Cyber Hacking

Cyber Hacking

May 11, 2020

You might have heard Logan and I talk about Human Hacking on the podcast last week, but what about cyber hacking?  How is it the same but yet so different?  How have some of the major hacking cases from the past decade influenced how we live our lives today?  How do we think it is going to continue into the future?  We're in this new era of the Internet of Things (IoT), where most everything is connected and vulnerable in some way.  Cyber hacking has been around for a lot longer than most people realize, yet, it's really taken center stage this last decade.  Why?  Well, for starters, most of us have probably felt the ramifications of a cyber hack in our own lives, whether it be personally or with someone close to us.  And I would argue to say that it has definitely impacted relationships around the world and how we deal with some of the major players out there like China or Russia or Iran.

2010  

Arguably one of the most important attacks in history – showing how bits and bytes could become physical, and how government-led cyberattacks could destroy physical systems and structures.  Similar tactics were used by Russia in 2015 against Ukraine when they shut down their power grid through a cyberattack.   But what did Stuxnet do?  This was an extremely sophisticated and targeted attack that specifically targeted an air-gapped network, meaning no connection to the outside internet. 

Machine generated alternative text:
— HOW WORKED 
UPORTE FROM SOURCE 
1. infection 
Stuxnet enters a system via a USB stick and 
proceeds to infect all machines running 
Microsoft Windows. By brandishing a digital 
certificate that seems to show that it comes 
from a reliable company, the worm is able to 
evade automated-detection systems. 
4. compromise 
The worm then compromises the 
target system's logic controllers, 
exploiting "zero day" vulnerabilities 
software weaknesses that haven't 
been identified by security experts. 
2. search 
Stuxnet then checks whether a given 
machine is part of the targeted indus- 
trial control system made by Siemens. 
Such systems are deployed in Iran to 
run high-speed centrifuges that help 
to enrich nuclear fuel. 
5. control 
In the beginning, Stuxnetspies on the 
operations of the targeted system. Then it 
uses the information it has gathered to 
take control of the centrifuges, making 
them spin themselves to failure. 
3. update 
If the system isn't a target, 
Stuxnet does nothing if it is, 
the worm attempts to 
access the Internet and 
download a more recent 
version of itself. 
ill 
6. deceive and destroy 
Meanwhile, it provides false feed- 
back to outside controllers, ensur- 
ing that they won't know whats 
going wrong until its too late to do 
anything about it.

2013 

Yahoo  

Three billion accounts compromised and the largest in the history of the internet.  It took Yahoo 3 years to notify the public and essentially ended the company's ability to compete as a search engine and email provider,  and with that, clearing the way for Google.  

2014 

Sony 

North Korea's attack against Sony showed their true abilities and placing themselves on the map as a legitimate threat actor.  The hack came shortly after the release of the controversial Seth Rogan film The Interview which showed North Korea in a bad light.  But what probably harmed Sony more is the millions of emails released.   

2015 

OPM 

21 million current and former government workers records released plus a separate database with six million fingerprints.   How do we think this could end poorly for say, undercover agents?  For targeting of senior leaders?

2016 

DNC  13

We had email leaks, we had hacks, we had nation states involved, how is this not a movie yet?  The email leak resulted in embarrassment for the DNC and a few resignations of top DNC staff.   Then the DNC's computer network got hacked, not once, but twice, by two separate Russian APTs, Cozy Bear and Fancy Bear, who, by the way, weren't working together. 

2017 

In 2016/2017, an unidentified group calling themselves the Shadow Brokers published a trove of NSA's most coveted hacking tools, some of which became some of the most significant hacks of the year such as NotPetya and Wannacry.  The NSA compromise began around 2013, which contained several exploits and tools targeting routers, mail servers, Microsoft Windows, and a working directory of an NSA analyst breaking into the SWIFT banking network.      

  • Who?  Unknown.  Harold Martin, a former Booz Allen Hamilton contractor was arrested for stealing approximately 50 terabytes of data from NSA was the lead suspect, but the Shadow Brokers continued posting messages after he was detained.   
  • Many fingers point to Russia, but why would they want to release?  More valuable to keep.  China?  Unlikely since they were trying to play nice at that point.  North Korea/Iran unlikely to have the capabilities.  Our allies are unlikely due to not wanting to receive the wrath of the US.   

Not the largest hack, but significant since the data stolen contained the most sensitive of data (social security numbers, addresses, drivers' license numbers, credit card numbers, etc.).  And the fact that they were compromised from an unpatched Struts vulnerability, which could have been prevented with the most rudimentary of protection measures.   

2018 

2019 

But that's not all! 

What about cars?  I think most of us have probably heard about Jeeps getting hacked.  But I've also seen/heard of some other tools out there that will hack almost any vehicle out there from 2007 on.   

Or medical supplies?  In 2019, the FDA came out with concerns over internet-connected insulin pumps being vulnerable to hacking.   

What's next? 

It's not just data we need to protect, it's everything.  We live in the world of Internet of Things (IoT) where nearly anything in our lives can now be controlled or accessed via our phones or watches.  If you've seen Mr. Robot you see this when they take control of an executive's house through her IoT devices, altering the temperature in her house, the water temperature of her shower, the alarm system.  All enough to make her leave and stay at her other house.  It's not common, but it's possible.  And it's only the beginning.   

So what do we do? 

I'm going to sound like a broken record here, but patch, patch, patch.  Make sure your systems and devices are up to date, make sure you use two factor authentication on anything you can, have strong passwords.  It's all the same things I've been saying for a while now.

As seen on http://www.allymarie.net/cyber-hacking/

 

35 blocks selected.



Leave a comment


Also in Rogue Dynamics

Rogue Skill Sets
Rogue Skill Sets

May 25, 2020

Read More

Stop Using Windows 7!
Stop Using Windows 7!

May 18, 2020

Change is hard, I get it.   Especially when that change gives you the nonsense that was Windows 8, which was also the final straw in converting me into an Apple fan.  Yes, I eventually gave Windows 10 another chance, and I've certainly learned to like it, but I still miss the days of Windows XP and Windows 7 (no one actually remembers Vista).

Read More

Hacking Humans
Hacking Humans

May 05, 2020

What does "hacking humans" even mean?  To put it simply, social engineering, or using verbal judo as Logan likes to call it, to get something you want or need.  Now, this sounds bad, but it isn't always supposed to be nefarious or malicious.  Sure, people have taken it that direction, but social engineering has been around for as long as humans have been around.  Probably even longer.

Read More