The Paradox Of Network Attack: How To Use The Breakthrough Of Hacker To Protect Security

2021-05-23   |   by CusiGO

Every morning, when we wake up, we see several cyber attacks on the news, not one. The latest and most dramatic – not the last – was a cyber attack on the US colonial pipeline company, which delivers refined fuel ready for use by ground and air vehicles, from Texas in the south of the country to the east coast of Washington, New York and Boston.

On Friday, May 14, the company was forced to cut off its fuel supply due to a blackmail software attack, one of the programs installed on its computer, They encrypt the contents of the hard disk and ask for a ransom for bitcoin (an untraceable cryptocurrency) to send the decryption key back to its previous state. The cyber criminal group behind the attack claimed to be the dark ones, and colonial pipeline paid a ransom of $5 million to get it back to work. Paying ransom is considered a crime in Spain.

How did we get to this helpless situation? Not enough resources for enterprise network security? Most western countries are formulating a specific strategy to strengthen the network security of industrial and production clusters. There are too many blackouts, blackouts, critical infrastructure failures and so on, all of which are caused by hacker organizations, in many cases Chinese and Russians, unable to talk about cyber war and all its consequences.

But let’s try to focus on two specific questions: how do they get into our computers? Why can’t you undo the damage you’ve caused and you have to get the decryption key?

It’s true that the software we use every day has errors. The reason why hackers can enter our computers is that there are errors in the software, some of which are due to human negligence: missed checks, misexecuted instructions, still used outdated bookstores [functions encoded in programming language], Wait, wait. In many cases, network criminals use the known fault information to invade the access to devices; In other cases, hackers themselves are aware of some undocumented vulnerabilities to launch so-called zero day attacks.

Is there a way to detect these defects? In fact, there are many professionals working in this area and reporting in an appropriate way: finding a vulnerability means creating and releasing a “patch” to fix it almost immediately. Everyone or organization is responsible for keeping their computer infrastructure up to date. If not regularly updated, these security patches will not be included, hackers may enter.

In fact, patch distribution creates a new business for cyber criminals: hackers can find out which version of software is installed on a specific package or component in a certain way, and only need to use the version number to know the available vulnerability directory. As a result, it’s easier to infect computers because of security patches (or no security patches). However, it must be remembered that network security is a multidisciplinary field, not only computer science and telecommunications, but also the intersection of human factors, espionage, social engineering and simple third-party information theft.

Why can’t you undo the damage you’ve caused and you have to get the decryption key? The current encryption methods are almost unbreakable, and there is a strange situation: the more efforts are made to protect personal information and privacy, the more difficult it is for the security forces to defend themselves, because the protection methods are getting better and better. In fact, the development of anti attack information encryption mechanism enables hackers to encrypt hard disk without recovering information. In some cases, professionals can retrieve it: for example, some ransom payers issue decryption keys that hackers give them, and hackers may decrypt their computers for a third party. However, the safest way is still to keep an up-to-date backup of our information in a protected place – in this sense, the cloud is not a good place – in order to recover it in the event of an attack.

Santiago Escobar Roman is a professor of language and information systems at Valencia Polytechnic University.

Invisible chronicle is a promotion space of computer science, coordinated by the society of software engineering and software development technology. Intangible assets is the non-material part of computer system (namely software). This paper describes its history and development. The author is a professor at the University of Spain, coordinated by Ricardo PE NIA Mar í (professor at the University of Complutense in Madrid) and Macario Polo usaola (current professor at the University of Castilla La Mancha).

You can follow the country’s technology on Facebook and twitter.