Wednesday, July 03, 2013

News from the Cyberwar Front Lines

Who has the answer?

Our telephones vex us. We approach computers with fear. This flurry of gadgets dropping all around us leave us uncertain at times. “Did that bill really get paid?” “Why no new emails?” “Did she get my text message?” “Has my network or workstation been hacked?” “Is this app malware or not?
Avocado and MacBook 077481
I work in the front lines of technology. So deep in the forward trenches I am forbidden to discuss my actual work, almost like a Special Forces team member, but in an Internet-based sense, fighting cyberwars rather than gun battles out on dusty plains.
It will surprise some to know that I do not work for any government agency tasked with protecting U.S. networks. I am one of the thousands of gears that keep the network itself grinding away.  Private firms deploy all manner of technicians in order to assist employees and customers with threats, real and imagined. These days the threats are more real than ever.
Millions of devices in North America alone are infected with malware or simply hacked, accessible to anonymous spies sitting thousands of miles away. The infected device may be that phone in your pocket or that old tower computer in Dad’s home office. Dangerous rogue applications could also be roaming the plains of any large corporate or government server farm. 

The problem might have started with an administrator's visit to a new web site hosting fascinating photos. Quite often it starts with some computer code in a cleverly-disguised email. The threat might also be a rogue Android OS application on an employee phone or a gullible person entering data in a phishing web site. The idea of an insider stealing secrets is somehow intriguing but the Edward Snowdens of this world are not a common breed. Employees that are not properly trained in basic cyber-security measures represent a far larger threat.

Who is Watching You?

If you work somewhere with access to sensitive information, your employer almost certainly monitors your activity even more than you realize. Some employers are so busy watching their own workers, they often miss the visitors. Visitors that got a senior employee’s login and password by installing a key logger on an insecure home computer.  The manager logged in to his work network from home to check her email or file a time sheet or submit an expense report. Now the hacker holds that manager’s level of access to the corporate network.

This unsuspecting employee and anonymous hacker partnership often takes place entirely in stealth mode. Your employee may have no idea that he has given an Eastern European or Asian crime syndicate access to files supposedly kept behind firewalls. It is not just crime rings that hack either, governments of nearly all nations employ hardware and software engineers and administrators. Some of that crowd is developing ways to look at and steal the files of other nations and key industries.
An adept hacker knows such access is fleeting, so they may leave behind special software that will transmit stolen data at a later date. A large list of customer names, credit card details and addresses is worth millions. Such items are traded on the black market regularly.

A single stolen drug or gadget design could be worth millions. By stealing the plans the thieves avoid the high research and development costs. It happens more often than you imagine. Look at the designs of products made in different countries, ranging from large aircraft down to microchips. Somebody usually borrowed something along the way. 
Other hackers simply want to steal your network access. They quietly hack into hundreds of connected PCs owned by people in wealthy nations and literally re-sell that Internet bandwidth in the 3rd World. Those collections of zombie computers are called “botnets” in case you haven’t heard. Zombie computers are not rare at all, it may the old Dell or HP in your home office. You let the anti-virus software expire and never updated the operating system. Maybe you visited a website your wife would never have approved of, it only takes a brief second for a script to execute.
Still other unscrupulous types flood the world with unwanted Spam, typically using the very botnets mentioned above. Hardly a month goes by where a friend somewhere does not suddenly announce “My Gmail has been hacked.” I do not call it hacking after I learn their password was 12345678 or “password.” Of course rules exist to prevent such security keys but humans are adept at creating very easy passwords that still meet the system's minimum rules.
My work is technically limited to a certain set of functions but try telling that to the people across the meeting room table, on the other end of the phone line, or  exchanging emails with you. They are in trouble, they encounter me and they are demanding an answer, sometimes in an unfriendly manner.

Next: Technical Threats to Grids

No comments: