A six-by-eight-foot miniature city, CyberCity features a SCADA-controlled power grid, traffic system, trains, a military base and more, all of which can be hacked and defended in cyberspace similar to a real city. When asked by an audience member whether any significant vulnerabilities were found in the CyberCity hospital, Skoudis offered a stark reminder of the insecure state of the nation’s health care infrastructure.
Attackers, whether they are nation-state actors or run-of-the-mill cybercriminals, are increasingly trying to hide their trails by purposefully inserting code that mimics other attackers.
Or sophisticated malicious hackers may purposefully insert what may be considered rudimentary mistakes into their malcode just so forensics experts won’t think to attribute an attack to them.
Now, Skoudis said, attackers are able to target the exact data they want through the use of forensics tools, with the added benefit that it reduces the noise in the network so they’re less likely to be noticed. “Offensive forensics is taking forensics techniques, analyzing in-depth file systems and memory and combing through it, looking for the needle in the haystack,” he said.
The ultimate point driven home by Skoudis and Ullrich was that defending industrial control systems and financial institutions should be an absolute priority, though the track record of the security industry doesn’t provide much comfort for those concerned about these matters.
Link: http://searchsecurity.techtarget.com/news/2240178966/Emerging-threats-include-kinetic-attack-offensive-forensics-RSA-2013?utm_medium=EM&asrc=EM_ERU_20845656&utm_campaign=20130305_ERU%20Transmission%20for%2003/05/2013%20(UserUniverse:%20635547)_myka-reports@techtarget.com&utm_source=ERU&src=5111753