EFTA01071707
EFTA01071708 DataSet-9
EFTA01071735

EFTA01071708.pdf

DataSet-9 27 pages 657 words document
P17 V15 D6 P21 V16
Open PDF directly ↗ View extracted text
👁 1 💬 0
📄 Extracted Text (657 words)
The Board Room guide to hacking Vincenzo lozzo EFTA01071708 "GETYOURFACTSFIRST,THEN DISTORTTHEMASIOUPIE MARKTWAIN Lifehack Quotes EFTA01071709 Are you compromised? Yes EFTA01071710 Why is everyone compromised? 1 Your network is a replicable monoculture 2. Compromising is a one-way street: You can't "un- compromise" something 3. The internet and your network are a graph of trust: compromising is viral and exponential 4. Your defense is reactive and slow, it must be proactive and fast EFTA01071711 EFTA01071712 bf. I' k ly r • 6 • Or • t et , . • „r ' rs. • Re • IA: • r)xt;•, • 444104Jr: 4 Monoculture • The attacker can download the same software you have and attack it until he finds a way in. • An attacker can replicate an almost-exact copy of your machine and go at it until he finds an "in" • Once the attacker is on a machine he can experiment and explore the trusted neighbors until he finds an "in" EFTA01071713 EFTA01071714 "Un-compromise"-able • A maxim: there's always a deep enough level in a machine that is not defended/defendable • It used to be the kernel, now it's the bios, the firmware, the hardware, the secret co-processor, you name it • You can't "un-compromise" because it's impossible to know what's compromised EFTA01071715 EFTA01071716 Graphs of trust • A lot of security today happens at the "perimeter", once you're in it's game over. This is called "lateral movement" • Implicit trust: we trust somebody else servers to download executables, we trust certificate authorities keys, we trust our partner servers • This means that your threat model is in large part outside of your control EFTA01071717 EFTA01071718 Reactive and slow • Most security tools today work by identifying an attack somewhere else and then try to protect everyone else • This is reactive in nature and ineffective: most attacks stay latent for a very long time • Even with almost-real time detection, the attacker needs to beat you at the race just once EFTA01071719 EFTA01071720 The recursive guide to compromise anything 1. Compromise a machine (exploit, social engineering, backdoor, physical access) 2. The maxim: there's always a deep enough level in a machine that is not defended/defendable. Go there and stay put 3. For every node in the graph that trusts your machine, go to 1 and be fast EFTA01071721 Digital immune system EFTA01071722 Digital immune system • We have the technology to build 80% of the digital immune system • We need network effects and board-level decisions to make the remaining 20% true • This will not solve computer security but it will leap it ahead by a lot EFTA01071723 EFTA01071724 "Shape-shifting" software • No two copies of the same app, (kernel, firmware, etc etc) should behave the same way at the micro level • Code should adapt to its users/owners, detect and log anomalous behavior on a distributed ledger EFTA01071725 "Accountability breeds response- ability." -Stephen Covey QuoteAddicts EFTA01071726 Code Signing • Every piece of code that is executed on a machine should be signed by a trusted entity • We can't trust a single company/machine: create a distributed ledger of valid signatures for every piece of code EFTA01071727 EFTA01071728 Self-destructing machines • Every machine should have a "known-good" state to revert to • Every time a machine is thought to be compromised it should be destroyed immediately and reverted back to the "known-good" state EFTA01071729 EFTA01071730 Adaptive network structure • The trusting neighbors of a machine must be able to shut down communication with the allegedly compromised machine • The trusting neighbors should be able to adapt their network topology to use a mirror copy of the compromised machine EFTA01071731 4 EFTA01071732 The Al future • In the future a lot of offensive security will be Al/ML- driven • In the future security will be much faster and much more complicated • We can't have proper defense against that without these building blocks EFTA01071733 CAA EFTA01071734
ℹ️ Document Details
SHA-256
e682f36b3cf05d577c85f04613a6bb014436f61af9906bcae05ce55ca878540b
Bates Number
EFTA01071708
Dataset
DataSet-9
Document Type
document
Pages
27

Comments 0

Loading comments…
Link copied!