Cyber Attacks in a CyberSecurity Emergency

Disclaimer: This content is the result of my having survived several emergencies of varying effect sizes. Most of these ideas are rules of thumb, and not canned answers. As in any emergency your best outcome will be if you keep calm, consider many options, and flow from plan to backup plan as required.



Rumor has it that there are many script tool-kits that contain multiple attacks that a hacker can use to attack a target. I presume that political entities might design their own tool-kits, train their agents, and roll out an attack with hundreds of agents on the ground. There might even by cyber-mercenaries for hire who will work for any political entity, if paid enough.

Municipalities or regions with high tourism might be particularly vulnerable. On the other hand, regions with high tourism also have a strong local infrastructure of locals who know & trust each other, share a distinct culture, and know how to solve problems without involving tourists.

I have seen many cyber attacks, and will write about the ones that I have operational theories about. These attacks are organized by attack vector and specific to a particular emergency. (Keep in mind that each cyber emergency will likely involve distinct attacks.)

Disclaimer: please remember that these are the hypothesized attacks observed from user experience with no knowledge of the source code for the attack. These descriptions could be heterogeneous, in that there could be more than one attack that uses a similar attack vector.

  1. Wireless attack(s)

  2. DNS attack(s)

  3. USB attack(s)

  4. Browser attack(s)

  5. PDF attack(s)

Main Vulnerability

The main vulnerability that is exploited by the attackers is the attempt to standardize security procedures. The more standardized the computer configurations in a region are, the easier it is to attack many machines at once.

Effective attacks exploit standardization. Effective responses remove standardization and pursue independent work-arounds. When we decouple the responses, use multiple work-arounds, and independently establish security protocols, we reduce the attacks effectiveness.

We must all be involved in improving security. We cannot depend on standardized responses. For every rule-of-thumb, there are very good reasons to violate the rule-of-thumb. So, the security for each sub-net and each machine should be independent and be based on the particular vulnerabilities that entity or individual is exposed to.


Homework

  1. When you ask IT for help, try to learn a little more about your computer and it's configuration. Try to make your computer's configuration different from the standard in some important way.
  2. Shut off wireless in your apartment or home, to see if your health or stress levels improve.
  3. Consider using your cell phone less, to see if your health or stress levels improve.
  4. Communicate with trusted friends in an open, electronic-free way.
  5. Document your IT difficulties, even if there is nobody on hand to help immediately.
  6. Compare your IT difficulties with a neighbor or friend. If your computeres are slightly more secure in some way, then volunteer that your friend or neighbor might use your resources temporarily. (i.e. if you have a new computer that has an active firewall and hasn't been updated, then let a friend borrow it for online banking... but do not save the passwords in the machine.)
  7. Do everything you can to build trust, security, and confidence in realistic ways. Try to refrain from overselling any one solution.


© 2015-2021 Intrepid Net Computing. All rights reserved.