware/virus is discovered, it can be reverse engineered to patch vulnerability. By studying the code, an enemy would find out the technology/tactics used that could be unfavourable in the long-run for the attacker.

Additionally, it should be said that not every malware is meant to spread by itself. In order to control the spread, vulnerability can be patched, meaning updating the software which had that vulnerability. An anti-malware can also be introduced; this will make the computer system immune to that particular vulnerability. Nonetheless, if the malware spreads uncontrollably, there is nothing much that an attacker can do. It is not possible to seize the attack. In this scenario, an attack may only release information about this certain vulnerability so that someone else can fix it. However, a state is highly unlikely to do so, especially if the damage is extensive. It would not only cost the state diplomatic consequences, but also it might severely impact its reputation.

An AI-enabled cyberattack could perhaps fulfill its potential. That means involvement of artificial intelligence. AI systems could make digital programs more precise, controlling the spread. In contrast, it could also lead to a greater collateral damage, if a system decides to target other facilities that may result in human death. Similar concerns are raised in the area of autonomous weapon systems in regard to the need of leaving decision-making to humans and not to technology. AI technology has a potential to make existing cyberattacks more effective and more efficient (Schaerf, 2018).

Aforementioned concern leads to another and affects the end result. When a certain weapon is employed, it is believed to achieve a certain goal, e.g. to destroy a building. With cyber capabilities, there is no such certainty. In the case of Stuxnet, the malware clearly failed to achieve its end goal, which is to disrupt the activities of the industrial facility.

Alternatively, the true costs of cyberattacks may be uncertain and hard to calculate. If that is so, an attacker faces high level of uncertainty, which may also prevent them from a malicious act (particularly, if nation states are involved). However, the costs and the benefits may always be miscalculated, and an attacker hoping for a better gain may lose much more in the end (e.g. consider Pearl Harbour).

Another concern refers to the code becoming available to the public. If it happens, it can be copied, re-used and/or improved. Similar concerns in regards to proliferation and further collateral damage emerged when Stuxnet code became available online.  An attacker may launch a cyberattack, and if it is discovered, another hacker can reverse engineer the code and use it against another object. Moreover, the code can be copied, improved and specialized to meet the needs of another party. Technology is becoming more complex, and by discovering a malware developed by others, it also takes less time to produce a similar program and/or develop something stronger. (For instance, after Stuxnet, more advanced malwares were discovered – Duqu and Flame).

Furthermore, there are other difficulties with the employment of cyber offensive technology. In order to maximize its result, it should be supported by intelligence. In case of Stuxnet, an offender needed to pinpoint the location of the facility and the potential equipment involved. It has to find zero-days vulnerabilities that are extremely rare and hard to find[1]. Cyber vulnerability is all about data integrity. It should be reliable and accurate. Its security is essential in order to run an industrial infrastructure.

After pinpointing vulnerability, security specialists need to write a specific code, which is capable of bridging through an air-gapped system. In case of Stuxnet, all of abovementioned operations required a certain level of intelligence support and financial capability. These complex tasks involved into development were exactly the reason why Stuxnet was thought to be sponsored and/or initiated by a nation state. If intelligence is lacking, it may not bring a desirable effect. Moreover, if cyber offense is thought to be used in retaliation, malicious programs should be ready to use (as on “high-alert”) in the event of necessity.

Regardless of some advantages of cyber offence (like low costs, anonymity etc), this technology appears to be unlikely for a separate use by military. There is a high level of uncertainty and this stops the army of using technology in offence. Truth is when you have other highly precise weapons, it does not make sense to settle for some unreliable technology that may or may not bring you a wanted result. Yet, other types of cyberattacks like DDoS attacks can give some clear advantages during military operations and give an attacker some good cards in case of a conflict. When such attacks used together with military ground operations, they are much more likely to bring a desired result.


[1] For better understanding, out of twelve million pieces of malware that computer security companies find each year, less than a dozen uses a zero-day exploit.

Use your ← → (arrow) keys to browse

Specialist in global security and nuclear disarmament. Excited about international relations, curious about cognitive, psycho- & neuro-linguistics. A complete traveller.

Continue Reading
Comments

Technology

The Impact of Blockchain For Businesses

Published

on

Blockchain

Throughout the years, the concept of blockchain technology has gradually overtaken the business world. But no longer is it only being associated with cryptocurrency. Now it’s finding its way into other industries such as eCommerce and logistics management. 

Helping to digitize businesses, it’s a popular technology due to its ability to solve challenges such as security breaches. But that’s not the only benefit that comes with investing in blockchain technology. If your business is interested in investing in enterprise software development and in blockchain in particular, then the following information can prove to be invaluable. 

What is it?

Before getting into the advantages, it’s important to first understand exactly what blockchain is. Arguably one of the most disruptive technologies, it’s something that should no longer be ignored. To put it simply, blockchain is a collection of digital technology information which is stored within a database.  This will typically include:

  • Information about certain customer transactions including key data such as the time, monetary amount, date and more. 
  • Information about exactly who is buying your products or services. Revealing shopping behaviors, it’s stored with a digital signature rather than a specific name. 
  • Unique blocks of information – which can easily be distinguished from one another. For example, if one customer buys one item and then in the future buys a different one, they will be in different blocks.

What Are The Benefits?

  1. An Increased Level of Efficiency

One of the most important benefits that come with implementing blockchain technology within your business is the elevated level of efficiency it can provide. Removing the need for a third-party due to its more decentralized design, it will make your operating processes far more streamlined. 

With blockchain technology, you can step away from the more traditional, time-consuming processes that were rife with human error and automate them. Ensuring that they are completed more quickly and accurately, you can spend the time that you saved on other areas of your business. 

As well as making the overall process more streamlined and convenient, it allows for everyone to access the same information at one time – making financial record-keeping more trustworthy in the long term. 

One industry that could particularly benefit from faster payments and transactions is the real estate market. With a simpler system of ownership records, it will make the process of selling properties far easier. It will also open up the possibility of automating agreements between tenants and landlords, which will similarly speed up the process. 

  1. Greater Transparency Overall

A notable characteristic that blockchain has is its ability to be transparent. As the technology is a type of a transaction or distributed ledger, it allows those within a network to share all of the same documentation instead of individual copies. 

By making this open to viewing, it directly adds a remarkable layer of accountability, giving each sector within the business the responsibility to act correctly towards the company’s growth and its customers. The fact that each document can only be updated through the agreement of all participants also ensures that no illegitimate changes can be made. More consistent, transparent and accurate, the staff will perform better together in the long run.

  1. An Increased Level of Security 

As aforementioned, an increased level of security is one of the key benefits that come with blockchain technology. Far more secure than the more traditional record-keeping systems, it will ensure that each transaction that’s made is heavily encrypted and linked to the last transaction. But how does it do this?

Without getting too technical, blockchain technology is created with several ‘blocks’ which are formed by a computer network. Once created, they are added to a ledger which fuses a chain of information. As it is such a complex technology that exists across several serves rather than one (as most traditional technologies are), it’s one of the most protected from breaches. 

This level of security is particularly important for businesses that store sensitive customer data such as – healthcare, within the government and in financial services. 

  1. Reduced Costs

For many businesses, it’s important to cut costs where you can. And with blockchain technology, you can do exactly that. Although the initial investment might seem expensive, the benefits that come with it make it more than worth it for many businesses. As mentioned above, it removes the need for third parties. And because of this, you can work directly with your clients and customers.

This will, in turn, help to reduce your overall costs. With this new automated technology, you also no longer have to review information separately. Helping to save time and therefore save money. You can then reinvest the money that you’ve saved by not having to deal with third parties in other aspects of your business – such as marketing or IT.

  1. Enhanced Traceability 

Traceability is key within many businesses – as without it, you can’t identify transactions. With blockchain technology, you can reap the benefits that come with an enhanced level of traceability. For example, every time that someone purchases a product from your business, it will create a digital audit trail which is recorded within the blockchain. Showcasing who and when they were bought, it can easily be traced if need be.

Helping to prevent fraud (if you have a business that’s involved in exchange), verify the authenticity and improve security, it’s an essential addition for many. In particular, this heightened level of traceability can be ideal if your business traditionally deals with products which are traded through a very complex supply chain – such as within medicine. Tracking exactly who manufactured and distributed each item, it will be easier to recall products if need be.

Final Thoughts

The impact that blockchain technology can have within a business is clear. A type of technology that is ever-developing and growing in popularity, it’s something that’s here to stay. Of course, before you invest in the technology, it’s vital that you thoroughly research the pros and cons and how it could directly affect your business’ operations.

Prev postNext post
Use your ← → (arrow) keys to browse

Continue Reading

Technology

Inside the New WhatsApp Buffer Overflow Vulnerability

Published

on

Whatsapp

Facebook’s WhatsApp mobile app has had a rough time lately with regard to software vulnerabilities. In November 2019, the social media company quietly issued a security patch for a buffer overflow vulnerability contained in their messaging application.

However, the vulnerability disclosed in November 2019 is not the only recent vulnerability discovered and patched in the secure messaging application. Earlier in 2019, another buffer overflow vulnerability was discovered and patched by the company. Both of these vulnerabilities are rated as “severe” due to the fact that an attacker exploiting them can run malicious code on the target device.

To make things worse, the vulnerabilities in WhatsApp can be exploited by an unauthenticated attacker. These vulnerabilities were discovered in functions that process data sent by another WhatsApp user to the target. By taking a simple action – initiating a WhatsApp call or sending an MP4 video to the target – an attacker can trigger the vulnerability, giving them control over the device. These vulnerabilities can then be exploited to place spyware on the victim’s device and to view the user’s messaging history within the app.

A Brief History of WhatsApp Security

The recent WhatsApp vulnerability is not the first buffer overflow contained within the mobile app. In May 2019, a different buffer overflow vulnerability was discovered in how WhatsApp processed the data contained within an incoming call.

This vulnerability was created because WhatsApp uses a special binary format for sending data between devices and then unpacks this data at the recipient device. If an attacker sent a specially formatted packet, which lied about the length of a certain field, the recipient’s WhatsApp would unpack the data into a place on the stack that did not have sufficient space for it. As a result, the attacker would have the ability to write to memory that should have been outside of their control. This vulnerability was concerning since it allowed remote code execution on a target device without any user interaction required. The malicious packet was sent as part of initiating a call, so, even if the user rejected the call, the damage was already done.

This past WhatsApp vulnerability has been the source of significant controversy. While Facebook was in the process of patching the vulnerability, they observed someone trying to exploit it on the device of a UK-based human rights lawyer. Additional investigation pointed to the use of the vulnerability to spy upon individuals who would be of interest to certain governments.

The Israeli-based NSO Group is well known for developing and selling exploits to governments for use in surveillance activities that fall outside the scope of law enforcement activities. This, and the fact that the observed attack used infrastructure previously linked to the NSO Group, has led Facebook to believe that the company was beyond the exploitation of the WhatsApp vulnerability. As a result, Facebook has begun a lawsuit against the NSO Group for exploitation of a vulnerability in one of their products.

The Newest WhatsApp Vulnerability

The buffer overflow vulnerability disclosed in May was not the last such vulnerability in the WhatsApp platform. In November 2019, Facebook patched another vulnerability in WhatsApp that was similar in scope, severity, and potential impact.

This vulnerability dealt with how WhatsApp handled MP4 video files. Along with a video file comes a stream of metadata containing details about the file. When parsing this metadata, WhatsApp is vulnerable to a stack-based buffer overflow attack. This would allow the attacker to perform a Denial of Service attack (crashing the app) or to run attacker-controlled code on the app that could give access to previous conversations that the user has performed on the app. Exploitation of the vulnerability only requires an attacker to know the phone number of the victim and to send them a malicious MP4 video via WhatsApp.

Luckily, while the new vulnerability had the potential to be at least as damaging as the previous buffer overflow flaw, it appears that this one was not being actively exploited by attackers prior to being patched by Facebook. However, this demonstrates the importance of keeping such applications up-to-date (so that Facebook-provided security patches are applied) and to consider the risks associated with using these applications for personal communications.

Protecting Against Buffer Overflow Vulnerabilities

Buffer overflow vulnerabilities are nothing new. They are extremely simple vulnerabilities – only involving a failure to properly manage memory and user input – yet they can be extremely difficult to detect. A wide range of buffer overflow vulnerabilities exist, and sometimes apparently “safe” code can be vulnerable since another vulnerability can be exploited to bypass existing protections against buffer overflows.

The two major WhatsApp vulnerabilities disclosed and patched in 2019 demonstrate the potential impact of a buffer overflow vulnerability in a critical application. Both of these vulnerabilities could be exploited without user interaction, and enabled an attacker to run malicious code within the victim application. In one case, the vulnerability was exploited multiple times to spy upon parties of interest to various governments, leading to a lawsuit by Facebook against the suspected perpetrator.

Protecting against buffer overflow vulnerabilities requires the ability to identify and block potential exploits before they reach a vulnerable application. Deploying a strong web application firewall (WAF) to protect an organization’s web presence and runtime application self-protection (RASP) for critical or potentially vulnerable assets is an important first step toward protecting an organization and its software assets against exploitation.

Use your ← → (arrow) keys to browse

Continue Reading

Technology

3 2020 Developments That Could Make Your Life Easier

Published

on

There are many systems under development right now that could eventually make your life easier – but below, we’re going to look at 3 of them. We could be using these developments a lot sooner than you think! 

5G

Why do we need 5G when we have 4G – 4G is fast enough, right? People are worried about the health implications, but everybody seems willing to look past that to get more speed. More speed could really help businesses. Also, while 5G is generally operating from the same infrastructure as before, mass adoption will cause issues for data centers. This could make the situation both better and worse in some respects. 

Virtual Reality 

Virtual reality is already being used by many people, but it could actually be put to good use soon. When it comes to simple things like shopping, you could make your life so much easier and more enjoyable. Whether you’re shopping for furniture or clothes, virtual reality could mean checking out the fit easily. Try on clothes in the comfort of your home without even ordering them first. See what a sofa looks like before you buy. The options are endless! 

Artificial Intelligence 

We’re still going to need human intelligence, but AI can have a huge impact in our personal and working lives. In work alone it could mean enhanced automation with no need to do tedious tasks. Then, there’s next gen disaster response. It’s the technology of the future!

With these developments in mind, what are some of the most important developments in human history? Check out the infographic to find out!


check out an infographic about human history
Use your ← → (arrow) keys to browse

Continue Reading

Trending