Analysis Cyber Warfare - A peek into the future

Defc0n

Well-Known member
Sep 8, 2019
738
757
India
I have been thinking about the world we live in. We are connected, always! What happens on one side of earth, the other side knows in an instant.
What makes this possible? Well, connectivity. In terms of advancement, it has done wonders for human well being. However, at the same time we have opened ourself a brand new front which can be exploited to bring our life to a stand still.
In this thread, I will analyse the potential threats that a 21st century digitally powered country are susceptible to!

In order to analyse, we need to understand what a "Point of Failure" (PoF) is -
example - [Node A] ---> [Node B] ---> [Node C] ---> ............ ----> [Node N], in this linear network (hypothetical), notice that, disabling one node, say, [Node B] will bring down all the nodes to the right of Node B. This was a very simplistic overview.
In real life, things are not this simple.

Now lets list out our daily activities where we depend on the the Internet (network of networks) -

1) Booking a cab (Ola, Uber, ...)
2) Ordering food (Swiggy, Zomato, ...)
3) Ordering merch/gadgets/groceries/Medicines (Amazon, Flipkart, ...)
4) Finding route (Google Maps, Apple Maps, ...)
5) Banking & ePayments.
6) Home Cameras for monitoring Children/Elderly
7) Trading
8) Communication (Mails, Messages, Calls)
9) Autonomous Cabs (in some places)
10) IoT - Internet Of Things (Controlling various
11) Jobs, Business
and many many more.

At the heart of all things listed above is Internet & associated hardware & software.

Types of Attacks -

1) Denial Of Service (DoS)
2) Data theft & misuse
3) Identity impersonation
4) Data misrepresentation

Now the most important & interesting part - we will pick a two (for now) targets and see the effect of each of time attacks (if applicable on the target) on us as we depend on them daily -

1) Cab services -

Dependencies - Simplistic view​
a) Mobile networks ( from cab driver's point of view )​
b) Maps & GeoLocation.​
c) Payment gateways​

Type of attack(s) -​
1) DoS -​
An attacker blocks off all the mobile & web cab booking service by bombarding it with service requests - lot more than it can handle​
Effects -​
Availability of the cabs takes a hit to an extent where no one, imagine in a country of size of India, no one can book a cab.​
Imagine the chaos. Sudden influx of people who otherwise would have used cabs, now needs to depend on public transport.​
On a busy day (office day), this can lead to a huge chaos in Cities where a good count of people use cabs either for self or to car pool.​
This is a rough statistics of usage of the Uber app in India & other countries -​
In India, there were reportedly over 5 million weekly active riders as of August 2017.​
Uber statistics from the official newsroom indicate that over Uber’s 10 years of operation, 10 billion trips have been completed worldwide (July 2018). This figure is climbing rapidly, with 14 million Uber trips completed each day. Indeed, the five billion mark had been reached as recently as June 2017.​
So it becomes pretty easy to understand the extent of the damage this will cause.​
2) Data misrepresentation -​
An attacker shows wrong information on the map i.e. the traffic information, route information, are wrong.​
Effects -​
As a driver, you have no clue if there is a traffic jam on a particular route. You trust the map, but if that is compromised, then what do you do?​
Imagine the amount of blockage and road accidents this can cause.​
This (not exactly this) but, similar thing was demonstrated by a guy who falsely made GMaps think that there was a traffic jam on a particular route.​
Read more about that here.​
You have no idea, if a road is closed for any reason. Unsuspecting users will land in a huge mess thanks to this.​
As a person who uses maps, think about it yourself & you can understand the extent of damage it can do.​
So, we were able to identify multiple PoFs here -​
1) The servers & software (if compromised by ZeroDays) of the cab company.​
2) The servers & software of the Map provider.​
3) The location sensor of the handheld device - yes that too can be fooled.​


2) Online banking -

Dependencies -​
1) Internet​
2) Payment Services​
Types of attacks -​
1) DoS - Same as explained above.​
Effects - Movement of money will become very difficult. Paying & getting paid will become a serious problem. That will also have effects on jobs.​
2) Identity Impersonation & Data theft & misuse -​
You are being spied on - Yes, through your phone/computer & your online credentials are stolen and/or Large scale phishing attempts.​
Effects - If such an attack is landed successfully at a large scale, imagine the chaos it will create from the bank's perspective.​
Imagine the amount of monetary loss that happen.​
Also, the amount of stress we will go through if some one drains your accounts.​
Smart Phones - Our best friend :

You will notice that almost all of the activities mentioned above, we usually do them in our mobile now a days. So if by now you have started thinking that our mobile is the biggest SINGLE POINT OF FAILURE for us, you are most likely not wrong. What happens if our mobiles are attacked on a large scale?
But wait, how is that possible ? Is it at all possible?

Well - it has not yet happened, but I don't see it as something that is impossible.
Remember the attack on Iranian nuclear facility using StuxNet?
Yeah, good! coz for that, a digital certificate had to be stolen from Microsoft for use in the malware! (Refer the documentary with the same name).
So what does Microsoft make that we use every day.. Yeah right, that!! So why is it not possible to happen with Google/Apple? They make the OS which is used by almost all phones on planet earth today, right?

Secondly, who guarantees that the hardwares we get are not compromised in the first place? No one!
So yeah, I can understand if by now you have started to picture a Hollywood movie in your mind, but trust me, realistically IT IS POSSIBLE!

Also, ZeroDays are real, they exist and the very bad ones, they don't become public unless they are exploited by an attacker - ex. Eternal Blue, google that & yeah, you will not be amazed one bit when you find the name of the software where that vulnerability existed ;)

You might wonder why suddenly people have become wary of the likes of TikTok etc.
The reason is simple - when a 'state actor' declares a cyber war, its resources are not limited like that of an individual or organisation.
I keep referring to StuxNet as that was a software which had caused physical damage and also death due to the accident (IIRC).

I will end this post here - but if you guys want more detailed explanations of stuff, feel free to ask & I will add it to the main post.

I have never written anything this long in my life, so really sorry if you find it dull or boring or even absurd.

Regards.