Just blogging a quick post after caming back from Root3d CON in Madrid. This year I have to congratulate speakers again. They shared another year interesting ideas and good technical hacks. I would say this CON speaks loud and clear about the global security scene and the industry around it too. Congrats guys!
Related to technical work I would like to highlight some hot topics covered in talks such as banking attacks, loading malware in Domain Name Servers (DNS), subverting domotic facilities, cracking industrial embedded devices or bouncing along IP videos and on-line weather stations across the globe.
As you see, it was all about technical moments although meeting Nico Waisman was an enjoyable moment too ;)
I am happy to see how he and his colleagues in Immunity built one sustainable business model around professional bug exploitation and exploit creation. If you don’t know about them, Nico’s company is responsible of an automated exploitation system called CANVAS. It contains hundred of creative and interesting pieces of code abusing, subverting and taking control of buggy software.
This exploitation system, together with an exploit development framework, is used by penetration testers and security professionals regularly. Last time I had a look in this software (years ago!) it had only one exploit pack (one kind of add-on which consists of more modules targeting unpatched vulnerabilities). Now, their exploitation system include several professional extensions offering specialized exploits in 0-day, SCADA, VOIP, IBM Database, webservers, OSX, mobile phone OS, etc.
Watching CANVAS in action you guess as any computer user is able to run automated and massive attacks easily, and how this kind of tools become offensive weapons truly.
Original studies, techniques and research in this exploitation field were really interesting and productive at the end of the 90′s. Nico and I talked about this stuff changing the things really and how this community effort improved overall OS security.
Along those years it supposed technical modifications with focus on IT security but it supposed a shift in the mind of a lot of system administrators and persons in charge of securing and hardening IT assets.
One decade later offensive IT security tools are available. Some of them are professional tools and services while another kind of tooling is sold in underground markets too. Anyway, two things become true.
- In absence of conflict we have a global, profitable and consolidated security industry feeded by 0-days continuous.
- In presence of conflict we have a potential and global battlefield where some people talk about real cyberwarfare as a politically motivated hacking to conduct sabotage and espionage among parties.
It is meaningful reading as The Economist describe cyberspace as the “the fifth domain of warfare” or William J. Lynn states that “as a doctrinal matter, the Pentagon has formally recognized cyberspace as a new domain in warfare ... [which] has become just as critical to military operations as land, sea, air, and space”.
I guess knowing about automatic and easy-to-use offensive tools change the perspective a lot.