Wednesday, December 9, 2020

Fun With Computer Security: Three Levels of Hell

FireEye needs to reimagine it's security protocols 'cause 
those sneaky Russkis stole 'em

I hope this isn't TL/DR.


The first level
The New York Times reports that a top cybersecurity firm, FireEye, has been hacked, probably by the Russian government. The attack is thought to probably be in retaliation for the firm's past anti-hacking successes against businesses and governments. The NYT writes
WASHINGTON — For years, the cybersecurity firm FireEye has been the first call for government agencies and companies around the world who have been hacked by the most sophisticated attackers, or fear they might be.

Now it looks like the hackers — in this case, evidence points to Russia’s intelligence agencies — may be exacting their revenge.

FireEye revealed on Tuesday that its own systems were pierced by what it called “a nation with top-tier offensive capabilities.” The company said hackers used “novel techniques” to make off with its own tool kit, which could be useful in mounting new attacks around the world.

It was a stunning theft, akin to bank robbers who, having cleaned out local vaults, then turned around and stole the F.B.I.’s investigative tools. In fact, FireEye said on Tuesday, moments after the stock market closed, that it had called in the F.B.I. 
The $3.5 billion company, which partly makes a living by identifying the culprits in some of the world’s boldest breaches — its clients have included Sony and Equifax — declined to say explicitly who was responsible. But its description, and the fact that the F.B.I. has turned the case over to its Russia specialists, left little doubt who the lead suspects were and that they were after what the company calls “Red Team tools.”
That is is just a reminder of the reality and intensity of forever cyberwar. Now Russia (or whoever hacked the company) can use the company's tools to hack everyone else. 

Being a fairly regular critic of Putin and his endless lies and kleptocratic thuggery, Dissident Politics has gone to permanent Red Alert! status. (Shields up Warf! Warf: Huh?)


The next level: This is even more disturbing 
China is reporting exciting news about a new generation of quantum computers that is fast at doing some specifically hard-wired calculations & stuff. The Chinese government has developed a new way to do quantum computing using a few photons, optical fibers and mirrors. It's almost smoke and mirrors. LiveScience reports:
A team of Chinese scientists has developed the most powerful quantum computer in the world, capable of performing at least one task 100 trillion times faster than the world's fastest supercomputers.

In 2019, Google said it had built the first machine to achieve "quantum supremacy," the first to outperform the world's best supercomputers at quantum calculation, Live Science previously reported. (IBM disputed Google's claim at the time.) The Chinese team, based primarily at the University of Science and Technology of China in Hefei, reported their quantum computer, named Jiuzhang, is 10 billion times faster than Google's. [That's pretty darn fast]

Success is measured in terms of number of photons detected. Jiuzhang, which itself is an optical circuit, detected a maximum of 76 photons in one test and an average of 43 across several tests. Its calculation time to produce the list of numbers for each experimental run was about 200 seconds, while the fastest Chinese supercomputer, TaihuLight, would have taken 2.5 billion years to arrive at the same result. That suggests the quantum computer can do GBS 100 trillion times faster than a classical supercomputer.
In the future: Experts believe that quantum computers will be able to hack essentially all encryption keys in use today, making everything available to thieving hackers and hostile nations at cyberwar with any nation, group, company or person they choose to go to attack. Quantum computing technology keeps inching toward that glorious day when essentially all encryption fails and most everything encrypted becomes hackable. 

Countermeasures today: Fortunately, changes to cope are underway. Experts are working on an old technology called the sneakernet. Sneakernet is people typing on typewriters, and walking to deliver stacks of their typed papers to other people. So far, it is believed that quantum computers cannot hack that kind of a high tech, paper-based security system, which was invented whenever the typewriter was invented. Of course, burglars can still potentially hack that kind of a system.

Digression: The new Chinese computer works so fast that reality is distorted and a landscape looks like this to a human:


Well, not really. Landscapes still look like this:

Going to play Donkey Kong
(staring at that makes me dizzy - gotta stop)



The third level: This one is the worst
At present, essentially all important government, business, staches of private kiddy porn and other kinds of criminal information is maintained under some sort of encryption that cannot be hacked or decrypted** by technology in existence today. That's good, sort of, I think. Maybe.

** In this context, decrypting does not refer to stealing or otherwise removing dead bodies from a crypt. It refers to the process to of breaking encryption of electronic data or other information that makes it unreadable to anyone without a key to unlock the encryption. Applying logic, it is clear that encryption in this context does not refer to putting bodies into a crypt.[1]

Among the high jinks that modern hackers employ is a complex technique called harvesting attacks. Actually, it's a simple technique. In this method, hackers steal encrypted information, the encryption key and store it. Then they wait for quantum computers or some other new technology to develop to the point that the encryption key can be decrypted or broken. Once that happens, the thieves can read, use and/or and sell all the previously stolen content. All that data, information and naughty videos can then be sold on whatever market it can be sold on, probably the black market. Harvesting attacks have been around for years and years. Some hackers read things and gain foresight therefrom.

RSA (Rivest–Shamir–Adleman) = a public-key cryptosystem that is widely used for secure data transmission

China now joins Google in claiming ‘quantum supremacy’ with new technology, creating RSA decryption concerns.

China’s top quantum-computer researchers have reported that they have achieved quantum supremacy, i.e., the ability to perform tasks a traditional supercomputer cannot. Although an exciting development, the inevitable rise of quantum computing means security teams are nearer to facing a threat more challenging than anything previous.

Quantum computing is not there quite yet. The Chinese are no closer to being able to decrypt RSA than Google or IBM, but it is only a ‘matter of time’, predicted experts.

A harvesting attack right now could grab an RSA encryption key to be filed away until quantum computing catches up, he added.

“There is no time to waste, because of other classical security problems like harvesting attacks which occur today,” Prisco explained.

“A harvesting attack is the theft of encrypted data & the RSA encryption key used to encrypt that data. While the key cannot be hacked today with the currently available quantum computer, an adversary can steal the data & the key, store it inexpensively in memory, & decrypt the info when they have access to a more powerful quantum computer that can break the key.”

Wait! What?: If hackers have stolen massive amounts of encrypted information and in time the encryption key gets cracked, what will that mean? That will mean that highly capable criminal groups and adversary countries like Russia and China will have additional boatloads of stolen information to use for themselves and/or to use against us. The value of that could run to the hundreds of billions, or more likely trillions. In February 2018, the US Council of Economic Advisers estimated that malicious cyber activity cost the U.S. economy between $57 billionand $109 billion in 2016. Because companies tend to not be honest about their losses to cybercrooks, my estimate is that the cost was at least $200 billion for 2016.

In general, the data theft will be from advanced western democracies, which tend to have the best and most valuable technologies and secret information. Lots of data is not encrypted, so all the advanced stuff is beside the point.[2]


Footnotes: 
1. This is completely unrelated to stealing bodies from the crypt or putting them in. 

Wikipedia: Crypto Wars is an unofficial name for the U.S. and allied governments' attempts to limit the public's and foreign nations' access to cryptography strong enough to resist decryption by national intelligence agencies (especially USA's NSA). Crypto wars implicates free speech concerns and is the subject of ongoing lawsuits.


An export-restricted munition or weapon

Wikipedia's caption: Export-restricted RSA encryption source code printed on a T-shirt made the T-shirt an export-restricted munition, as a freedom of speech protest against US encryption export restrictions. (The shirt's back shows relevant clauses of the United States Bill of Rights under a 'VOID' stamp.) Changes in the export law means that it is no longer illegal to export this T-shirt from the US, or for US citizens to show it to foreigners.


2. The Varonis data security blog writes: As more and more companies experience crippling security breaches, the wave of compromised data is on the rise. Data breach statistics show that hackers are highly motivated by money to acquire data, and that personal information is a highly valued type of data to compromise. It’s also apparent that companies are still not prepared enough for breaches even though they are becoming more commonplace. In fact, the 2019 Data Risk Report found that companies still keep thousands of files unprotected and open for anyone inside the company to access.

No comments:

Post a Comment