Menu 0
Cyber Hacking

Cyber Hacking

May 11, 2020

You might have heard Logan and I talk about Human Hacking on the podcast last week, but what about cyber hacking?  How is it the same but yet so different?  How have some of the major hacking cases from the past decade influenced how we live our lives today?  How do we think it is going to continue into the future?  We're in this new era of the Internet of Things (IoT), where most everything is connected and vulnerable in some way.  Cyber hacking has been around for a lot longer than most people realize, yet, it's really taken center stage this last decade.  Why?  Well, for starters, most of us have probably felt the ramifications of a cyber hack in our own lives, whether it be personally or with someone close to us.  And I would argue to say that it has definitely impacted relationships around the world and how we deal with some of the major players out there like China or Russia or Iran.

2010  

Stuxnet 

Arguably one of the most important attacks in history – showing how bits and bytes could become physical, and how government-led cyberattacks could destroy physical systems and structures.  Similar tactics were used by Russia in 2015 against Ukraine when they shut down their power grid through a cyberattack.   But what did Stuxnet do?  This was an extremely sophisticated and targeted attack that specifically targeted an air-gapped network, meaning no connection to the outside internet. 

Machine generated alternative text: — HOW WORKED UPORTE FROM SOURCE 1. infection Stuxnet enters a system via a USB stick and proceeds to infect all machines running Microsoft Windows. By brandishing a digital certificate that seems to show that it comes from a reliable company, the worm is able to evade automated-detection systems. 4. compromise The worm then compromises the target system's logic controllers, exploiting "zero day" vulnerabilities software weaknesses that haven't been identified by security experts. 2. search Stuxnet then checks whether a given machine is part of the targeted indus- trial control system made by Siemens. Such systems are deployed in Iran to run high-speed centrifuges that help to enrich nuclear fuel. 5. control In the beginning, Stuxnetspies on the operations of the targeted system. Then it uses the information it has gathered to take control of the centrifuges, making them spin themselves to failure. 3. update If the system isn't a target, Stuxnet does nothing if it is, the worm attempts to access the Internet and download a more recent version of itself. ill 6. deceive and destroy Meanwhile, it provides false feed- back to outside controllers, ensur- ing that they won't know whats going wrong until its too late to do anything about it.

Source

2013 

Yahoo  

Three billion accounts compromised and the largest in the history of the internet.  It took Yahoo 3 years to notify the public and essentially ended the company's ability to compete as a search engine and email provider,  and with that, clearing the way for Google.  

2014 

Sony 

North Korea's attack against Sony showed their true abilities and placing themselves on the map as a legitimate threat actor.  The hack came shortly after the release of the controversial Seth Rogan film The Interview which showed North Korea in a bad light.  But what probably harmed Sony more is the millions of emails released.   

2015 

OPM 

21 million current and former government workers records released plus a separate database with six million fingerprints.   How do we think this could end poorly for say, undercover agents?  For targeting of senior leaders?

2016 

DNC  13

We had email leaks, we had hacks, we had nation states involved, how is this not a movie yet?  The email leak resulted in embarrassment for the DNC and a few resignations of top DNC staff.   Then the DNC's computer network got hacked, not once, but twice, by two separate Russian APTs, Cozy Bear and Fancy Bear, who, by the way, weren't working together. 

2017 

Shadow Brokers 

In 2016/2017, an unidentified group calling themselves the Shadow Brokers published a trove of NSA's most coveted hacking tools, some of which became some of the most significant hacks of the year such as NotPetya and Wannacry.  The NSA compromise began around 2013, which contained several exploits and tools targeting routers, mail servers, Microsoft Windows, and a working directory of an NSA analyst breaking into the SWIFT banking network.      

  • Who?  Unknown.  Harold Martin, a former Booz Allen Hamilton contractor was arrested for stealing approximately 50 terabytes of data from NSA was the lead suspect, but the Shadow Brokers continued posting messages after he was detained.   
  • Many fingers point to Russia, but why would they want to release?  More valuable to keep.  China?  Unlikely since they were trying to play nice at that point.  North Korea/Iran unlikely to have the capabilities.  Our allies are unlikely due to not wanting to receive the wrath of the US.   

Equifax 

Not the largest hack, but significant since the data stolen contained the most sensitive of data (social security numbers, addresses, drivers' license numbers, credit card numbers, etc.).  And the fact that they were compromised from an unpatched Struts vulnerability, which could have been prevented with the most rudimentary of protection measures.   

2018 

Year of ransomware – Atlanta, GA; Wasaga Beach, Ontario; West Haven, Connecticut 

2019 

More ransomware - Jackson County, GA; Albany, NY; Augusta, Maine; Greenville, NC; Imperial County, CA; Baltimore, MD; Riviera Beach, FL 

But that's not all! 

What about cars?  I think most of us have probably heard about Jeeps getting hacked.  But I've also seen/heard of some other tools out there that will hack almost any vehicle out there from 2007 on.   

Or medical supplies?  In 2019, the FDA came out with concerns over internet-connected insulin pumps being vulnerable to hacking.   

What's next? 

It's not just data we need to protect, it's everything.  We live in the world of Internet of Things (IoT) where nearly anything in our lives can now be controlled or accessed via our phones or watches.  If you've seen Mr. Robot you see this when they take control of an executive's house through her IoT devices, altering the temperature in her house, the water temperature of her shower, the alarm system.  All enough to make her leave and stay at her other house.  It's not common, but it's possible.  And it's only the beginning.   

So what do we do? 

I'm going to sound like a broken record here, but patch, patch, patch.  Make sure your systems and devices are up to date, make sure you use two factor authentication on anything you can, have strong passwords.  It's all the same things I've been saying for a while now.

As seen on http://www.allymarie.net/cyber-hacking/

 

35 blocks selected.



Leave a comment

Also in Rogue Dynamics

Social Engineering
Social Engineering

July 02, 2020 1 Comment

Read More

So, You Keep Getting Hacked?
So, You Keep Getting Hacked?

June 01, 2020 39 Comments

Read More

Anatomy Of A Computer Network Attack (CNA) – Part 1
Anatomy Of A Computer Network Attack (CNA) – Part 1

May 27, 2020 1 Comment

Read More