Archive | Infection RSS feed for this section

The second “attack” – a no hold barred for Iran?

Iran says it has been targeted by a second computer virus.

Iran has been targeted by a second computer virus in a “cyber war” waged by its enemies, its commander of civil defense said on Monday. Gholamreza Jalali told the semi-official Mehr news agency that the new virus, called “Stars,” was being investigated by experts.

“Fortunately, our young experts have been able to discover this virus and the Stars virus is now in the laboratory for more investigations,” Jalali was quoted as saying. He did not specify the target of Stars or its intended impact.

“The particular characteristics of the Stars virus have been discovered,” Jalali said. “The virus is congruous and harmonious with the (computer) system and in the initial phase it does minor damage and might be mistaken for some executive files of government organisations.”

While it is interesting to figure out  what “congruous and harmonious with the system” actually means, even more interesting is what kind of mischief someone in this position can conjure up and blame it on “clear and present danger to critical national infrastructure”. Many believe that Iran was successfully targeted by the Stuxnet worm.  Given this history, how many would fault Iran if it decides to “hunt down” machines/entities that are helping spread this new virus against it? Will such a strategy be acceptable by the world at large? Would the US or China or for that matter India be able to use similar logic to implement an active defense strategy? How can the international community verify Iran’s claims?

Important question with no clear answers. What do you think?

Comments { 2 }

Biomimicry on its “side”

The scientific community has forever looked at nature for inspiration and as a treasure trove of solutions for vexing problems.Words like “bio-inspired”, biomimetics, biomimicry and bionics have been coined and used to describe this fascination. In the area of information security, the most obvious link is the parallels we draw between securing a system and the human immune system. In fact, Robert Helms Anderson et.al. states in the RAND monograph report “Securing the U.S. Defense Information Infrastructure“:

It turned out to be virtually impossible for us to find examples of information infrastructure protection that had no analog in biology.

Now, what happens if we turn the analogy on its side (I hold off saying “head”)? What if we start drawing inspiration from the way we counter attacks in the cyberspace and use that in the process of countering biological miscreants? This is the line that Ray Kurzweil is taking.

If we sat back and hoped no one put out a destructive software virus, the Internet wouldn’t last very long. We have a system between all the security protocols and the antivirus software and cybersecurity companies where we’re constantly scouting for new threats. When one’s found, it’s reverse engineered, partly with human intelligence and partly witih computer intelligence, an antidote is coded, and it’s distributed virally, getting the patches to the antiviral programs. The whole system gets more sophisticated in parallel with the predators, the viruses.

(…)

We need a system for biological viruses that can do the same thing. And we’re working on putting one into place.(…)

Today we have some techniques to deal with this like rapid sequencing. We can sequence a virus in a day, while HIV took us five years. We can create an RNA-interference medication or a antigen-based vaccine very quickly. It can be tested in-silico if the FDA accepts that sort of testing. There are these ideas that could go into a rapid response system. It would never be finished. The risks would get more and more sophisticated. But thats’ the approach.

Talk to anyone involved in virus research and they would be the first to admit that reactive solutions like signature based detection of viruses and malware will always be a cat and mouse game and the “bad guys” will always be one step ahead of the good ones. However, as Kurzweil states, they work, at least for now, and have been instrumental in leveling the battlefield.

It should also come as no surprise that Mr. Kurzweil is putting this out there. As a futurist, transhumanist and a believer in singularity, it would only be surprising if he did not come with technology-inspired ways to streamline biological processes.

Comments { 4 }

Rise of infection in Indian cyberspace

The recent Symatec report on Internet Security Threats for 2009 showed a marked increase in malicious activities originating from Indian cyberspace. Overall, India ranked 5th in the list of nations contributing to various malicious activity, up from the 2008 rank of 11! It ranked 2nd in the malicious code list and 3rd in spam zombie list.

As stated in the report, one of the (obvious ) reasons for this surge is

Malicious activity tends to increase in countries experiencing rapid growth in broadband infrastructure and connectivity, and the level of malicious activity occurring in India has been  increasing steadily over several reporting periods as its broadband infrastructure and user base grows.

and the associated prediction unsurprisingly is

These countries may continue to account for larger percentages within specific categories because their relatively new and growing internet infrastructures could be exposed to increasing levels of malicious activity until security protocols and measures mature enough to counter these activities.

But that is generalising it to a abstraction level that loses much actionable points. Most malicious activity originate from infected machines in the network and the obvious reasons why so many infected machines tend to be in India are:

  • non-use of anti-virus software: even free anti-virus software are not installed on a lot of machines and even if they are, regular updates are not performed. Reasons range from ignorance to apathy.
  • non-patched machines: regular updates that are issued against operating systems and software running in it are ignored for reasons like ignorance, lack of bandwidth needed to download the patches and the (misplaced) fear of updating pirated software.
  • wide spread use of infected pirated software: a majority of software installed on Indian machines tend to be of dubious nature, often illegal pirated copies peddled in the street (as much as 68% in 2008, according to the Sixth Annual BSA-IDC Global Software Piracy Study released in May 2009 by the Business Software Alliance (BSA). Installation of pirated versions of popular software often led to the installation of other malicious code into the system.

The widespread use of Windows OS and other Microsoft products could be one of the underlying cause from a monoculture view point but within Indian context it is more of economics than anything else. With pirated software available for a fraction of the price of the genuine original and the actual cost of pirate software hidden from view, a lot of consumers  end up choosing pirated version over the genuine.

This is as good a case as any to adopt a policy change to migrate from non-free software to free software, not just within the government but also among individuals. Free software does not equate to a bug-free software, far from it, but at the least the piracy and associated infections can be decreased. It goes without saying that this should go hand in hand with educational initiatives to make the public understand the dangers of computer infection.

Comments { 1 }