Blog

Cybersecurity Pt 3

By @cryptoracle8/23/2017anarchy

The Five Gateways of Internet Vulnerability

As we discussed in the last lecture, the logical structure of cyberspace is a web-like one that is both a virtue and a vice. It’s a virtue because it allows almost 100 percent accurate communications around the globe instantaneously. But it’s a vice because the logic structure is about the communication of information and data —and only about communication. That focus on rapid, accurate, and effective communication—to the exclusion of other factors, such as security and identity has made cyberspace a dangerous place. In this lecture, we’ll take a closer look at this dangerous place and identify fi ve distinct gateways that create vulnerability for anyone who connects to the cyber network.
Instantaneous Action at a Distance
 The history of human interaction is, essentially, one of increasing distance. Early in human history, such activities as armed confl ict, sales of goods, malicious acts, and espionage required physical proximity. But over time, this necessity for proximity weakened. In warfare, for example, humans moved from using swords to bows and arrows, siege cannons and artillery, airplanes, and intercontinental ballistic missiles.
 The Internet is a quantum leap beyond that in capability. Now, action in the cyber domain occurs at the speed of light and crosses immense distances almost instantaneously. From your desktop, you can access a website in Japan, read a South American newspaper, or make reservations at a restaurant in Paris.
 But what is easy for you from your home computer is equally easy for any malicious actor in the world who wants access to a computer, say, in America. Whether the object is warfare, terrorism, espionage, or crime, it is no longer necessary for malevolent actors to be anywhere near the venue of their actions.
The Asymmetries of Cyberspace
 One of the unique features of the Internet is that the manipulation of bits and bytes does not require the development of a sophisticated industrial base, nor does it require a substantial fi nancial investment. In other words, the barriers to entry into the cyber domain are incredibly low.
 Further, the structure of the Internet is such that, at least today, offense is much more effective than defense. As everyone knows, it’s almost impossible to avoid a virus infection on your computer. Firewalls and intrusion detection systems are only so effective.
 That means that a small group of actors in cyberspace can have an incredibly large effect. A handful of intelligent hackers can compete in cyberspace against the most powerful nations in the world. The group known as Anonymous, for example, has taken down the CIA website and stolen internal e-mails from sophisticated security companies.
 Another example of this asymmetry can be found in the e-mail almost everyone has received from a Nigerian scammer, offering millions of dollars as a windfall if the recipient would only front a small transaction fee. Given that almost everyone recognizes such scams as frauds, why do they continue?
 The answer lies in the asymmetric nature of the Internet. Sending out 1 million scam letters is almost costless. Even if only one person in a million responds to the scam request, the disparity between the costs involved and the potential benefi ts to be gained from a successful scam make it highly profi table for the scammers to continue.
 This asymmetry in cyberspace is a radical development. In the past, fraud required signifi cant opportunity costs—an investment of time, money, and energy by the con man. When a large investment is required, the actors want a relatively high degree of confi dence that they will be successful. But on the Internet, fraudulent actors can spend literally pennies with a realistic hope of reaping a financial reward.
 Another way of looking at the problem of asymmetry is through the prism of national security.
o In the physical world, a country’s power is judged by its force
of arms. Few other countries can even come close to wielding the same nuclear power as the United States, for example. But the asymmetry of information power on the Internet changes that dynamic.
o Such countries as North Korea and Iran are perfectly capable of challenging and perhaps even dominating America in cyberspace. The limits lie not in a nation’s industrial base or the size of its economy but solely in the intellectual capabilities of its citizens.
Anonymity in Cyberspace
 Another disturbing fact about cyberspace is that we are sometimes not sure of the identities of our opponents.
o The Internet was not designed to require identifi cation. As initially conceived, its only function was to transmitinformation across great distances rapidly. a time when there were only four nodes on the Internet, and everybody who used it knew one another.
o Today, there are more than 2 billion nodes on the net, representing nearly a third of the world’s population. It’s incredibly easy to hide in that large a network.
 At the same time, the idea of anonymity on the Internet has become part of our culture. Many users, particularly in the younger generation, feel as though the freedom of the Internet is inherent to its development. In reality, that freedom is part of the architecture of the Internet and could be changed. Yet anonymity on the Internet has become a strong cultural norm, and it would be politically problematic to change the architecture of the system. The phenomenon of anonymity has also given rise to deliberately anonymous actors on the Internet. In addition to hackers operating collectively, criminal networks take advantage of the power of anonymity, operating almost with impunity around the globe.
o One reason identity thieves are almost impossible to deter is that their own identities are almost impossible to discover.
o Here again, the contrast with the physical world is remarkable. The requirement of physical proximity to commit a crime means that there are many opportunities to discover the perpetrator’s identity—fi ngerprints, license-plate numbers, and so on. This is not true on the Internet.
 The lack of identifi cation—what’s called the problem of attribution—is one of the foundational diffi culties of the network. Not only does it create the difficulty of defending yourself from unknown attackers, but it also raises a barrier to effective cooperative action with people or entities that you might actually want to work with, such as your bank.
 Identifi cation isn’t absolutely impossible to achieve, but it can be extremely diffi cult. In one case of cyber spying known as GhostNet, it took more than a year of exceedingly diffi cult forensic work to identify the source of intrusion.
 Anonymity has an inherently contradictory nature. The Internet offers a potentially dangerous kind of anonymity, but as we’ll see in a future lecture, the footprints that the ordinary user leaves are indelible, and errors in judgment about what one views

***If an anonymous individual or group were to disrupt the New York Stock Exchange from cyberspace, it might take a year or more to identify the perpetrators.*** or posts can follow one forever. Bad actors are much harder to identify and track than innocent users. **Lack of Borders**  There are no border checkpoints on the Internet. The many packets of data in even a simple e-mail message cross multiple borders, but there is no easy way to control that fl ow of information.  This is a deeply disorienting phenomenon. We’re used to a world in which a sovereign nation can control its own border traffi c, but that’s almost impossible on the Internet. This lack of control is threatening to the entire structure of the international community.  Since the Peace of Westphalia in 1648, sovereign nations have been defined by their ability to control territory and the transit of people and goods across that territory. Now, ideas and information flow across boundaries almost without limit, disrupting settled expectations and threatening the status quo.  As a result, sovereign countries are desperately trying to re-create borders in the Internet domain, and any success they may have is only the result of limits in the architecture of the network. o China has developed a fairly strong set of controls over Internet traffic to and from the mainland. But those controls rely on the fact that there are only three major undersea cable arrival points for Internet traffic to the Chinese mainland. o Likewise, island nations, such as Australia and New Zealand, have limited connectivity to the broader network and are more readily able to control traffi c to and from their citizens than, say, France or Germany. o In contrast, the United States has almost innumerable connections with the global network. In effect, every computer in America is a border-crossing checkpoint, but one that’s outside the control of the government. **The Difficulty of Distinction**  The uniformity of 1s and 0s in the logic layer of the Internet is what makes the magic of cyberspace information transmission possible, but all the 1s and 0s look the same. Different types of activities in the logic layer are diffi cult to distinguish. We can’t tell what any given piece of computer code will do just by looking at it.  The code that does harm in a piece of malware is called the payload. This is the executable portion of the program that tells an intrusion what to do. o Once inside a computer, a program can steal, change, or destroy data; order the computer to send out spam; or, as we saw with Stuxnet, cause physical damage to a system it controls. But it’s virtually impossible to tell in advance whether a particular piece of code is an innocent e-mail communication or a fullscale cyber attack. o Particular pieces of malware have unique signatures that allow us to distinguish them from innocent Internet traffi c, but we usually come to recognize them only after the fi rst attack has occurred. Thus, the initial attack will almost always get through. The only alternative is to treat all Internet traffi c as malicious, and that’s too diffi cult and intrusive to carry out. **Nightmare Scenario** Here is the nightmare that plagues America’s planners: Someday, we will discover malicious code in the systems of the West Coast electric grid. We won’t know who put the code there, and we won’t be sure of what the code is supposed to do.  The attack will be at a distance, asymmetric, and anonymous. It will ignore borders, and it will lack distinction. Those are the fi ve fundamentals of vulnerability on the network.  What’s most frightening of all is that these vulnerabilities are basic to the Internet system we’ve built; they are part of the reason that the Internet has been so successful. That means there is no way to completely eliminate the problem. **Important Terms** firewalls: Computer security systems designed to prevent intrusions. **Suggested Reading** Baker, Skating on Stilts. Bowden, Worm: The First Digital World War. “Cybersecurity Symposium.” Journal of National Security Law & Policy 4, no. 1 (2010). Rosenzweig, Cyber Warfare. **Questions to Consider** 1. Which of these five gateways to vulnerability is the most unsettling to you? Why? 2. If we started over again in building the Internet, what characteristics that are missing would you want built in?
4

comments