Professional Documents
Culture Documents
IA Presentare 03 2019
IA Presentare 03 2019
CYBERSECURITY (1)
• Scouting:
• Technological scouting:
• Looking for sloppy administrator’s work (open ports, default passwords, etc);
• Looking for known [to the attacker] vulnerabilities;
• Social scouting:
• Learning about the friends, colleagues, business partners;
• Learning about hobbies, work procedures, memberships in professional associations, etc
• Delivery:
• Evade detection before delivery;
• Ensure the malware is executed after delivery;
• Exploitation;
• Persistence;
• Defense evasion.
• Sabotage;
• Exfiltration;
• Ransomware;
• Delete malware;
• Delete logs;
• Patch the exploited vulnerability;
• Shut down the Command and Control center;
• Plant other malware;
• Replace logs.
(C) MIHAIL CAZACU 2019
ROOT CAUSES FOR THE EXISTENCE OF
CYBERATTACKS
• “There cannot be a set of axioms which is both complete and consistent, nor can the
system’s consistency be proved using the system’s axioms” (Gödel’s first and second
incompleteness theorems, 1931)
• This means we cannot design a system of non-contradictory rules which would cover all the
possible cases;
• “There cannot be determined by knowing the description of an arbitrary computer
program and by knowing an arbitrary input if the program receiving that input
would halt” (Turing’s Halting Problem, 1936)
• This means we cannot be sure we can establish all the things a program might do just by
analyzing its code.
(C) MIHAIL CAZACU 2019