In "The anti-virus age is over," Graham Sutherland argues that the targeted, hard-to-stop attacks used by government-level hackers and other "advanced persistent threats" are now so automatable that they have become the domain of everyday script-kiddie creeps. Normally, the advanced techniques are only used against specific, high-value targets -- they're so labor-intensive that it's not worth trying them on millions of people in order to get a few more machines for a spam-sending botnet, or to extract a few credit-card numbers and passwords with a key-logger.
But all attacks tend to migrate from the realm of hand-made, labor-intensive and high-skill techniques to automated techniques that can be deployed with little technical expertise against millions of random targets.
Signature-based analysis, both static (e.g. SHA1 hash) and heuristic (e.g. pattern matching) is useless against polymorphic malware, which is becoming a big concern when you consider how easy it is to write code generators these days. By the time an identifying pattern is found in a particular morphing engine, the bad guys have already written a new one. When you consider that even most browser scripting languages are Turing complete, it becomes evident that the same malware behaviour is almost infinitely re-writeable, with little effort on the developer’s part. Behavioural analysis might provide a low-success-rate detection method, but it’s a weak indicator of malintent at best.
We’ve also seen a huge surge in attacks that fit the Advanced Persistent Threat (APT) model in the last few years. These threats have a specific target and goal, rather than randomly attacking targets to grab the low-hanging fruit. Attacks under the APT model can involve social engineering, custom malware, custom exploits / payloads and undisclosed 0-day vulnerabilities – exactly the threats that anti-malware solutions have difficulty handling.
This was the premise and theme of my novella Knights of the Rainbow Table (also available as a free audiobook). It's a funny old world.
The anti-virus age is over.
Philips has acquired Luciom, a French startup that makes Li-Fi products, which allow for very fast network connections over short distances by flickering an LED at speeds that are too fast to register on the human eye, and which can ever work in the dark by operating at low dimness settings the human eye perceives […]
Many insurers offer breaks to people who wear activity trackers that gather data on them; as Cathy “Mathbabe” O’Neil points out, the allegedly “anonymized’ data-collection is trivial to re-identify (so this data might be used against you), and, more broadly, the real business model for this data isn’t improving your health outcomes — it’s dividing […]
As the US government ramps up its insistence that visitors (and US citizens) unlock their devices and provide their social media accounts, the solution have run the gamut from extreme technological caution, abandoning mobile devices while traveling, or asking the government to rethink its policy. But Maciej Cegłowski has another solution: a “travel mode” for […]
DJI is the world’s leading designer and producer of easy-to-fly drones and aerial photography systems. If you’re a drone enthusiast, you want a DJI. If you know absolutely nothing about drones and think they’re weird, if you win a DJI you’re going to become a drone enthusiast.Enter this giveaway (for free, yes) and you’ll get a […]
Although there will never be a consensus about the best way to make coffee, any coffee connoisseur will agree that controlling the grind of your beans and balancing water temperature are the keys to a tasty cup. Since your plastic coffee pot doesn’t really allow for that kind of customization, going back to the French […]