Researchers: Computer Model Predicts When Hackers Will Strike
Robert Axelrod, professor of political science and public policy at Michigan Ford School, has devised a computer model that can predict the best time when a hacker will strike.
Indeed, the task of the model is to “identify the perfect moment for an attack – knowing a particular weakness could be discovered and patched at any time.”
The writers of the study explain: “The world’s economy and international security have come to depend upon a secure Internet. International rivalries and conflicts have already provided challenges to Internet security in the form of espionage, sabotage, and denial of service. New vulnerabilities in computer systems are constantly being discovered. When an individual, group, or nation has access to means of exploiting such vulnerabilities in a rival’s computer systems, it faces a decision of whether to exploit its capacity immediately or wait for a more propitious time.”
Based on specific factors, Axelrod believes that he and Ruman Illiev have deciphered a new tool that can pinpoint when a cyberattack is likely to happen.
This concept revolves around considering strategy with a focus on nuclear weapons.
By comparing “ability of a resource to exploit vulnerability in a computer system but remain undiscovered if it is used, and persistence, the ability of vulnerability to remain undiscovered if it is not used” the keys to cyberattacks are stealth and persistence.
Axelrod’s team stated: “The question of timing is analogous to the question of when to use a double agent to mislead the enemy, where it may be worth waiting for an important event but waiting too long may mean the double agent has been discovered by the target and becomes useless.”
Considering the value of the target and the willingness of the hacker to obtain it at all costs, researchers can discover the “discount rate” which determines that the weapon should be used as soon as possible.
Using cyberattacks as weapons, researchers deduced that stealth is a valuable trait and is shown to be highly effective.
An inherent flaw of the computer model is that it assumes the hacker is a “rational actor” and that cyberattacks are purposed with providing one side with more leverage.
Axelrod commented : “It took 15 years in the nuclear world for people to understand the implications of nuclear technology. It is our hope that it won’t take that long to understand the strategic capabilities of cyber technology. We also hope this will encourage other efforts to study these things in a rigorous way. There’s a lot of discussion about cyber problems, but it’s so new that the language isn’t established. People use the word attack to mean anything from stealing a credit card number to sabotage of an industrial system.”
Researchers used the example of Stuxnet in their theorems.
In 2008, President Obama ordered the continuation of cyber-attacks against Iran . The target was Iran’s nuclear enrichment facilities.
These cyber-attacks originated during the Bush presidency, under the code name “Olympic Games” (OG).
This information accidently escaped the programming in 2010, which lead to its leak into the public. OG was then released onto the internet after causing havoc at Iran’s Natanz plant.
OG, which was created by the US and Israel, has been renamed Stuxnet.
OG was renamed once again by Kaspersky Labs, hired by the UN to investigate the worm.
Flame was first thought to be super-secret software written in video game language.
Flame’s capabilities, such as remote control of PC microphones, compromises to data collection, makes it the perfect infiltrator for Iran’s most sensitive digital information.
The Obama administration’s use of Flame caused Iran’s nuclear plant digital infrastructure to crash.