In "The anti-virus age is over," Graham Sutherland argues that the targeted, hard-to-stop attacks used by government-level hackers and other "advanced persistent threats" are now so automatable that they have become the domain of everyday script-kiddie creeps. Normally, the advanced techniques are only used against specific, high-value targets -- they're so labor-intensive that it's not worth trying them on millions of people in order to get a few more machines for a spam-sending botnet, or to extract a few credit-card numbers and passwords with a key-logger.
But all attacks tend to migrate from the realm of hand-made, labor-intensive and high-skill techniques to automated techniques that can be deployed with little technical expertise against millions of random targets.
Signature-based analysis, both static (e.g. SHA1 hash) and heuristic (e.g. pattern matching) is useless against polymorphic malware, which is becoming a big concern when you consider how easy it is to write code generators these days. By the time an identifying pattern is found in a particular morphing engine, the bad guys have already written a new one. When you consider that even most browser scripting languages are Turing complete, it becomes evident that the same malware behaviour is almost infinitely re-writeable, with little effort on the developer’s part. Behavioural analysis might provide a low-success-rate detection method, but it’s a weak indicator of malintent at best.
We’ve also seen a huge surge in attacks that fit the Advanced Persistent Threat (APT) model in the last few years. These threats have a specific target and goal, rather than randomly attacking targets to grab the low-hanging fruit. Attacks under the APT model can involve social engineering, custom malware, custom exploits / payloads and undisclosed 0-day vulnerabilities – exactly the threats that anti-malware solutions have difficulty handling.
This was the premise and theme of my novella Knights of the Rainbow Table (also available as a free audiobook). It's a funny old world.
The anti-virus age is over.
The Great State of Maine, having jettisoned its far-right lunatic "government" and replaced it with a responsive, progressive, evidence-based one, is now set to pass the nation's most stringent ISP privacy law, going further than both New York and California.
In 2012, Facebook settled an FTC privacy investigation by promising a host of privacy protections (that they never delivered on); now, the FTC is probing Facebook's noncompliance and they've demanded that the company let them look at Zuck's email, which prompted the company's legal team to have a look therein, and they really didn't like […]
Google's decision to restrict access to the Chrome API needed for full ad-blocking to paid enterprise customers was especially worrisome because Chrome's free/open derivative, Chromium, is the basis for many other browsers, including Microsoft's Edge, as well as Opera and the privacy-focused Brave.
Who needs a holiday sale? Sometimes there’s no better time than the thick of summer to find deals. We should know – we’ve found ten deep discounts on some must-have items. Whether you’re searching for CBD edibles, exercise gear, chargers or other tech, take a look. But don’t look long – these prices aren’t likely […]
Heading abroad? Even if it’s just a short trip, there’s a lot to prepare for. Travel can be incredibly rewarding, but it can tricky to navigate different cultures and lodging arrangements – and even trickier to do it cheaply. Before you go shopping for suitcases, here’s our pick for a good first investment: The Ultimate […]
Fried foods are a weakness for many of us. There’s nothing quite like that extra crisp crackle on chicken, fries or onion rings. And for years, our arteries have been paying for the privilege. Lately, the air fryer has been a godsend for those who love the fried stuff but love their body too. If […]