TECHNOBABBLE: Buying domains to protect the world | Columnists | #computerhacking | #hacking


There are a lot of moving parts that go into a successful hack. Twenty years ago a hacker would usually have to be on the same network (like a university school network) to do something to your computer. Though twenty years ago hackers were mostly just playing around. They might infect your machine with a virus that changes the letter ‘a’ to a ‘v’ when typed to annoy you. The stakes are a lot higher today. Hackers these days are after money, information, or to disrupt your operations and their tools are a lot more sophisticated.

There’s a saying in computer security. Hacks will only ever get better, never worse. Today a hacker might use a worm to hack routers and create a botnet of several thousand machines (one hacker actually did this, but instead of creating the botnet they fixed the vulnerability in the router). They might tell that botnet to poll a specific domain to see if certain text on a certain page exists and then launch several email scams to see if they can get someone to click on a link to a webpage that contains malicious code that will infect the person’s computer. I know this all sounds like a lot of work, but what I just described would be on the less complex side for hacks today.

Hacking is a tool that you can do a lot of damage with for relatively little money. The war in Ukraine has shown us that even simple anti-tank missiles cost upwards of $70,000. For the cost of two of those missiles you could hire a hacker who can get you access to enemy data and infrastructure. With that access you might know troop movements ahead of time to be better able to position your own forces. Or you might decide to shut down one of their power plants to disrupt operations at their headquarters. Years ago the Stuxnet virus was used to destroy uranium enrichment facilities in Iran, effectively preventing them from obtaining nuclear weapon capabilities. Not one shot was fired to do that.

This so-called state sponsored hacking is used by every country. Russia is one of the worst offenders, they use hacking for every reason I described above. The southwest oil pipeline shutdown last year was caused by a group in Russia. And they’ve been at it since the war in Ukraine started.

Microsoft recently disrupted cyberattacks from Russia targeting Ukraine and the west by taking possession of a handful of domain names. Taking the domain that a hack uses is often very effective at slowing or stopping the attack since the hacker often relies upon malware that lays dormant on computers/routers/servers they infected but don’t have immediate access to. That malware is programmed to look at specific domains for instructions (or to deliver data to). If the domain is seized then the malware cannot work. This is actually how a security researcher stopped the WannaCry ransomware virus from spreading in 2017.

As people went into work they’d check their emails in the morning. The night before a hacker had sent a malicious email to thousands of people at hundreds of organizations. Once infected WannaCry would execute a ransomware attack on the company by infecting every machine on the network and then encrypt their files. Fedex and the British NHS were two of the largest organizations hit.

A security researcher from the UK noticed that the malware was programmed to do nothing if a rather obscure domain name was owned. So he bought the domain name and the attack was effectively stopped. No one knows why the hackers programmed the malware to do nothing if that domain was owned, but it saved the United States and other countries from a lot of headaches.

Jason Ogaard is a software engineer and former Hutchinson resident. He welcomes your technology questions, and he’ll answer them in this place. Please send your questions to technobabble@hutchinsonleader.com.



Original Source link




Leave a Reply

Your email address will not be published.

5 + = fourteen