Tag Archives: cyber security

What happened?

All mainstream media have been flooded with never ending announcements of cyber security breaches for quite some time. All of a sudden, in the last couple of weeks, there are none. Total silence. What happened? Have cyber attacks stopped or have they become so stealthy that no one can detect them? Probably neither.

This sudden silence make me wonder about controllability of the media by political powers. Let us put it on our watch list. This could be a litmus test for mainstream media independence.

Meanwhile, since there is no cybersecurity new to discuss, I’d like to touch upon a very interesting subject of laws and rules of cyberspace.

There are two general categories of law: spatial and societal. Spatial laws are native to the space; objects in a space can discover them, but cannot change them. Newtonian laws of motion are an example of spatial laws in our physical space.

No entity has jurisdiction over entire cyberspace, i.e., there is no overall authority in cyberspace. Furthermore, no entity has jurisdiction even over a subspace such as the Internet or the international postal system. Thus, societal or relative laws cannot effectively exist in cyberspace. This means that any attempt to make a relative law for cyberspace is futile. For instance, suppose country A enacts a law that makes it illegal to communicate with any cyber object in country B. This is hardly an enforceable law. For instance, an object in country B can have a related object in a neutral country C. This way, this object in country B can communicate with objects in country A through its related object, with a low probability of detection in cyberspace. Thus this law can be enforced in country A with some chance of success through its government’s means in physical space, but not in cyberspace. This means that any attempt to create societal laws relative to objects in cyberspace is essentially futile.

 

VCC -Variable Cyber Coordinates

In my previous posting I mentioned VCC – Variable Cyber Coordinates method of communication. In response to questions from readers the following is a an article on the subject in Wikipedia (April 25, 2014).

Variable Cyber Coordinates (VCC) is a method of network communications by which the cyber coordinates of the participating objects or entities are constantly changing. It provides an algorithmic foundation for the dynamic security of network devices against network-based cyber attacks.

Cyber coordinates are sets of statements that determine the position of an object in cyberspace. For instance, an IP address singularly determines the location of a computer within the Internet. Cyber coordinates enable computers connected to the Internet to “find” each other and to communicate, much in the same way that knowledge of geographic coordinates of a location on Earth enables guidance of an object to travel to that location. Essentially, any communications parameter can be viewed as a cyber coordinate. Other examples of cyber coordinates are computer Port numbers, MAC addressestelephone numbers, file names, radio calls, etc.

With the VCC method of communications cyber coordinates of participating objects or entities are made variable. They are assigned temporary values, often random or pseudorandom. These temporary cyber coordinates are usually encrypted and distributed only to authorized devices. Authorized devices can communicate with each other using the currently valid set of cyber coordinates. Other devices on the network that are not privy to the currently valid set of cyber coordinates, cannot communicate with the authorized devices. However, a determined attacker with sufficient resources, effort and time can identify the currently valid cyber coordinates. To prevent this, the currently valid set of cyber coordinates is periodically changed. The process is repeated at predetermined or random intervals sufficiently frequent to prevent a potential attacker from finding the protected devices and launching a successful attack.

An example of a simplified explanation of the VCC method of communications is illustrated in Fig.1.

Variable Cyber Coordinates
Fig.1

       The black line denotes regular computer communications;
       The red arrow denotes distribution of currently valid variable cyber coordinates.

In this example computer A is assigned an IP address xxx.xxx.xxx.123. Only computers B and C are authorized to communicate with computer A. Thus, computer A’s current IP address xxx.xxx.xxx.123 is sent to B and C only. Since computer D has not been sent A’s IP address, it would be difficult for it to determine A’s IP address. Thus no computer except B and C can communicate with A. The controller assigns cyber coordinates to protected computers and ensures their compatibility with the network administration’s policies and procedures.

To further strengthen computer A’s protection, A’s IP address is at some time changed to xxx.xxx.xxx.234. While not affecting A’s physical location, it moves it to another cyber space location. The new coordinates are sent to B and C, but to no other computer. Then even if computer D has made some progress in identifying A’s cyber coordinates, this progress is instantly obsolete with every new cycle of changing A’s cyber coordinates. Using the VCC methodology enables protected computers to evade cyber attacks even before they are launched.

Real VCC-based systems are much more complex than the example above and involve changes of multiple cyber coordinates for computers based in different networks.

The VCC method of communications was invented by Victor Sheymov and patented in 1999.

Cyber Bombs

Victor Sheymov’s Blog on Cyber Security and Intelligence

An important and often overlooked aspect is that many computers are infected by malware well before this malware is triggered. It means that many of our critical infrastructure computers already contain “cyber bombs” that are waiting to be triggered at the time chosen by the attacker to maximize the damage. This malware is extremely difficult to detect, and on a large scale such detection is a practical impossibility. Furthermore, disconnecting computers from the Internet in most cases would be ineffective, since malware can easily reconnect the computer to the Internet if a proper hardware and a wireless access are present, and they usually are. So we are sitting on multiple bombs embedded in our critical infrastructure at the mercy of multiple unknown attackers.

Thus we are facing a grim reality that we do not fully comprehend, and not much has been done about it so far. Our vulnerability has not improved over the years; indeed, it has deteriorated. The technology of cyber attacks has advanced more than technology of computer security. Let us review how we got into this situation and, more importantly, how to get out of it.

Running out of Time

Victors Sheymov’s Blog on Cyber Security and Intelligence

As a country, we are slowly coming to the realization that we are vulnerable. We are almost subconsciously accustomed to knowing that we are vulnerable to a nuclear attack by a very powerful potential adversary; luckily, there are only two of them on this planet. We are getting used to the realization that we are vulnerable to a possible collapse of the globalized monetary system. But we have yet to realize that we are vulnerable to a cyber attack that could be more damaging than anything except a massive nuclear strike. The most startling fact is that such an attack could be delivered by an individual or a small group with a few thousand dollars and access to nothing more than the Internet. This aspect is politely called “asymmetric warfare,” but in fact it represents the failure of our security technology.

The estimated annual cost of global cyber crimes is $960 billion, but that is just a small part of the threat. Damage to critical infrastructure and major industrial assets can easily surpass that, not to mention the potential of massive loss of life. We are beginning to realize that a cyber attack can literally incapacitate our critical infrastructure. Cyber attacks can explode oil refineries and chemical factories, clog up our streets and make emergency services powerless if they themselves are still available, and leave our houses without heating and air conditioning—or even blown up by the manipulation of gas distribution systems. If this list is not impressive enough, it can be very easily extended. And the reality is that at this time we are not doing much to defend against such attacks.