Cyberwar: Real threat and opportunity

We have had a number high profile cybersecurity stories recently.

The first was a cyber attack against the Democratic National Committee files, again, that was blamed on the Russian government hacker group.

The second was more evidence that the Stuxnet worm that infected Iran’s nuclear centrifuges was built by our own National Security Agency. Many cyber experts are calling the Stuxnet virus the A-bomb of cyberwar; it has taken us into a new age of cybersecurity, espionage and surveillance where the entire web is the battlefield.

Then, an anonymous hacker collective known as Shadow Brokers snuck into the NSA’s internal hacker group known as the Equation Group and stole the code for Stuxnet and other next-gen malware Duqu and Flame (more on this later).

And there was a chilling piece I read in the industry magazine Military and Aerospace Electronics. One of its contributors voiced his concerns that as more of our world is somehow tied to the virtual online world, the more vulnerable we are to threats, whether they’re hackers, state actors or national governments.

His fear is that the threats will give rise to shutting down the free and open internet in coming years as a security measure. That we’re living in the Golden Age of the Internet, and given the sophisticated dark forces out there, our access to the Internet will soon be changed forever.

There’s a new concept in this ‘code war’ called zero day. Microsoft Azure’s Chief Technology Officer Mark Russinovich wrote a brilliant book, Zero Day, a few years ago exploring a zero-day scenario.

Zero day is defined by Wikipedia (correctly, in this case) as:

A zero day (also known as zero hour or 0 day) vulnerability is an undisclosed computer software vulnerability that hackers can exploit to adversely affect computer programs, data, additional computers or a network. It is known as a “zero day” because once the flaw becomes known, the software’s author has zero days in which to plan and advise any mitigation against its exploitation (for example, by advising workarounds or by issuing patches).

Attacks employing zero-day exploits are often attempted by hackers before or on the day that notice of the vulnerability is released to the public; sometimes before the author is aware or has developed and made available the corrected code. Zero-day attacks are a severe threat.

For example in the book, one of the first zero day events would be that the airlines realize malware is now controlling airplanes in flight and there is no way to wrest control back from it. Then the legal community is hit through a shared program, then the financial markets and governments.

You get the idea.

When the book was written, zero day was possible but not realistic. Now it’s a significant reality.

And what we’re learning about our own NSA-sponsored Equation Group is they’ve been so concerned looking at our emails and activities that they have dropped the ball on protecting the U.S. from outside hackers.

The fact that Equation Group was hacked was bad enough. But apparently Shadow Brokers released a review of the Stuxnet code and said it was sloppily constructed, though massive and comprehensive. Kind of sounds like a metaphor for the federal government, no?

Shadow Brokers sent out the source code for the malware it “liberated” so that cybersecurity experts would have an idea what the next generation of malware looks like and how it acts.

And there’s another group that’s the Big Data arm of U.S. intelligence efforts. It’s a private company called Palantir and has been a set up as a business that works almost exclusively with U.S. intel groups, and is now — go figure — expanding into state and government and corporate work.

Once again, instead of looking outward for the incoming threats, the intel community has been more focused on looking at its own citizenry.

Your best bet is to stay off the grid as much as possible, revealing as little about yourself as you can by using Tor or ‘onion’ routers that keep all your web activities encoded as much as possible. Then, if some random hacker is ‘checking door knobs’ they’ll find yours very difficult and time consuming to unlock and will likely move on to easier targets.

Regarding the opportunity here, this is the next iteration of cybersecurity and everyone will have a dog in the fight. Major corporations and governments will be looking to beef up their security, as well as smaller businesses and individuals.

This is great for cybersecurity firms as well a major cloud providers like Amazon that have highly secured online and storage. And, sadly, companies like Palantir will also thrive. Nature abhors a vacuum and there are plenty of ways to invest in this new cyber world we’re entering.


. . . . . . . .

Leave a Reply