The evolution of malware has come a long way. From the Creeper Worm, the first known computer virus, which was designed in 1971 by Robert H. Thomas, to where we are today is night and day.
It is a constantly evolving science. Bad actors adapt to the newest security practises; finding new ways to exploit weaknesses in the system. And then security practitioners learn from those adaptations; developing new forms of security.
We are now even seeing the effects of malware creeping into the physical world, such as the Stuxnet attacks on the Iranian nuclear program.
And despite what some may say, you should not expect this back-and-forth, ever-changing battle between the attackers and defenders to end anytime soon, as the attacks of the future will become more and more complicated and outside the box, said Soloman Sonya, assistant professor of computer science at the United States Air Force Academy, at SecTor 2019 in Toronto this week.
“Others will say, ‘Don’t worry. The large scale attack will be nothing of significance tomorrow because now we’re going to insert word-of-the-day AI,” said Sonya. But he added that we will never be able to say that we are completely secure.
Sonya explained his understanding of the evolution of malware as a progression based on the new-found capabilities of the malicious actors. As they found new ways to cause damage and chaos, they exploited those new avenues.
According to Sonya, first it was simply a question of “What can I do?”. Once hackers learned that, they moved on to “How can I move?” and “How do I communicate?”. With the basics mastered, it began a race to “How do I evolve?”. And that is when hackers realized this could be a means to a monetary end; starting to ask themselves “What can I take to generate money?” and “How do I get you to pay me?”.
But now that this has all been accomplished, these bad actors seem to have gotten bored of the digital space and have begun to turn their eyes towards the physical space.
And the advancement of technology has enabled them, as we see vehicles connected to the internet and even entire factories suddenly becoming connected due to advancements in IoT technology.
So what can we expect to see come of this?
“Tomorrow’s attacks will be asymmetrical and unconventional,” said Sonya. He pointed to recent attacks in the physical realm like the previously mentioned Stuxnet attacks, the attack demonstration on a moving Jeep by Charlie Miller and Chris Valasek, and the incident in which hacker Chris Roberts was able to hack into the controls of the plane he was on by using the in-flight entertainment system; even wondering if the recent issues with Boeing 747 Max 8 planes could have had something to do with a malware attack.
Complicating things further, said Sonya, is the presence of nation state-backed hackers. While he said he was hesitant to pick on them, Sonya did bring up China on multiple occasions, pointing to the added threat that such financial backing can give to hackers.
And as the evolution of technology advances, Sonya says that everything in our world has become an attack surface, referencing impending threats to IoT devices, medical equipment, and even drones.
So with all of this being said, what can security professionals do to protect us against these futuristic malware attacks?
Sonya said to remain vigilant and remain flexible and ready to evolve. While the attackers will continue to get better, if the defenders continue to improve, he says victory is possible.
“I need everybody to continue to be better. Each year your attackers are getting better on a daily basis,” Sonya said to the crowd of cybersecurity professionals. “Victory is in your hands and tomorrow will be better.”
Cybersecurity Conversations with your Board – A Survival Guide
A SURVIVAL GUIDE BY CLAUDIO SILVESTRI, VICE-PRESIDENT AND CIO, NAV CANADA