Month: June 2020
Cyber Security Explained
Cybersecurity relates to the protection of all Net systems, and includes all aspects of the internet such as hardware, software, and data. Cyber threats have grown more complex with each day, and threaten the very existence of the internet. And hence this article, about Cybersecurity explained, and this brief journey into a dark world.
Cybersecurity came to the attention of Netizens with a rather strange Project. Bob Thomas named his project the Creeper. The name came when he realized that it was possible to move a computer program across a network, leaving a small but telltale trail which could be followed. Working in the early version of ARPANET, between Tenex terminals, Thomas got the moving program to print a small message at each stop, “I’M THE CREEPER: CATCH ME IF YOU CAN”. This in turn caught the eyes of Ray Tomlinson (who later became famous as the inventor of email). He worked on this program, and added another significant feature: that of “self replication”. The brilliant mind of Tomlinson then produced another critical step in the equation: he wrote another program that he significantly called the Reaper. The reaper would chase the Creeper, and delete it. And this would make it the first Anti-Virus Software. This then was the simple, inquisitive first steps that led us to the abyss, and back. While it is certainly true that cyber threats existed even then, in the ‘70s and ‘80s, the threat was from the INSIDE, in the form of harmful insiders reading confidential documents they shouldn’t have access to.
The Dark Underbelly
Malicious breaches of software had already started. The Russians had already prepared lunges into their arch enemies’ computer secrets, using cyber hacking as a weapon. The other forms of malware were yet to arrive, but an underhand battle for classified information had already commenced. But while the Russians seemed to have an early start, other major powers were not far behind. Then, in 1986, The German master hacker hacked the Internet Gateway in Berkley University, and then used that connection to access the Arpanet. He then proceeded to hack over 400 Military computers. This included Mainframe Computers at the very heart of American Defense, the Pentagon. But finally, he was defeated from selling the secrets to the Russians at the nick of time. An even finer brain, the Astronomer Clifford Stoll, caught the intrusion. The notorious “Honeypot” technique was employed to capture the rogue, and stop the misadventure in its tracks. This started an epic struggle which extends to this day.
The Worm and the Virus
Cybercrime almost unwittingly lurched to the next stage, when investigator Robert Morris tried to gauge the size of the Internet by using a tracer program that could propagated across networks and infiltrate Unix terminals using a known bug. But his mistake in allowing the bug to copy itself proved disastrous to say the least. The Morris bug ended up by clogging the early Internet to nearly a standstill. And though later vindicated, Morris became the first person to be convicted of Computer Fraud. This was the start of the Virus invasion, and with it, the Anti-Virus (AV) Pack, starting from 1987. But malware samples were multiplying exponentially. From a few thousands in the early ‘90s, it reached over 5 Million samples per year by 2007. By 2014, over 500,000 unique malware samples were flooding the Internet EVERY DAY. Then it was time for the Lateral Movement techniques, by which the Cybercriminals issue commands, run code, and spread the Virus across the Network. A typical example was “Eternal Blue”, which perverts SMB protocols and spreads it. The Shadow Brokers hacking group used it as part of the lethal “Wanna Cry” ransom ware attack on May 12, 2017, which brought the Net World to its knees, as well as the “NotPetya” attacks and the Retente Trojan Banking attack.
The Riposte: AV Scanners
Cybercrimes were now tackled by Incident Response Teams, but they are not cheap. Gartner’s Anton Chuvakin founded “EDR” to focus on the new tools concentrated on visibility. But this cannot be the Final Solution. Problems with Dwell Time and the need for highly skilled Teams still remain.