By Richard Moulds
For some of us the RSA conference seems like a long time ago but amid all of the hype, some interesting points stood out. One particular session that jumps to mind was a keynote by the SANS Institute with the irresistible title of “The Seven Most Dangerous New Attack Techniques.”
Not surprisingly the Internet of Things (IoT) and ransomware were high on their list. Ransomware is already one of the most successful forms of attack, the modern equivalent of paying protection money to the mob. Attackers love it because it’s easy and effective. They don’t have the hassle (and risk) of actually having to steal anything and even better, most victims (apparently two-thirds) quietly pay up. What’s even more appealing is that bitcoin is the preferred method of payment which keeps everything wonderfully anonymous, not to mention safe. No bags of cash changing hands in the dead of night.
The SANS list of predictions gets interesting when they take the logical next step and conflate the two threats: ransomware applied to the IoT. It’s probably safe to assume that the one-third of current ransomware victims that don’t pay up are the ones that had the foresight or good fortune to keep a spare copy of their data safe, a copy that would remain unlocked.
I’m sure these folks quite rightly feel like they dodged a bullet. But they might not be so lucky when ransomware hits their IoT. People don’t keep a spare car just in case they can’t start their regular car in the morning, or maintain a spare building in case the elevators stop working, or build a spare power grid, implant a spare pace-maker – you get the picture. Keeping backups of ‘things’ is much more expensive than keeping backups of data. I think SANS called it right; ransomware in the IoT is likely to be a big deal.
Another of their “seven deadly attacks” is weak random number generators, a subject close to my heart. Johannes Ullrich explained the concern that if computers can’t generate random numbers that are truly random then how can they be trusted to make good keys for crypto? If your keys start to become predictable, even only a little bit predictable, then your crypto becomes weaker and your data easier to steal.
Like ransomware, an attack using weakened random numbers is potentially very attractive. In this case it’s attractive because weak random numbers are essentially undetectable. A computer with a weak random number generator is indistinguishable from one with a true random number generator. This means that an attack on random numbers is no smash and grab; it’s an attack that keeps on giving – the perfect backdoor.
A weakness with random number generation is already scary enough on computers, but just like with ransomware the threat gets dramatically amplified in the context of the IoT. It you think that sounds far-fetched, check out my post from last month when it turned out Siemens building controllers were spotted using the same keys for their SSL connections due to low randomness. (http://whitewoodsecurity.com/weak-encryption-keys-iot/).
OK, now for the irony. Have you ever wondered where the ransomware attackers get their random numbers?
The whole premise of ransomware is that it’s infeasible to crack the attacker’s encryption. The only way to get your data back is to pay. But if you can guess their key you can dodge their fee (sorry, I couldn’t resist the alliteration). Ransomware is an interesting example of where both the good guys and the bad guys are using the same tools, in this case crypto. The algorithms are not the issue, it’s the keys that count. The question is, who pays the most attention to making sure their keys are truly random, us or them? I’ve got a sneaking suspicion it might not be us.
If you want to read more about the SANS seven deadly threats this ZDNet article is a good start.