Information Security
Essay by Nsession • September 22, 2013 • Essay • 455 Words (2 Pages) • 1,781 Views
Wk2 Information Security Article Evaluation
Courtney Gardner
CMGT 441
8-19, 2013
Alexander Pons
Wk1 Information Security Article Evaluation
The fact that our lives are now lived in cyberspace, it would seem the best way to track someone would be to monitor their devices. Most will try and combat this by using anti-tracking methods. Being watched by the government is a fear most people share in out digital age, what is you didn't know or if you did what if you couldn't stop it? Well that threat is very real and very much a possibility. The threat of hardware backdoors discussed in the Rakshasa: The hardware backdoor that China could embed in every computer article exposes the methods that can be and are probably currently in use in some form or another.
The article discusses the possibility of a firmware level backdoor that can be introduced into a target system long before it even hits shelves, but it can also be contracted from someone gaining access to a system. These backdoors are lethal for three main reasons; they can't be removed by conventional means such as using antivirus, or by formatting the drive in question; they can circumvent other types of security such as passwords and even bypass encrypted file systems; and finally they can be injected at the time of manufacturing. The firmware backdoor was demonstrated in the Black Hat conference by Jonathan Brossard, and this backdoor is a persistent and very hard for detection to work on it due to the fact it is written using open source tools. This backdoor can give its user deniability in the event it is found, which can gives it an extra enticing appeal for wrong doers. The back door consists of three non-malicious layers, iPXE, SeaBIOS and COREBOOT. Once infected with Rakshasa, the target it uses the Coreboot layer to re-flash the BIOS with a SeaBIOS and iPXE bootkit. The bootkit lays dormant, plus if you add the factor in the use of legitimate tools, malware software won't flag it.
As part of the attack malware is fetched from the web using untraceable links if possible say from an attacker outside or HTTPS from the web. This all can happen by someone gaining brief access
...
...