How FUD Defends Against APT

Thursday, March 08, 2012

J. Oquendo


Cyberterrorists are setting the stage for the next Pearl Harborgeddon.

In an exclusive sit down with a well known security expert, we will take a look at how the calamity could be avoided from these evil, malicious, psychopathic, apathetic hackers.  

Our expert chose solely to be identified as "John" citing the fact that he is not authorized to speak for anyone but himself. We have vetted his credentials and can assure you the reader he is the real deal. We have no reason to lie and nothing to gain. staff: What are we really looking at John?  

John: We are looking at a magnificent attack in the next couple of months even days even hours. We are talking complete annihilation. staff: Can you elaborate a little more for our readers?  

John: Decades ago, we placed computers in the environment of our critical infrastructure. These are the infrastructures that are responsible for the things we take for granted. Water, power, cable television, mobile communications, toasters. When we did this, we never engineered security into the equation.

Right now we are scrambling faster than a Denny's employee to mitigate the risk, assess the potential outcome. We are constantly tweaking our ROI and ROSI charts. These charts are telling us something. They are telling us that we are not spending enough. They are telling us that hackers are getting more advanced, they are more persistent and are ever threatening. We like to call this APT if you will. An Advanced Persistent Threat. staff: I have heard that term overused. So you're telling me pie charts are what is influencing your decisions?  

John: Negative. Alongside the pie charts, we correlate real world information that is aggregated from the blogosphere and twitter. We use this aggregated data to formulate strategically oriented, mission critical whitepapers illustrating the need to deploy protections. staff: Do you mean sales forecasts or product whitepapers? I don't follow.  

John: You need to understand a lot of statistics and probability in order to digest the magnitude of it all. Let's assume you have 10 employees. One of those 10 employees is not going to be a rocket scientist. Therefore he is your risk and he is also your liability. Using this numerical aggregate we can illustrate the following:  

A * E * 24 * 365 = R  

Where A equals an attacker, E equals this non-rocket scientist employee, 24 hours a day, 365 days of the year. Imagine if your SIEM logged 100 attacks in a one day time span. We could thus state for the example company:  

100 * 1 * 24 * 365 = 876,000 is your risk level for this one employee.

What we are trying to do is set a baseline, where all companies fall under the 20 score for risk. It is a tough job, but we have the technology and capability to secure your infrastructure. We call this Secure Correlation and Advanced Mapping, or SCAM. staff: Sounds far fetched and it appears that the numbers can be skewed so far out of control you can say my Lhasa Apso is attacking you. Something to the tune of: "If you don't buy this product, you will perish."  

John: Neither myself nor any security vendor in this marketspace would ever do such a thing. The stakes are too high. We are trying to get those in authority to make the right decisions surrounding cyberwarfare. This is not about dollars and sense. This is about Cybergeddon.  

We use our proven mathematical calculations and we merely present this unbiased dire scenarios to those in government with the power to push for change. Would we mind if those in power purchased our software, not at all. We don't promote FUD however. staff: Can you tell me more about this attack you theorize?  

John: Indeed. Let us assume that there are four power companies in each state. We then have 200 objectives in which attackers will be obtaining actionable intelligence against. If each business hired 100 individuals, we can deduce that a mere 5 percent would qualify for IQs to that of say a Quantum Physicist. Our math:  

A * 95 * 24 * 365 = 832,200 (risk)  

These companies are operating at no less than a risk level of 832,200 if there were only one attacker. However the reality is, half of China is actively trying to compromise our networks. This does not include other rogue states such as Iran. We factor the risk to be in the high trillions for every company in the United States right now. The attackers are out there, and there are not enough rocket scientists to minimize the risk. staff: So what do we do to defend ourselves?  

John: Well the answer is not a simple one. We can either disconnect every single ethernet cord in every single power plant, or we can defend against the threat. In the essence of full disclosure, my company developed a Fortified Unified Defense application. staff: FUD?  

John: Ironically yes. FUD differs in the sense that it actually works when deployed properly. staff: And without FUD?  

John: I try not to think of the world not using FUD. The catastrophe! Well there you have it. An attack, coming soon, with only one way out. Buy FUD.  


Cross-posted from Infiltrated

Possibly Related Articles:
Information Security
SCADA APT Attacks Advanced Persistent Threats Infrastructure hackers Cyber Warfare FUD Network Security Monitoring Cyberterrorism
Post Rating I Like this!
Lucian Andrei Nice interview! Almost real :)

You should go to Hollywood :), or ... join the FUDs and provide them more realistic scenarios.
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.