“That is the obvious point of attack,” Andrew Mellinger, a senior software developer in the Emerging Technology Center of the Software Engineering Institute at Carnegie Mellon University, said in a podcast. Unfortunately, that creates a new vulnerability point. This requires some sort of middleware that knows where everything is. The problem with applying MTD is keeping track of constantly shifting resources. “We’re going to hide those XP systems from the rest of the network so no one can see them,” said CrytponiteNXT CEO Michael Simon, according to SiliconANGLE. Despite the well-known vulnerabilities of that operating system and the fact that Microsoft ceased supporting it more than three years ago, the company’s hands are tied because Windows XP is tightly bound into the embedded software. The difficulty of keeping sensors and embedded equipment up to date with the latest security patches is a major challenge for the burgeoning IoT field.įor example, one of CryptoniteNXT’s customers is a manufacturer that runs 400 Windows XP-based embedded systems. This is particularly appealing in the area of smartphones, which come in a wide assortment of configurations, and Internet of Things (IoT) devices. One of the benefits of a moving target defense is that it works regardless of whether the latest patches and updates have been applied to the underlying system. This method is effective in stopping zero-day attacks and has almost no impact on performance. The solution constantly shifts code sections so that it’s impossible for an attacker to obtain an absolute address. IBM Research - Haifa is applying a similar technique to program code to prevent return-oriented programming (ROP) attacks in which an attacker borrows small pieces of code from a compromised program to inject malicious instructions. Similarly, Morphisec offers an endpoint solution that changes the operating environment of a program each time it loads so memory locations are unpredictable. Any small chunks of data an attacker might access are effectively worthless. It fragments and encrypts data and then moves it around the designated infrastructure, even shifting between on-premises and cloud services. Fraudsters may be able to discover a printer or PC, for example, but when they go back to compromise it, the address will have changed.Īnother startup, CryptoMove, applies the MTD approach to data. This zero-trust approach isolates attackers so they can’t compromise other devices on the network. Its hardware device sits between the distribution and core switches on a network and constantly shifts the IP addresses of connected devices so that they can’t be seen by network peers. Ideally, MTD is designed into a system from scratch, but a number of innovative companies are bringing the concept to more traditional static infrastructure. It’s a variation of the classic shell game, but with a lot more shells. Department of Homeland Security, MTD aims to make it more difficult for attackers to do their dirty work by constantly shifting the environment. Originally conceived in the military and spurred on by work at the U.S. Moving target defense (MTD) is an increasingly popular method to combat these lurking intruders. This is the primary tactic that fuels virulent forms of malware. Over time, they can permeate the network and remain undetected for months while siphoning away data. ![]() Once intruders identify those other clients, they can launch attacks that exploit known or unpatched vulnerabilities. Because the internet was never designed to be secure, TCP queries can yield all kinds of information about other connected devices, including the operating systems they run. ![]() The Transmission Control Protocol (TCP)/IP protocol can be surprisingly generous in this respect. ![]() When intruders breach a corporate network and embed themselves into the operating system of a single client endpoint, they can use information obtained there to spread out. Unfortunately, that also makes it a playground for attackers.Ī moving target is harder to hit than a static one, but most organizations opt for stability. So do their security teams, which is why IT infrastructure at most companies is static, predictable and manageable.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |