The-Accountant-Sep-Oct-2017-Final

Information Technology
completing its objectives before its target
even knew an attack was imminent. Upon
seeing it for the first time, German security
professional Ralph Langer realized that,
“It went beyond our worst fears, our worst
nightmares.”
Stuxnet left no concrete signature
denoting who created it, but its authors
are now largely assumed to be the United
States and Israel, who co-wrote the
malware via the NSA (the US’s National
Security Agency), the CIA (the US’s
Central Intelligence Agency), Israel’s
“Unit 8200,” and the seven-year-old,
NSA-overseen United States Cyber
Command (USCYBERCOM). The
purpose of releasing Stuxnet into the
server controlling the centrifuges was
to hinder Iran’s nuclear enrichment
program, instead of having the
Israelis launch a more traditional
air assault on Natanz that, U.S.
officials feared, would draw
the US and Israel into all-out
war. This was all done in secret,
and still largely remains secret,
thanks to the fact that domestic
cyber warfare operations are
masked behind an impenetrable
wall of “classified” designations and
attendant “I don’t know, and if I did,
we would not talk about it anyway”
denials.
The film “Zero Days” may sound
like a compelling recitation of alreadyknown
facts; that is what it is; a number
of people credit the creation of Stuxnet
to the bodies mentioned above, including
a former Cyber Command official, whose
identity remains anonymous on-screen,
and who verifies that, yes, America and
Israel were behind Stuxnet, and that in
fact it was only the point of the spear, as a
more wide-ranging virus known as “Nitro
Zeus” was concurrently developed in case
Israel and Iran ever went to war. Though
it was shelved by President Obama’s 2015
nuclear deal with Iran, “Nitro Zeus” was
an agent of apocalyptic cyber-destruction
that would disable the country’s air
defenses, power grid, traffic, health and
communication infrastructures.
In November 2015, a joint investigation
by the United Kingdom’s National Crime
Agency (NCA) and the information
security firm Trend Micro led to two arrests
in connection with a “crypting” website.
The two people from Essex operating the
“crypting” website offered services to help
criminals overcome antivirus software
and disguise malware. “Crypting” services
typically test malware against all antivirus
tools to see how many of them detect
the code as malicious; the service then
runs some custom encryption routines to
obfuscate the malware so that it no longer
resembles any code detected by most
antivirus tools; the process is repeated until
the malware is undetectable by all of the
antivirus tools on the market. A 22-yearold
man and a 22-year-old woman from
Colchester were detained in connection
with the reFUD.me website that provided
a number of free and paid crypting services.
The name of the site relates to its aim of
enabling malware developers to make their
code “FUD”, or “Fully Un-Detectable”.
Statistics on the website claimed that more
than 1.2 million scans had been conducted
from February 2015 to November 2015.
The site services were enabled using
“Cryptex Reborn”, which Trend Micro said
was among the most sophisticated forms
of crypting seen in recent years. Malware
developers could purchase a license to
download and use the product to encrypt
their files – charges ranged from $20 a
month to $90 for lifetime usage.
On Friday, May 12, 2017, a ransom ware
dubbed “WannaCry” claimed hundreds
of thousands of victims in at least 150
countries. It demanded a payment of at
least US$300 to release files and data, or to
recover computer access.
But before we look at “WannaCry”, let us
go back to the world’s first virus, produced
by a mathematician: in 1949 John von
Neumann developed the theoretical base
for self-duplicating automation programs,
but the technical implementation was not
feasible at that time. The term “Computer
Virus” was first used by Professor Leonard
M. Adleman in 1981, while in conversation
with a Mr Fred Cohen. The world’s first
computer virus named “Brain” was coded
by two brothers Basit Farooq Alvi and
Amjad Farooq Alvi, who were from
Lahore, Pakistan. “Brain” was meant to
infect storage media based on MS-DOS
FAT file systems. It was originally designed
to infect the IBM PC, it replaced the boot
sector of its floppy disk with the virus. The
virus program changed the disk label to
“©Brain” and the defected boot sectors
displayed this message: “Welcome
to the Dungeon (c) 1986 Basit &
Amjads (pvt) Ltd”. However, there
was no evil intention behind this:
the Alvi brothers once justified
“Brain” in their interview with
TIME magazine; they created the
virus only to protect their medical
software from piracy. It was their
countermeasure against copyright
infringement acts.
Malware is a generic term which refers
to malicious software designed to harm
a computer which may or may not be
connected to a network.
As is stated earlier, a Worm is a malware
computer program which has the ability to
replicate itself; its objective is to increase
its population and transfer itself to another
computer via the internet or through
storage media. It operates like a spy
involved in a top secret mission, hiding its
movement from the user of the computer.
Two well-known worms are “SQL Blaster”,
which slowed the internet for a period,
and “Code Red” which took down almost
359,000 websites.
A Virus also has the ability to replicate
itself but it damages files on the computer
it attacks: its main weakness lies in the fact
that the virus can go into action only if it
has the support of a host program. Viruses
stick themselves onto songs, videos, and
executable files and travel all over the
internet. Viruses have rather difficult
names: “W32.Sfc!mod”, “ABAP.Rivpas.A”
and the relatively easy “Accept.3773” are
examples of virus programs. There are
File Viruses, Macro Viruses, Master Boot
Record Viruses, Boot Sector Viruses,
Multi-Partite Viruses, Polymorphic
september - october 2017 29