Warning: This post eschews technical accuracy for simplicity and is intended ONLY to give non-techie people a basic understanding of things. Do not attempt to use as an authoritative source—severe embarrassment may result.
"All software has bugs in it". This is the mantra that you will hear any modern software developer chant when questioned over why their software has bugs in it; and—to a large extent—it's true. Theoretically, it's possible to write flawless software, but I can't think of anyone who actually does; not when you're writing anything of any size or complexity, and especially not when you're writing to a deadline. Normally, what happens with software is that it gets released, users use it, they find bugs and report them, and the author of the software releases updates to fix the bugs. This is why your operating system and your web-browser are always asking to be restarted. To give you an idea of how bug-riddled your average piece of software is, Windows XP was released in 2001; it is 16 years old; and people are still finding major bugs in it. A lot of bugs do really annoying things, like corrupting your data, or causing your applications to crash; but today, we're going to be talking about an especially nasty kind of bug; the kind that allows a malicious person to control your computer remotely, over the internet. We're going to call these bugs "exploits".
Over the years, the discovery of exploits has become an industry in its own right. Broadly speaking, there are three main groups who pay people to look for exploits: the makers of the software, who wish to fix the exploits; governments and law enforcement, who wish to access the computers of criminals and rival governments; and criminals, who wish to leverage the exploits to make money. Not only do these three groups employ people to look for exploits, they also buy exploits from third-parties, in what is basically an online marketplace. As you may imagine, the existence of such a marketplace has caused businesses to spring up which essentially specialise in "exploit brokering". Also, it's important to remember that all of these groups are made up of individuals who have their own interests, may move between the different camps, or may have their feet in two or more camps at any one time. So, for instance, a private researcher in Korea may discover an exploit in Windows; he might sell it to a broker in Brazil, who sells it to the CIA; and then someone at the CIA might (illegally) sell it to a Romanian crime syndicate. And of course, since all of these groups know that they all have exploits that the other doesn't, they are all perpetually trying to steal from each other as well.
Governments
Every government that has the ability to hack into the computers of a foreign government or a foreign corporation, does so. No exceptions. However, this is usually for the purpose of information gathering, and examples of governments provably "attacking" each other in this way are rare. Any time you hear a government (usually the USA) accusing another government of a "cyber-attack" (usually China, Russia, Iran, or North Korea) it's more likely that someone is scapegoating someone else for political reasons.
Criminals
Apart from identity/credit-card theft, there are two big money-earners for cyber-criminals; and both of them boil down to extortion.
Ransom-Ware
Ransom-ware involves a malicious piece of software getting onto your system, encrypting all of your files, and then demanding that you pay a ransom to have your files unencrypted. Ransom-ware has only been on the scene for a few years, but has quickly become a favourite revenue source for cyber-crims. Unfortunately, if it's written properly, there's no way of getting your files back, short of paying up. Now, more-so than ever, it's important to keep multiple backups of your important files. And don't leave your external hard-drives plugged in unless you're using them.
DDOSing BotNets
This one takes a little more explaining. Every time you do something on a web-page, your browser sends a message to the web-server where that web-page is hosted, and the web-server sends some information (usually a copy of the web-page) back. Web-servers, and the infrastructure that connects them to the internet, can only handle so-many requests per second. So, if millions of people request a web-page at exactly the same time, most of them aren't going to get a response. Big sites, like Facebook, get around these limitations by having copies of their data duplicated on hundreds of servers spread all over the world, but smaller sites simply can't afford to do that.
So, if you can flood a web-server with millions of requests, you can effectively take a web-site offline. Now, if you did this to a business that makes most of its money through its web-site, it would give you some pretty hefty leverage with which to extort money from said business. The question is, how do you produce enough requests to flood the server; after all, you can't do it from a single computer. Well, the best way to do it, is to write a computer virus, and get it to infect hundreds of thousands of computers all around the world. Then, you can get your network of infected computers (known as a bot-net) to start sending requests to the victim, each individual computer contributing so little to the attack that the owner will probably never realise that their machine is infected, much less that it's being used for nefarious criminal activities. This is known as a DDOS or "Distributed Denial of Service" attack.
Believe it or not, there are some people who actually rent out the use of their bot-nets. So, for instance, if I was running "Alex's Online Shoes" and suddenly I found myself in competition with "Squib's Online Shoes", I could pay a few thousand dollars to have somebody else knock this pesky newcomer off the interwebs for me. This is know as "DDOS as a Service".
The Internet of Turds
"Internet of Things" (IoT) is a marketing buzz-word that describes the recent trend of manufacturers shoving cheap, mass-produced, internet-connected computers into everything from televisions, to video-recorders, radios, air-conditioners, refrigerators, ovens, microwaves, automobiles, web-cams, security-cameras, baby-monitors, walkie-talkies, headphones, picture-frames, light-bulbs, door-bells, toilets (yes toilets), and—of course—desktop routers. As we discussed above, these gizmos—like everything else—come complete with exploits baked into the software. However, unlike your browser or operating system, most of these things never receive security updates; meaning that the internet is now OVERFLOWING with easily-exploitable computers. As you can imagine, what we are now seeing is bot-nets that are exponentially larger than anything we've ever seen before; potentially even big enough to knock a FaceBook or a Google off line. That brief outage we saw last year was a result of one such bot-net.
While there's not much you can do if you're targeted by a DDOS attack, my advice is to avoid buying anything that has the word "smart" in the description. For the most part, "smart" is usually just a synonym for "needlessly and insecurely connected to the internet".
I hope somebody found this informative. Feel free to ask any comments in the questions.
10 comments :
Thanks, Alex. RE: ransom-ware, can you become infected even if you don't download anything suss? Can you get it just from googling stuff?
PS. Recently I've been looking at say leggings (part of my Squib uniform) on a shop website that I've placed an order with in the past. Even though I use CCleaner and I'm not logged into Google, I leave the site and then get an email saying 'We saw you looking' or 'Thanks for dropping by' from whatever shop it was. Is that because they link my IP from a previous order? How do they do that - it's extremely creepy
These questions could probably do with their own posts, Squib (but don't worry, I won't take six months to get to them this time … probably). Short answers:
1) Sadly, yes; you can get infected from just browsing around the internet. In order for something to appear on your computer screen, your computer has to first download it. I know most people think of this as being completely seperate from downloading a file or email attachment, but it's not really.
2) They might be using your IP, but it's most likely cookies. Do me a favour, try browsing these shops' websites in private/incognito mode (firefox & chrome call it different things), and let me know if you still get the emails. It's important that you don't try to log into anything while in private mode though. That'll give the game away.
Also, I want to hear more about the Squib uniform. I too have a uniform. It involves a button up shirt with pockets, long pants with pockets, and "nice looking" work boots (which don't have pockets, but they should—you can never have too many pockets).
Well now I can't remember which sites they were but when it happens again I will clean everything then go incognito and see if it happens
Squib uniform is black cotton leggings, black longline tank top, and a shirt over that (usually henley cotton style preferably grey, always cotton or linen) and cotton hoodie tied around my waist. I always used to wear brown leather clogs with this but post foot fracture, I wear sneakers unless going into town, mid-calf brown boots. Recently I have gone so downhill in the style department, I can often be seen wearing a bumbag. This is because I have to carry so much dog shit (sometimes literally but mainly treats, poo bags) and phone, keys etc and I have to be as hands-free as possible to hold on to my dog (and ball thrower). But anyway, I'm serious about it being a uniform. I buy 10 tank tops the same and 5 leggings the same etc I'm having a problem sourcing good summer leggings this year. They all seem to have weird wide yoga waistbands and/or be see-through. On the up side I recently found the most comfortable (yet supportive) cotton bra crop top in the world. I bet they stop making them
Was it from the Running Bare(Bear?) mob you recommended a while ago? Or just something from a local shop over there? I also buy clothes in bulk when I find an item I like. Why wouldn't you?
Am I correct in interpreting that you have a gadget for throwing balls to your dog? What does it look like? And have you considered a backpack?
Running Bare crop tops are no longer very cottony. This is a dance wear company called Danza
https://www.zalando.co.uk/dimensione-danza-sports-bra-melange-3di41i00a-c11.html
Just a normal ball thrower. Have to be able to reach things easily so backpack not ideal
https://www.theguardian.com/world/2017/jun/07/russian-hackers-qatar-crisis-fbi-inquiry-saudi-arabia-uae
Note that the headline implies the Russians are to blame but you have to read it to find out that some other gov may be to blame. Dodgy reporting
So far, I haven't seen evidence that Russia did anything out of the ordinary during the last US election. Of course, that isn't the same as saying: "Russia didn't do anything".
The Arab Gulf states and Israel pour millions into US politics every year. Hell, Hillary was neck deep in Saudi money. And here in Australia right now, we're having a debate over the amount of Chinese money that seems to be ending up in the pockets of both major parties.
Also, most governments that can afford it, pump news into foreign countries. Even Australia has "The Australia Network", which is meant to deliver news from an Australian perspective into the Asian market. I'm sure there's plenty of Indonesians and Filipinos who consider it propaganda, or "fake news".
As for what's going on with Qatar … I don't know. This whole hacking thing has to be a pretense, considering how disproportionate the reaction's been … but what's really going on?
It either involves a lot of money, or some very powerful people with a political agenda. Probably both.
I agree - the Qatar business is very fishy
Post a Comment