ALL >> Computers >> View Article
Protecting Your Company From Backdoor Attacks – What You Need To Know
Total Articles: 54
“We often get in quicker by the back door than the front” — Napoleon Bonaparte
A rare example of a backdoor planted in a core industry security standard has recently come to light. It is now widely believed that the NSA compromised trust in NIST’s encryption standard (called the Dual EC DRBG standard) by adding the ability for NSA to decipher any encrypted communication over the Internet. This incident brings to fore the question of how much trust is warranted in the technologies that enable business over the Internet today.
There are only a few organizations in the world (all with 3 letter acronyms) that can pull off a fundamental backdoor coup such as this. More commonly entities undertaking backdoor attacks do not have that level of gravitas or such far reaching ambitions – instead the majority of these entities tend to leverage backdoors to undertake cybercrime missions ranging from advanced persistent threats on specific target companies, to botnet and malware/adware networks for monetary gains. In these instances, Cloud services are a favorite vector for injecting backdoors into the enterprise.
What can we really trust?
In his 1984 Turing Award acceptance speech, Ken Thompson points out that trust is relative in what is perhaps the first major paper on this topic titled Reflections on Trusting Trust which describes the threat of backdoor attacks. He describes a backdoor mechanism, which relies on the fact that people only review source (human-written) software, and not compiled machine code. A program called a compiler is used to create the latter from the former, and the compiler is usually trusted to do an honest job. However, as he demonstrated, this trust on the compiler to do an honest job can, and has, been abused.
Inserting backdoors via compilers
As an example, Sophos labs discovered a virus attack on Delphi in August 2009. The W32/Induc-A virus infected the program compiler for Delphi, a Windows programming language. The virus introduced its own code to the compilation of new Delphi programs, allowing it to infect and propagate to many systems, without the knowledge of the software programmer. An attack that propagates by building its own Trojan horse can be especially hard to discover. It is believed that the Induc-A virus had been propagating for at least a year before it was discovered.
While backdoors in compilers are more frequent than backdoors in standards, they are not as prevalent as backdoors in open-source software. Enterprises freely trust closed- and open-source software as evidenced by its extensive use today. In our experience, we have not come across any corporate enterprise that does not use (and hence trust) at least some open-source software today.
The open-source conundrum
The global software contributor base and publicly reviewable source code are both hallmarks of an open-source ecosystem that actually provides transparency and value for free. Yet, these are the same characteristics that pose the biggest risk of backdoor exploits into enterprises by malicious actors intent on capturing competitive advantage. Unlike surpassing huge barriers in influencing (or writing) an industry standard, open-source projects enable someone to choose any of the millions of open-source projects (> 300,000 hosted in SourceForge alone, at last count) in hundreds of mirror sites opening up a broad surface area of attack.
One of the earliest known open-source backdoor attacks occurred in none less than the Linux kernel — exposed in November 2003. This example serves to show just how subtle such a code change can be. In this case, a two-line change appeared to be a typographical error, but actually gave the caller to the sys_wait4 function root access to the system.
Hiding in plane sight
Given the complexity of today’s software, it is possible for backdoors to hide in plain sight.
More recently, there have been many backdoors exposed including an incident last September with an official mirror of SourceForge. In this attack, users were tricked into downloading a compromised version of phpMyAdmin that contained a backdoor. The backdoor contained code that allowed remote attackers to take control of the underlying server running the modified phpMyAdmin, which is a web-based tool for managing MySQL databases. In another case that came to light as recently as August, 2013, a popular open-source ad software (OpenX) used by many Fortune 500 companies including was determined to have a backdoor giving hackers administrative control of the web server. Worse than the number of these backdoors is the time elapsed between the planting of the backdoor and the actual discovery of the backdoor. These backdoors often go unnoticed for months.
How to prevent backdoor attacks
The reality in today’s enterprise is that software projects/products that have little or unknown trust are leveraged every day. We have found that many of these backdoors elude malware detection tools because there are no executables, Enterprises must now look for new ways to track the open-source projects that enter their enterprise from external untrusted sources, such as open-source code repositories and must be able to rapidly respond to any backdoors discovered in these projects. If not, these backdoors have the potential to inflict serious and prolonged harm on the enterprise.
To learn more about how to protect yourself from backdoor attacks and other Cloud Security threats, check out our 4-Step Guide to Cloud Data Security below.
Computers Articles1. Issues & Fixes For Xbox One Repair London
Author: Tony Blair
2. Microsoft Customer Service Your Way To Success
Author: Janey Smith
3. How Do I Get More Cloud Storage Space In Norton?
Author: James Watson
4. Fix Toshiba Laptop Errors At Toshiba Support Australia
Author: Bene Hencock
5. A Few Things To Know About Sony Ps3 Repair Centre
Author: Tony Blair
6. Lost Your Norton Product Key? Here Is How You Can Recover It!
Author: Maria Williams
7. Know Our Office Setup-1- 877-220- 8885 Tech Support Portfolio
Author: Susan John
8. All You Need To Know About Sony Ps4 Repair London
Author: Tony Blair
9. It Consulting Firms Nyc Prove As Life Saver For Small Businesses
Author: SGU CONSULTING
10. How To Securely Erase Your Private Files
Author: James Vaughn
11. The Computer Repair Service Waukesha Offers Best Solutions Within Competitive Price
12. Quick Fixes For Issues With Your Sony Ps4 Repair Leeds
Author: Tony Blair
13. Norton Setup Help Number Provide Online Technical Support
Author: Norton Setup Help Number
14. Everything You Need To Know About Inventory Management Software
15. Want To Buy Computer Keyboard? Some Tips Which Will Assist You In Buying The Best