A Software Engineer’s Analysis of the Ongoing US Security Breaches
June 19, 2015 Leave a comment
Years ago when technology security was hardly an afterthought the idea of who was a “hacker” was envisioned to be a young fellow with glasses, a pocket-protector, a spec’d out computer, a talent for low-level coding, and a dial-up modem.
Back in these days there wasn’t any Internet so we had dial-up to owner-operated bulletin boards, IRMA boards for mainframe access, Telnet to get on to the early Internet when it was actually released for public use (few could use such software for anything more than messaging and of course “hacking”), and what we called the “Local Area Network” for corporate communications between departments and “Wide Area Networks’ for cross-location access capabilities.
It was all quite primitive compared to today’s technologies but it was surprisingly quite adequate for the emerging Information Technology field at the time.
“Wargames” was the movie hit that took the idea of hacking into secure government sites as something that anyone with a modem could do. And during that time the first real major popularized, breach of a secure site occurred out of Rumania, which targeted a US Army Computer Center in Florida by way of an observatory in California.
It was all very “black hat” back then along with a mystique surrounding such people that raised them to the status of “urban legends”.
Things began to slowly change when malicious code was found in what were the header-information sections to compiled DOS applications, initiating the birth of the anti-virus industry. Norton Utilities and McAfee were the first major players in this new “growth market” and many in the field came to believe that it was these companies who were actually creating the market by developing these new viruses.
Such a belief lasted for years…
Not any longer…
Today’s ongoing security breaches are increasingly, sophisticated attacks on nation states performed by highly capable talent that may or may not be funded and supported by other nation states.
We do know that the United States and Israel were involved in the development of the Stuxnet virus, which was unleashed on Iranian nuclear development facilities to their detriment. We also know that such a development found itself into other non-targeted sites and eventually into the security community itself where “hackers” were able to get hold of the code and use it as a springboard for their own endeavors (Duqu 2.0 that has struck Kaspersky Security in Russia).
It appears that such activity has followed a sociological trend in rising tensions among the states of the West towards those of the East, with the US and its republican and neoconservative cheerleaders who are the worst promoters of such tensions forcing a reaction to their subsequent nefarious policies, giving rise to even worse activities through propaganda to demonize the eastern states, while actively targeting their own infrastructures with new technological cyber-weapons.
Not a day goes by where we don’t read about such mischief in the mass media and the alternative press that have been recently reporting on statistics of security breaches that are blamed on China, Russia, a host of other actors. Let’s of course not forget that Israel is a center of high-tech hijinks that can rival the imaginations of any observer anywhere as to their capabilities; all supported by its benefactor, the United States.
The United States and Israel, along with their Gulf-State allies have produced a conflagration in the Mid-East over power, fanaticism, and antiquated fossil-fuel supplies that to their credit, the Millennial Generation everywhere would be more than happy to see ended in preference for more sustainable energy resources
This adversarial political activity has also given rise to a new, nascent “Cold War” with Russia while also creating serious tensions with China, and between China and her neighbor Japan, as the US sends increasing amounts of forces into the South China Sea (see “7 days in May”, http://www.counterpunch.org/2015/06/17/seven-days-in-may/).
It is all rather predictable as to the outcome; as long as none of it goes nuclear, which more than a few analysts on all sides fear.
What does all this have to do with software engineering?
Well, it is the Information Technology profession that is at the center of it all. And if we understand the sociological trends involved you can also understand the technical ones as well.
One of the major talents of quality software engineers and developers everywhere is an innate understanding of patterns and pattern development. We create applications and enterprise systems using patterns, we code using patterns, and we also understand our own technical problems using patterns. Patterns provide a sense of consistency and starting points for all that we do.
If we are developing code that accesses a database and the code cannot connect to any given database we automatically can make judgements as to what is at issue through the use trouble-shooting successes against similar issues we have had in the past. All because such issues, for the most part, fall into a set pattern of failure that is easily remedies by simple corrections to the code, the application connection parameters, the database or some combination of all three.
Over time, for senior engineers and developers the resolution of such issues, become almost second-hand due to patterns in our acquired knowledge. Sometimes such issues are outside our knowledge of what can go wrong with such development and are more exceptions to the rule than not; such a faulty router that is providing intermittent access.
Anything to do with technology these days can be understood through some semblance of the patterns that arise. However, something is definitely amiss with the recent spate of security breaches in the past several years that do not seem to follow an expected pattern.
For example, if we were to begin with Target Corporation breach only a short while back and combine it with the ongoing security breaches that have been continuing since one would have to conclude that a huge amount of people have been seriously affected as to their personal and private information as well as their identities used for daily transactional purposes.
In the past few weeks alone, the confidential information of millions of US government employees has been compromised. Some estimates between the two breaches place the number of people at close to 14 million.
The recent “man in the middle” attack on Samsung’s Galaxy Phones puts the number at around 600 million world-wide.
The earlier attacks at Anthem Health Care put a total number of effected customers at around 1.2 million.
No one knows how many people were affected by the recent attack at Amazon.com. However, the numbers in general are staggering.
Considering that in all such events it has been reported that confidential information was possibly compromised this also means that increasingly numbers of people in the United States and elsewhere are having their confidential information transferred into the hands of unknown actors who may or may not be parties of the nation states currently being demonized by the United States.
Whether they are or not, these attacks along with many others have affected literally millions of people.
And yet…; and yet, where is the reporting on the expected consequences? We could attribute such attacks to the same “urban legends” that emerged in the early days of such exploits; that the original perpetrators were the companies creating the anti-virus software. In the current case, this would be the new security companies offering identity protection such as Life-Lock, Clear-Id and others. However, the scale of such attacks would require the development of extraordinary resources to be both villain and savior in such circumstances.
Still, with so many people affected we have nothing to demonstrate the ill-effects of such security breaches, which should be on an increasingly wide scale. In short, millions of people should be reporting identity-theft issues, compromised financial resource issues such as fraudulent credit-card usage, monetary losses, and the like.
But we hear nothing. For example, in the aftermath of the crash of 2008, which affected millions of people as well we heard nothing but non-stop reporting on mortgage defaults and wealth loss as the results. However, when we should be hearing about some level of similar results as it regards identity and financial problems for many there has been seemingly silence on the matter.
In other words, these security breaches appear to have elicited very little terms in the effects on the average citizen or everyone would know of someone somewhere that has been affected in such a manner.
We could then conclude possibly that such attacks have very little interest in the average person.
Now let’s turn to both Russia and China. If one were to review the reporting on US and some EU governments that are promoting tensions with these countries one would see that such governments have little understanding of the opponents they are attempting to create. If they did, such attacks would include such a widespread sense of hubris along with them that tends to disdain such societies.
Russia is quite iron-willed while China is very quiet comparatively speaking with all the denigration that has been directed at both of them.
Both Russia and China are modernizing at a rate that is beginning to strike fear into both NATO and the US Pentagon establishment and recent reporting documents these rising concerns. Neither Russia nor China want a direct confrontation with the West but both countries want to pursue their own economic interests as rising powers; something the US and some EU countries want to deny them.
Neither Russia nor China is interested in becoming international hegemons outside of their own regions; at least not now.
So how would one remain “under the radar”, weaken what are frighteningly dangerous opponents, as the US seems to be always foaming at the mouth like a mad-dog with England right behind her?
To avoid a major confrontation but with the knowledge that one could occur given the present trends (as many analysts are frightened of), one would have to compromise the opponent (US & others) without starting a shooting war.
Given such circumstances then analysis would have to lead one to possibly conclude that if many people are not being affected by such serious security breaches, which are being claimed to have stolen huge amounts of valuable, personal information, then the attackers are after something else. And this has actually been suggested in some reporting.
The US National Security Agency, England’s GCHQ, Israel’s Mossad, Saudi Arabian Secret Services, and the remaining US 5-Eyes participants are all scavenging the Earth for vital information on people, much of which many in the US believe is to be used against political and economic opponents. This is all in the realm of the world of spies.
However, the world of spies usually at some point must acquire something workable to affect a strategy that would weaken or gain an advantage over those they are spying on.
One last note until the final conclusion; the citizenry in the United States is slowly becoming apoplectic on the growing rise of inequality in this country. In one poll it was suggested that maybe of upwards of 75% of the nation would be more than happy to see the current US political infrastructure collapse. Whether this is accurate or not there is nonetheless a rising anger among working Americans that is beginning to fray the fabric of the nation’s sociology.
Thus, it would make sense that Russia and China would be looking for their own form of “regime change” in the United States that would not affect the overall US economy as doing so would bring down the rest of the world like a row of dominoes.
“Conspiracy Theory” maybe but where is the reporting to demonstrate otherwise? Someone out there is looking for something and right now it is not obvious that it is money…