Re: [PLUG] The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies

[Rich Freeman <r-plug@thefreemanclan.net>]

On Thu, Oct 4, 2018 at 5:17 PM Steve Litt <slitt@troubleshooters.com> wrote:
>
> On Thu, 4 Oct 2018 14:15:47 -0400
> "K.S. Bhaskar" <ksbhaskar@gmail.com> wrote:
>
> > Because of the wide variety of operating systems (even wide variety of
> > Windows flavors), it would be pretty hard for such a chip to reliably
> > make changes.
>
> OK, it's pretty hard. But even if it were extremely hard, the
> Chinese government is funding it at a high priority. I'd say putting a
> man on the moon and building the first fission and fusion bombs were
> extremely hard, but they were funded at a priority.
>

Writing worms/etc isn't anywhere near as hard as landing on the moon.
It just tends to not get THAT much investment because using them is
generally a crime, so it isn't that profitable when done by random
individuals, or even to some degree by organized criminals.

State-sanctioned attacks are an entirely different matter.  You can
hire programmers that literally work full time on developing attacks.
They can specialize on various aspects of the project.  They get
vacation time and they can go home to be with their families, and
never have to worry about somebody kicking in the door at night.
We're talking about cube farms full of hackers.  One guy can be
checking the USB subsystem for zero-days, and maybe they have 10 years
of experience working on device drivers.  Another guy can be refining
the command and control software.  A 24x7 operations team can be
monitoring rooted devices in the field that just had an OS reinstall
to make sure that a full set of rootkits get re-deployed.  Somebody is
working on an equivalent of Chef for malware to ensure that there are
always 10 different backdoors available and that as the OS is updated
the rootkits get updated as well.  Then you have analytics teams who
do nothing but dig through data extracted from compromised teams to
look for ways to exploit it.  If they manage to hack into a power
plant they can get an expert on-site who understands how the power
grid works who can help them exploit further systems or cause max
damage if they want to create a mess.

I believe the Snowden stuff revealed that the NSA is sticking worms in
places like hard drive firmware.

All you need to have this stuff is a nice career path for the
developers who will work on it.

-- 
Rich
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug