Month: June 2021

Can solar power be used to increase our cyber security?

June 24, 2021 /

We have a pretty big problem with our technology power consumption. On average, a server uses between 400 Wh and 900 Wh. By official sources, different vendors sold almost 100 million units for the period between 2010 and 2020. And ten years is the average lifecycle for a server. So, at the moment, we can calculate that to have running just the server part of the Internet, we must generate 50 GWh. And most of this power is coming from traditional power sources, which can be a target of a cyber attack, as we saw from the Colonial Pipe case.

According to another official source, the Internet has around 5 billion daily active users. On average, every user will have at least one personal computer and a smartphone. For every four people, we have one network router. For every twenty users, we will have a network switch provided by their service provider. 

An average consumption per hour for a personal computer is around 200 Wh, for a smartphone is 1 Wh, for network switch and routers are 10 Wh. Now, this makes an additional 1000 GWh + 5 GWh + 100 GWh. Servers, network equipment, and smartphones work 24 hours, and users usually browse around for 6 hours on average, making a total of 9720 GWd or 405 GWh.

So the average consumption of the Internet is around 405 GWh. Just for comparison – one nuclear power plant can produce 1 GWh. So we need the equivalent of 405 nuclear power plants to keep everyone online.

On the diagram, you can see a standard solar-powered security system. The solar panel is sending data to the charge controller, which decides whether to charge the battery or not. The inverter chooses whether to use solar power or the standard grid and finally, the security system is powered.

There are two leading solar solutions for commercial use at the moment. The first option is the standard solar panel. The average production of such solar panels is 320 Wh. To cover the needs of the Internet using only solar panels, we shall need 1.3 billion of these solar panels placed around the World. The second option is solar power towers. The main idea of solar power towers is to establish many digitally controlled mirrors, reflecting its rays into a tower full of salt depending on the Sun location. When the salt is molted, it is combined with water, evaporating to a turbine. The most significant such installation is Ivanpah Solar Power Facility, with a production capacity of 392 MWh. To cover the needs of the Internet, we shall need around 1,000 such structures. 

However, to build a solar-based solution, we must consider the following problem: there are only around 12 hours of daylight in most locations. There are two mitigations of this problem – the first is to double the number of installations and make sure they cover the 24 hours interval for everyone by strategical placement. The second is to double the number of structures and install batteries to preserve the generated energy for night use. 

Our first mitigation creates an interesting geopolitical situation with a large number of dependencies. For the second mitigation, let’s calculate how many batteries we need to preserve the energy for night use. 405 GWh multiplied by 12 hours make around 5000 GWn. A standard Tesla Powerwall unit can store 13.5 kWh. We shall need approximately 370 million units to preserve the energy during the night.

In conclusion, solar power can be an exciting alternative to traditional power sources. In terms of cybersecurity, it could make your network and even alarm system not so dependent on power coming from the grid. The standard way of having a backup is to have a petrol-based generator unit. However, you must fill a generator with petrol, which means that the system is not 100% independent. It is essential to know that the solar power alternative can give an extended backup period, but it will come with a higher price, more complex setup, more expensive support, etc. However, it can offer quite a good way of making your security more robust.

Legend:

Wh – Watts per hour

kWh – Kilowatts per hour = 1000 Wh

mWh – Megawatts per hour = 1000000 Wh

GWh – Gigawattas per hour = 1000000000 Wh

GWd – Gigawattas per day

GWn – Gigawattas per night

How much damage can one hacker cause to a team of cyber security specialists?

June 17, 2021 /

Cybersecurity has an asymmetric nature. Usually, hacking groups do not have the resources of their targets, or the targets do not have the proper qualification to defend themselves. Now, let’s discuss the one compelling case of a hacker who managed to DDoS companies such as Microsoft and Sony.

He started hacking at the age of sixteen when he developed a Titanium Stresser program that was enough to carry out around 1.7 million attacks. With this program, he got the websites of Microsoft, Minecraft, TeamSpeak, and Xbox Live and earned £386,000 in US dollars. Along with that, he made some bitcoins by selling hacked programs on the Dark web.

The hacker turned 20 until the proceedings of the court continued. He received an accusation of causing losses to schools and colleges by hijacking their local networks. The initial investigation showed that he was also responsible for personally attacking 594 IP addresses through Distributed Denial of Service (DDOS) between 2013 and 2015.

On the diagram, you can see a standard DDoS attack system architecture. The hacker usually has a control server for orchestrating the whole botnet attack.

Later on, the court revealed that the hacker was not alone in his hacking. His program had around 112,000 registered users in a kind of vDoS service, and they collectively hacked over 660,000 IP addresses. He put some clever schemes for gaining users fast, like inviting a friend. Many of these attacks were based in the United Kingdom. One notorious attack was on Runescape. The owner of the company had to protect the website by spending around six million euros.

During the hearing, the hacker’s lawyer tried to justify his stance by saying that his medical condition (a form of autism) was not mild enough to understand between wrong and right. Additionally, the lawyer pled that the hacker was in the gaming community but was not good enough and wanted to make him higher.

Now, I see it quite interesting how a 16 years old kid managed to invent a vDoS service and make over 112,000 people register to this service to attack different services across the World. It is a beautiful case of how asymmetric is the nature of hacking. Despite his lack of resources, he managed to build a botnet network of over 112 000 machines. And all of this without any hacking activity towards the registered users. Let’s take that the average Internet speed is around 50 megabits. The total capacity of the botnet is about 600 gigabits of bandwidth. And all of this done by one single guy.

In conclusion, we have to be happy there are no more hackers such as this one. Most of the hackers are for the money. However, this boy managed to DDoS companies with millions of dollars for a cybersecurity budget. And all of this just for fun. Imagine what could happen in case most of the criminals have similar to his mind.

Cyber war for Natural Resources

June 10, 2021 /

Cyberwarfare is our new reality. There are many examples where state and non-state actors were involved in hacking government-based organizations. Reasons for these attacks are different, but essentially financial gains and personal vendetta are the two most common. However, we could add one more reason for a cyber attack – an attempt to take leverage. Sometimes these cyber-attacks can sabotage even natural resources. Let us see if we could find any example for it or not.

The GERD case:

One example of cyber warfare for natural resources is the one related to the Grand Ethiopian Renaissance Dam. The dam is a reason for a dispute for a long time. However, at the end of June, a hacker group executed many attacks on the Ethiopian government’s websites. The attacks targeted information technology infrastructure, communications, and websites of public service agencies, security organizations, and other public and private institutions. On June 18, the hacker group announced that they would strike six other websites in response to the Ethiopian government intransigence on the GERD issue. As with every cyberattack origin of the attack is unknown.

On the diagram, you can see a sample diagram of how a squad of cyber soldiers can execute their attack. Now think about what will happen with large-scale operations between different nations.

The Colonial Pipeline case:

Another exciting and relatively soon case is the one with the Colonial pipeline. Ransomware managed to block the entire infrastructure of the company. In response, Colonial Pipeline Company halted all of the pipeline’s operations to contain the attack. Colonial Pipeline paid the requested ransom (75 bitcoins or $4.4 million) within several hours after the attack. The hackers then sent Colonial Pipeline a software application to restore their network, but it operated very slowly. How the attackers reacted is a little bit suspicious because usually, attackers want you to receive your data immediately after you pay. In another case, no one will ever pay them again. And most of the cybercriminals are after the money. The origin of this attack is unknown. 

Florida water systems hack:

A plant operator for the city of about 15,000 on Florida’s west coast saw his cursor being moved around on his computer screen, opening various software functions that control the water being treated. The intruder boosted the level of sodium hydroxide—or lye—in the water supply to 100 times higher than normal.

Sodium hydroxide, the main ingredient in liquid drain cleaners, controls water acidity and removes metals from drinking water in treatment plants. Lye poisoning can cause burns, vomiting, severe pain, and bleeding. After the hacker exited the computer, the operator immediately reduced the sodium hydroxide back to its normal level and then notified his supervisor,

In conclusion, governments must treat their systems similar to what big corporates and organizations do. Critical infrastructure needs proper defenses, and a good security level is not achievable without appropriate resources and budget. With the coming of the Internet, the World is no longer a disconnected place with multiple local communities. Now we live in an era where everyone connects to everyone else up to a couple of milliseconds. And as we can see the cyberspace more and more can affect our real lives.

Are hackers used in guerilla warfare?

June 3, 2021 /

Once the top interest of the state was its national integrity and the protection of its borders, that no more seem like the top priority with the rise of globalization. The world has now turned into a global village, and everyone is interconnected. We no longer base the international policy on the principle of expansionism but more on soft and indirect interventions. Cyber-attacks have become very common these days to steal sensitive data or block a critical infrastructure of any country by targeting its vital computer systems. State governments sponsor part of these cyber-attacks to penetrate rival states. Criminals execute another piece for the sake of financial gains.

State-Sponsored Cyber Soldiers:

Despite having conventional solid militaries, many countries are putting efforts into arranging training programs for cyber soldiers who are getting themselves ready for cyber warfare. They are picking up the best people from network exploitation, malware, or firmware reverse engineering. It is essential to understand that cyber warfare usually has asymmetric nature. A small unit attacks a relatively bigger target in terms of resources. That’s the reason these people receive additional training in guerilla warfare by top military specialists.

On the diagram, you can see how different hacker cells secure themselves during different types of communication. Security during operations and internal group communications is with the highest guarantee.

Everyone is welcome to the party:

Almost every country now has a position regarding cybersecurity. And every country confirms that it has or wants to have highly developed cyber warfare systems. Although most countries are strictly against the use of military cyber systems to access the sensitive data of any other country, they keep on developing their cybersecurity platforms. An analysis of cyber capabilities of one relatively big country from 2009 to 2015 showed seven major cyberattacks origin from it. The hacker group tried to hack everything, starting from simple data theft from technological companies to hacking a Personnel Management office of a government agency.

Unofficial cyber attacks:

Not all cyber attacks are for getting to know the secrets of other nations. Sometimes cyber attacks are used to gain access to critical infrastructure and gain leverage during war actions. Cybersecurity is vital during these wartime operations, keeping in mind that now almost everything is digital and modern armies use more and more information systems to increase their efficiency on the battlefield. 

There are several other examples where unaffiliated groups were involved in violating cyberspace. Most cases even show that the state government is well aware of these groups but does not act against them. These attacks bring betterment for the state, so as long as they benefit the government, it does not interfere in their matters but even shields the hacker groups. If they use their skills to steal money, the money comes to the home state, which is beneficial for state economics. That is why governments often allow such hackings in their territory. 

Many unofficial and unethical cybercriminals are the silent pupils of state-sponsored cyber actors. They learn the tricks from the big boys but use them for other malicious reasons and financial gains. It is essential to understand that these days everyone is a target. Especially having in mind that many states manufacture and use military-grade malware. Later this malware can be recycled by criminals and used versus non-state level organizations or even small and medium businesses. 

Cybersecurity tactics for small teams – Physical Security – part 2

June 1, 2021 /

Please check the previous part – here.

The same concerns as to real estate apply to all vehicle-related threats. Hackers can use your vehicle to track your activities and to decide when to execute an attack towards you. As a final list of perils, I would like to mention the dangers related to garbage. Most people do not consider their garbage as a cybersecurity threat. However, the truth is – this is usually the best source of intel for a given hacker organization. Let me list the different threats your garbage generates, and after that, we can create a simple budget of how to keep your and your devices secure:

  • Paper: Every paper document with personal data, addresses, or buying preferences leads to information leaks, which any hacker group can use to penetrate your defenses. A paper retention policy is a must for every organization these days.
  • Hard Drives: Techniques for data forensics become more and more advanced. Hackers can use these techniques to retrieve data from hard drives and SSD drives found in the garbage. It is better to treat your Hard and SSD drives as paper documents and not resell or throw them away.
  • Mobile Phones: Modern mobile phones are computers. Deleting data from them is pretty tricky. To keep your organization safe, you must treat them similarly to paper documents and hard drives. 
  • Electronic Devices: Every smart device in your home and office is a low-level mini-computer that stores and records data. Hackers can read the storage chips of these devices with proper machinery. They can use the data stored there for malicious activities.
You can see a diagram showing how a small organization or even a freelancer handles their priorities in terms of cybersecurity. Everything starts with the digital garbage and its retention policy.

You can notice that the number of attack vectors to your persona is quite significant. And we are only in the physical security realm, without mentioning any digital space. As promised at the beginning of the article, I shall present a simple list of tools and activities, together with a budget. Using them, you can set up your cyber defenses on a limited budget:

  • Hardware toolkit (100$): This toolkit will give you the availability to disassemble all of your electronic devices and destroy them. If you have better knowledge of electronics, you can cut the power of your laptop microphone and camera. 
  • Paper Shredder (50$): A shredding machine can destroy paper documents, credit cards, and everything which looks like a paper-sized card. Still, cutting through the papers is just a first step, but not enough.
  • Camping Gear (50$): There is no better way of document destruction than burning them. With camping gear, you can go to the woods, have a barbecue, and meanwhile destroy all of your not-needed documents.
  • Safe (500$): Paper is the ultimate data storage. With proper care, it can survive over 100 years or more. Still, you must keep the paper somewhere, and there is no better place than a safe. For this money, you can get a safe the size of a standard desktop drawer unit. It is more than enough to store all of your documents.
  • Home And Vehicle Security Systems (4000$): Still using security systems without a network system can be pretty advantageous for you. An isolated security system can send you SMS messages when an event happens. Sure it is a little bit more expensive, but the only way of disabling such systems is by bringing a Faraday cage.

With a total budget of around 4700$, we achieved a pretty good level of security. Still, a determined attacker can penetrate this setup, but it will take him more time and resources. To break a safe, you should cut through it. And this generates sound. Sound is terrible for attackers, and it can alert neighbors.

In conclusion, just one more piece of advice. When you choose electronic devices (including a car) for your home, please research how smart the device is. The more intelligent it is, the more prone it is to hacking. Devices without Internet access are the best because the chance of hacking is relatively low or nearly zero.

Next part – here.

Photo of my last garbage destruction event. You can see the old paper documents burned.