Intelligent Machines

The Attacker's Advantage

  • by Erica Naone
  • June 22, 2010
  • Last year, Google was the victim of cyber attacks originating in China that stole software and targeted human-rights activists.

No one is exempt from cyber attack. In January, Google admitted that its systems had been breached and intellectual property stolen; in April, it was revealed that hackers had stolen military documents from India’s government; and stories about the online theft of credit-card numbers and other personal information are constantly streaming in. Why are computer systems so vulnerable?

It comes down to how most software is designed, says Andy Ellis, senior director of information security and chief security architect for Akamai, an Internet infrastructure company based in Cambridge, MA. Companies build systems that often have more functions than users really need. Security is often an afterthought. But if any one of those functions has a mistake in design or implementation, that’s all it takes to give attackers the opening they need.

This story is part of our July/August 2010 Issue
See the rest of the issue
Subscribe

One widely used attack takes advantage of a vulnerability known as a buffer overflow. When information sent to a program over the network exceeds the space that the programmer has set aside for incoming data, the excess is stored in other parts of the computer’s memory. Forcing this to happen can change the system’s behavior, even inducing it to execute malicious code.

Attackers also trick users into installing malicious software–for example, by using deceptive e-mail messages containing links to bogus websites. And sometimes the attacks come from within: experts say that internal security policies are often lax or poorly implemented, giving people ample opportunity to steal from or sabotage their employers.

There have been some glimmers of hope. Many programs now install security updates automatically, without requiring user intervention. Antivirus companies have developed ways to recognize the characteristic behavior patterns of malware so that the system can respond more quickly to new breeds of infection. Cloud security providers have begun offering Web application firewalls, which filter Internet traffic before it’s allowed to enter a victim’s data center (see “Threats Create Opportunities”).

However, many organizations don’t keep abreast of these improvements. Applications for functions such as payroll are often custom-built and can’t easily be upgraded to run on modern systems. ­Jeremiah Grossman, founder and chief technology officer of ­WhiteHat Security, a website risk management company based in Santa Clara, CA, estimates that up to a third of the Web is currently running on systems with known vulnerabilities.

Grossman says researchers are seeking creative solutions, such as systems that wrap outdated software in a protected layer or make it possible to do business safely on infected machines. But as long as new software is written, new vulnerabilities will keep surfacing.

Tech Obsessive?
Become an Insider to get the story behind the story — and before anyone else.

Subscribe today

Uh oh–you've read all of your free articles for this month.

Insider Premium
$179.95/yr US PRICE

More from Intelligent Machines

Artificial intelligence and robots are transforming how we work and live.

Want more award-winning journalism? Subscribe to Insider Basic.
  • Insider Basic {! insider.prices.basic !}*

    {! insider.display.menuOptionsLabel !}

    Six issues of our award winning magazine and daily delivery of The Download, our newsletter of what’s important in technology and innovation.

    See details+

    What's Included

    Bimonthly home delivery and unlimited 24/7 access to MIT Technology Review’s website.

    The Download. Our daily newsletter of what's important in technology and innovation.

/
You've read all of your free articles this month. This is your last free article this month. You've read of free articles this month. or  for unlimited online access.