Cyber warfare

Phlashing Attack Can Damage Systems Beyond Repair

It has long been an “everybody knows” that viruses and other malware cannot physically damage hardware. We’ve all seen those alarming emails that say, “…the virus destroys Sector Zero, thus permanently destroying the hard disk,” a statement we know is rubbish; at worst, the disk is rendered incapable of booting an OS, but the drive is still operable and the data recoverable. Seems that now, however, an HP researcher has found a way to exploit security vulnerabilities to create a permanent DOS (PDOS) attack by thrashing embedded hardware. From The Register:

The cyber-assault thrashes systems by abusing firmware update mechanisms. If successful, the so-called phlashing attack would force victims to replace systems.

The attack was demonstrated by Rich Smith, head of research for offensive technologies and threats at HP Systems Security Lab, at the EUSecWest security conference in London on Wednesday [21 May 2008]. Smith told Dark Reading that such a “permanent denial of service” attack could be carried out remotely over the internet.

The attack would be carried out by exploiting flaws in remote management interfaces to gain access to the system and then flashing or fuzzing the firmware binaries to render the hardware useless. One such remote management interface is HP’s Integrated Lights Out (ILO) which is embedded in their ProLiant servers; however, Doug Hascall, an HP manager in charge of ILO firmware, believes the security architecture of the interface makes it invulnerable to the attack.

Security watchers, myself included, don’t see crackers destroying systems since there would be no money in it; rather, this attack could make it possible for them to plant malware inside of the firmware: a far more insidious threat. Moreover, a country’s enemies could use the technique as an effective cyberwarfare weapon either to take out critical infrastructure or to implant spyware to gather military intelligence.

Uncle Sam Wants You–to Become a Cyberspace Warrior

A while back, I wrote an article entitled “Will You Be Used As a Weapon Against Your Own Country?” The flip side of that is being used as a weapon for your own country. It seems the United States Air Force is looking for a few good cyber warriors. From The Register:

In a document [PDF here] released this week, the US Air Force is laying out plans for a new cyber command, which is scheduled to become operational in October [2008]. It tries to make the case that the ability to wage war and parry attacks over electronic networks is crucial to maintaining national security.

The document does a good job of making the case:

Mastery of cyberspace is essential to America’s national security. Controlling cyberspace is the prerequisite to effective operations across all strategic and operational domains—securing freedom from attack and freedom to attack.

You have to bear in mind how the Air Force defines cyberspace:

Cyberspace encompasses the electromagnetic spectrum with its distinctive physical properties and those of the man-made electronic systems created to operate across the domain.

This would encompass the entire radio spectrum as well as well as”wired” cyberspace. The Internet, of course, also relies on wireless technology. And much of military command and control relies on radio communications, so the concept makes sense. Communications must be maintained at all costs. This involves mastering many electronic technologies and even, perhaps, physical signaling methods for use in the event an electromagnetic bomb disrupts electronic transmissions.

The Air Force Cyber Command is certainly no place for the technologically challenged, but for those of us who love and understand technology, it could be a great career.

Geek warriors: now that’s one for the books.