{"id":2266,"date":"2013-03-04T00:00:00","date_gmt":"2013-03-04T00:00:00","guid":{"rendered":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2013\/03\/04\/emerging-threats-include-kinetic-attack-offensive-forensics\/"},"modified":"2021-12-30T11:40:57","modified_gmt":"2021-12-30T11:40:57","slug":"emerging-threats-include-kinetic-attack-offensive-forensics","status":"publish","type":"post","link":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2013\/03\/04\/emerging-threats-include-kinetic-attack-offensive-forensics\/","title":{"rendered":"Emerging threats include kinetic attack, offensive forensics"},"content":{"rendered":"<p>CEO of Counter Hack and SANS instructor Ed Skoudis may have been playful with his Lord of the Rings reference during his 2013 RSA Conference presentation, but the attack techniques that he and Johannes Ullrich, chief research officer at the SANS Internet Storm Center, discussed are anything but a joking matter. During a joint presentation last week, the duo detailed how everything from industrial control systems to SCADA equipment to big financial institutions is vulnerable to society-shaking attacks. He pointed to recent attacks, including Stuxnet, Flame and Shamoon, to show that nation-states and criminal organizations are increasingly looking at hacking via cyberattacks as a way to break physical systems that are vital to the way society functions.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A six-by-eight-foot miniature city, CyberCity features a SCADA-controlled power grid, traffic system, trains, a military base and more, all of which can be hacked and defended in cyberspace similar to a real city.  When asked by an audience member whether any significant vulnerabilities were found in the CyberCity hospital, Skoudis offered a stark reminder of the insecure state of the nation&#8217;s health care infrastructure.<\/p>\n<p>Attackers, whether they are nation-state actors or run-of-the-mill cybercriminals, are increasingly trying to hide their trails by purposefully inserting code that mimics other attackers.<\/p>\n<p>Or sophisticated malicious hackers may purposefully insert what may be considered rudimentary mistakes into their malcode just so forensics experts won&#8217;t think to attribute an attack to them.<\/p>\n<p>Now, Skoudis said, attackers are able to target the exact data they want through the use of forensics tools, with the added benefit that it reduces the noise in the network so they&#8217;re less likely to be noticed. &#8220;Offensive forensics is taking forensics techniques, analyzing in-depth file systems and memory and combing through it, looking for the needle in the haystack,&#8221; he said. <\/p>\n<p>The ultimate point driven home by Skoudis and Ullrich was that defending industrial control systems and financial institutions should be an absolute priority, though the track record of the security industry doesn&#8217;t provide much comfort for those concerned about these matters.<\/p>\n<p>Link: http:\/\/searchsecurity.techtarget.com\/news\/2240178966\/Emerging-threats-include-kinetic-attack-offensive-forensics-RSA-2013?utm_medium=EM&#038;asrc=EM_ERU_20845656&#038;utm_campaign=20130305_ERU%20Transmission%20for%2003\/05\/2013%20(UserUniverse:%20635547)_myka-reports@techtarget.com&#038;utm_source=ERU&#038;src=5111753<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11],"tags":[],"class_list":["post-2266","post","type-post","status-publish","format-standard","hentry","category-trends"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2266","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=2266"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2266\/revisions"}],"predecessor-version":[{"id":4753,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2266\/revisions\/4753"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=2266"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=2266"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=2266"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}