ALL >> Computers >> View Article
Protecting Your Company From Backdoor Attacks – What You Need To Know
Total Articles: 54
“We often get in quicker by the back door than the front” — Napoleon Bonaparte
A rare example of a backdoor planted in a core industry security standard has recently come to light. It is now widely believed that the NSA compromised trust in NIST’s encryption standard (called the Dual EC DRBG standard) by adding the ability for NSA to decipher any encrypted communication over the Internet. This incident brings to fore the question of how much trust is warranted in the technologies that enable business over the Internet today.
There are only a few organizations in the world (all with 3 letter acronyms) that can pull off a fundamental backdoor coup such as this. More commonly entities undertaking backdoor attacks do not have that level of gravitas or such far reaching ambitions – instead the majority of these entities tend to leverage backdoors to undertake cybercrime missions ranging from advanced persistent threats on specific target companies, to botnet and malware/adware networks for monetary gains. In these instances, Cloud services are a favorite vector for injecting backdoors into the enterprise.
What can we really trust?
In his 1984 Turing Award acceptance speech, Ken Thompson points out that trust is relative in what is perhaps the first major paper on this topic titled Reflections on Trusting Trust which describes the threat of backdoor attacks. He describes a backdoor mechanism, which relies on the fact that people only review source (human-written) software, and not compiled machine code. A program called a compiler is used to create the latter from the former, and the compiler is usually trusted to do an honest job. However, as he demonstrated, this trust on the compiler to do an honest job can, and has, been abused.
Inserting backdoors via compilers
As an example, Sophos labs discovered a virus attack on Delphi in August 2009. The W32/Induc-A virus infected the program compiler for Delphi, a Windows programming language. The virus introduced its own code to the compilation of new Delphi programs, allowing it to infect and propagate to many systems, without the knowledge of the software programmer. An attack that propagates by building its own Trojan horse can be especially hard to discover. It is believed that the Induc-A virus had been propagating for at least a year before it was discovered.
While backdoors in compilers are more frequent than backdoors in standards, they are not as prevalent as backdoors in open-source software. Enterprises freely trust closed- and open-source software as evidenced by its extensive use today. In our experience, we have not come across any corporate enterprise that does not use (and hence trust) at least some open-source software today.
The open-source conundrum
The global software contributor base and publicly reviewable source code are both hallmarks of an open-source ecosystem that actually provides transparency and value for free. Yet, these are the same characteristics that pose the biggest risk of backdoor exploits into enterprises by malicious actors intent on capturing competitive advantage. Unlike surpassing huge barriers in influencing (or writing) an industry standard, open-source projects enable someone to choose any of the millions of open-source projects (> 300,000 hosted in SourceForge alone, at last count) in hundreds of mirror sites opening up a broad surface area of attack.
One of the earliest known open-source backdoor attacks occurred in none less than the Linux kernel — exposed in November 2003. This example serves to show just how subtle such a code change can be. In this case, a two-line change appeared to be a typographical error, but actually gave the caller to the sys_wait4 function root access to the system.
Hiding in plane sight
Given the complexity of today’s software, it is possible for backdoors to hide in plain sight.
More recently, there have been many backdoors exposed including an incident last September with an official mirror of SourceForge. In this attack, users were tricked into downloading a compromised version of phpMyAdmin that contained a backdoor. The backdoor contained code that allowed remote attackers to take control of the underlying server running the modified phpMyAdmin, which is a web-based tool for managing MySQL databases. In another case that came to light as recently as August, 2013, a popular open-source ad software (OpenX) used by many Fortune 500 companies including was determined to have a backdoor giving hackers administrative control of the web server. Worse than the number of these backdoors is the time elapsed between the planting of the backdoor and the actual discovery of the backdoor. These backdoors often go unnoticed for months.
How to prevent backdoor attacks
The reality in today’s enterprise is that software projects/products that have little or unknown trust are leveraged every day. We have found that many of these backdoors elude malware detection tools because there are no executables, Enterprises must now look for new ways to track the open-source projects that enter their enterprise from external untrusted sources, such as open-source code repositories and must be able to rapidly respond to any backdoors discovered in these projects. If not, these backdoors have the potential to inflict serious and prolonged harm on the enterprise.
To learn more about how to protect yourself from backdoor attacks and other Cloud Security threats, check out our 4-Step Guide to Cloud Data Security below.
Computers Articles1. Latest Mobile Commerce Tech Trends You Don’t Want To Miss Out On
Author: Maria Williams
2. How To Secure Your Ipad Device With Norton Security Deluxe?
Author: James Watson
3. 5 Myths About Socks Proxies
4. Responsive Website Design By Seven Monies
Author: Seven Monies
5. Surface Studio Promo Code: Buy Device With Unlimited Creative Possibilities!
Author: Christine Bleakley
6. Mcafee Activate Support
Author: elise alexander
7. How To Use Google As Proxy Server
8. Learn Easy-fix Ways To Resolve The Error With Microsoft Office Setup
Author: Bailey Martin
9. Best Knowledge Management Software In Php
10. ‘cpm Vs Cpc Vs Cpa’, How To Get Better Roi For Your Small Business
Author: Matt Parker
11. What Is Call Tracking? How Call Tracking Software Can Make Your Small Business To Grow Bigger?
Author: Matt Parker
12. How To Configure Norton Identity Safe?
Author: James Watson
13. Web Based Online Exam Software
Author: Conduct Exam
14. Having Trouble While Uninstalling Mcafee Webadvisor Or Siteadvisor? Find Solution Here
Author: Mike Metsan
15. how To Fix Mcafee Error Code 7305 - www Mcafee Com/activate
Author: Aida Martin