I've highly recommended the documentary Zero Days by Alex Gibney in the past, as the interviews with cybersecurity experts and military personnel are gold. One of the people in the film that Alex interviews is Ralph Langner, who provides great information about the digital world, security and Stuxnet in Alex's film. He created his own documentary about Stuxnet, highlighting two campaigns of it in his video The Stuxnet Story: What really happened at Natanz.
He compares and contrasts the two campaigns - the first campaign being the worst nightmare for entities, as it operated in stealth and did little damage over time that could have been easily dismissed as normal operations. Some of the points he brings up about the first campaign remind me of how people always talk about destructive attacks because they sound more interesting, but it's the recon or informational attacks that hackers do that can be far worse, even though it's only informational. Intellectual property theft, as an example, can be very costly for a company, but for an attacker, it can be a short and stealthy campaign that never is discovered if done right.
By contrast the second campaign sounds worse in theory because destruction is involved, but actually results in the underlying problem being solved faster because it's identified quicker: it does more damage, it spreads everywhere, uses zero days and stolen certificates, and makes noise which results in it being discovered. This is like an attack group that takes on a big target and causes major disruptions for people all over: they then become the focus and enemy of a lot of people who didn't know about them, rather than operating by stealth (the recent pipeline attack is a good example of this, as the attack made many people aware of the group and has created a lot of enemies for the group). This type of attack lacks long term strategy and creates a lot of enemies; as Sun Tzu might caution - it actually costs more over the long run for the attacker.
This is a good reminder that while destructive hacks get a lot of attention, we should be extremely careful with information hacks. While less glamorous or interesting, they actually can be much more costly.
[link] [comments]
from hacking: security in practice https://ift.tt/3ysHkyx
Comments
Post a Comment