In "The anti-virus age is over," Graham Sutherland argues that the targeted, hard-to-stop attacks used by government-level hackers and other "advanced persistent threats" are now so automatable that they have become the domain of everyday script-kiddie creeps. Normally, the advanced techniques are only used against specific, high-value targets -- they're so labor-intensive that it's not worth trying them on millions of people in order to get a few more machines for a spam-sending botnet, or to extract a few credit-card numbers and passwords with a key-logger.
But all attacks tend to migrate from the realm of hand-made, labor-intensive and high-skill techniques to automated techniques that can be deployed with little technical expertise against millions of random targets.
Signature-based analysis, both static (e.g. SHA1 hash) and heuristic (e.g. pattern matching) is useless against polymorphic malware, which is becoming a big concern when you consider how easy it is to write code generators these days. By the time an identifying pattern is found in a particular morphing engine, the bad guys have already written a new one. When you consider that even most browser scripting languages are Turing complete, it becomes evident that the same malware behaviour is almost infinitely re-writeable, with little effort on the developer’s part. Behavioural analysis might provide a low-success-rate detection method, but it’s a weak indicator of malintent at best.
We’ve also seen a huge surge in attacks that fit the Advanced Persistent Threat (APT) model in the last few years. These threats have a specific target and goal, rather than randomly attacking targets to grab the low-hanging fruit. Attacks under the APT model can involve social engineering, custom malware, custom exploits / payloads and undisclosed 0-day vulnerabilities – exactly the threats that anti-malware solutions have difficulty handling.
This was the premise and theme of my novella Knights of the Rainbow Table (also available as a free audiobook). It's a funny old world.
The anti-virus age is over.
The UK is one of the easiest places in the world to set up a shady company, which is why accused Mafia money-launderer Antonio “Tonino the Blond” Righi set up his shell company Magnolia Fundaction UK with Britain’s Companies House, giving an address in Soho.
Before being convicted of felony securities fraud, smirking cartoon villain pharma-douche-bro Martin Shkreli had to be tried in front of a jury and this presented a unique problem because everyone hates Martin Shkreli, and thus more than 100 jurors were dismissed from the pool during pre-trial questioning. Here are some of the statements that led […]
Stanford’s Center for Research on Education Outcomes released this study in 2015, comparing the outcomes for students enrolled in online charter schools with comparable students (controlled for grade level, gender, race/ethnicity, free lunch eligibility, English language status, special ed status and historical state achievement test scores) in brick-and-mortar classrooms.
Toaster ovens are the perfect appliance for small things like toasted sandwiches and roasted garlic (try it!), but anything more involved usually requires a full-sized conventional oven.However, despite its small size, the Wolfgang Puck Pressure Oven can handle anything from baked pastries to broiled meats. This kitchen appliance has a minimal countertop footprint, and cooks […]
The Pry.Me Bottle Opener holds tens of thousands of times its own weight, and you can pick one up now from the Boing Boing Store.This remarkable keychain is considerably smaller than any of your keys, but don’t let that fool you: it can easily open any bottle, and could even tow a trailer full of […]
Guaranteeing your privacy online goes way beyond checking the “Do Not Track” option in your browser’s settings. To ensure that your internet activity is totally hidden from Internet Service Providers, advertisers, and other prying eyes, take a look at Windscribe’s VPN protection. It usually costs $7.50 per month, but you can get a 3-year subscription […]