Do I really need to list the last year’s events?
Sony was a class on its own Hacked and data exfiltrated, and then deleted, who did it does not really matter.
HomeDepot and Target started with a breakdown (HomeDepot and Target malware) and escalated to millions of CC# breaches.
Anthem was a failure http://krebsonsecurity.com/2015/02/anthem-breach-may-have-started-in-april-2014/ and Deep Panda was in the network for 9 months. It is very disturbing that Anthem does not cooperate for a security audit. https://nakedsecurity.sophos.com/2015/03/09/us-regulator-says-anthem-refuses-to-cooperate-in-security-audit/
And it seems that the criminals are very interested in APT or Advanced Persistent Threats which are custom built to infiltrate and penetrate specific networks. (Like Anthem’s network)
So now there are hardware exploits, called “Rowhammer” (from Google’s Project Zero team) for how it tries to attack the machine:
And for this problem there is nopatch, yes you heard it. NO patch.
This exploit: “Rowhammer” is a problem with some recent DRAM devices in which repeatedly accessing a row of memory can cause bit flips in adjacent rows.
http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html It seems that manufacturers of DRAM did not anticipate a security attack like this, and did not build a defense to it.
So this has to do with manufacturing styles of DRAM. Once the flip is made, then an exploit is attempted, once made it finally makes an Operating system exploit possible.
What changes the game here is that this makes all DRAM built in this manner obsolete. The problem the manufacturers have is to devise a different method of manufacturing. Until then there will be penetratios galore.
1 after the other…
The thinking should be that it does not matter what the exploit and method is, there will always be a way to break into a company, because humans are working there will always be mistakes. There is no emphasis on security, and thus we probably have not even scratched the surface of these types of unpatchable problems.
USB hack: http://oversitesentry.com/badusb-is-a-hack-attacking-usb-controllers-everywhere/
In my previous post we discussed the Bad USB hack:
Again a USB drive will have inherent weaknesses and have a certain level of viruses in them.
If a criminal wants to spend time and material to look into these flaws they can devise malweware and then make millions of dollars, if you don’t think criminals are already doing this just wait for the headlines to come. You computer is worth money to criminals:
I have posted the suggested value depending on your use of the computer. ~$29
Our true defense is in the blocking of network traffic and detection and mitigation once attack starts. We have to assume they will hack at some point.
http://oversitesentry.com/block-all-traffic-from-china-improves-your-defense/ (post from March 3rd)
An IPS system allows you to see what is going on in your network. If you don’t have an idea what is going on then you are walking blind. At least with an IPS system you will know what you are up against.
Contact us to help you decide the level of risk managment and PCI compliance
we can help you make IT security your career
1 thought on “Do You Believe There is a #CyberSecurity Problem?”