EFTA01071708.pdf

The Board Room guide to hacking Vincenzo lozzo EFTA01071708 "GETYOURFACTSFIRST,THEN DISTORTTHEMASIOUPIE MARKTWAIN Lifehack Quotes EFTA01071709 Are you compromised? Yes EFTA01071710  Why is everyone compromised? 1 Your network is a replicable monoculture 2. Compromising is a one-way street: You can't "un- compromise" something 3. The internet and your network are a graph of trust: compromising is viral and exponential 4. Your defense is reactive and slow, it must be proactive and fast EFTA01071711  EFTA01071712 bf. I' k ly r • 6 • Or • t et , . • „r ' rs. • Re • IA: • r)xt;•, • 444104Jr: 4  Monoculture • The attacker can download the same software you have and attack it until he finds a way in. • An attacker can replicate an almost-exact copy of your machine and go at it until he finds an "in" • Once the attacker is on a machine he can experiment and explore the trusted neighbors until he finds an "in" EFTA01071713 EFTA01071714  "Un-compromise"-able • A maxim: there's always a deep enough level in a machine that is not defended/defendable • It used to be the kernel, now it's the bios, the firmware, the hardware, the secret co-processor, you name it • You can't "un-compromise" because it's impossible to know what's compromised EFTA01071715 EFTA01071716  Graphs of trust • A lot of security today happens at the "perimeter", once you're in it's game over. This is called "lateral movement" • Implicit trust: we trust somebody else servers to download executables, we trust certificate authorities keys, we trust our partner servers • This means that your threat model is in large part outside of your control EFTA01071717 EFTA01071718  Reactive and slow • Most security tools today work by identifying an attack somewhere else and then try to protect everyone else • This is reactive in nature and ineffective: most attacks stay latent for a very long time • Even with almost-real time detection, the attacker needs to beat you at the race just once EFTA01071719 EFTA01071720  The recursive guide to compromise anything 1. Compromise a machine (exploit, social engineering, backdoor, physical access) 2. The maxim: there's always a deep enough level in a machine that is not defended/defendable. Go there and stay put 3. For every node in the graph that trusts your machine, go to 1 and be fast EFTA01071721 Digital immune system EFTA01071722  Digital immune system • We have the technology to build 80% of the digital immune system • We need network effects and board-level decisions to make the remaining 20% true • This will not solve computer security but it will leap it ahead by a lot EFTA01071723 EFTA01071724 "Shape-shifting" software • No two copies of the same app, (kernel, firmware, etc etc) should behave the same way at the micro level • Code should adapt to its users/owners, detect and log anomalous behavior on a distributed ledger EFTA01071725  "Accountability breeds response- ability." -Stephen Covey QuoteAddicts EFTA01071726  Code Signing • Every piece of code that is executed on a machine should be signed by a trusted entity • We can't trust a single company/machine: create a distributed ledger of valid signatures for every piece of code EFTA01071727 EFTA01071728 Self-destructing machines • Every machine should have a "known-good" state to revert to • Every time a machine is thought to be compromised it should be destroyed immediately and reverted back to the "known-good" state EFTA01071729 EFTA01071730 Adaptive network structure • The trusting neighbors of a machine must be able to shut down communication with the allegedly compromised machine • The trusting neighbors should be able to adapt their network topology to use a mirror copy of the compromised machine EFTA01071731 4 EFTA01071732  The Al future • In the future a lot of offensive security will be Al/ML- driven • In the future security will be much faster and much more complicated • We can't have proper defense against that without these building blocks EFTA01071733 CAA EFTA01071734