Connect with us

Hi, what are you looking for?

Economy

“This attack is very important”: The entire Internet has been hacked

“This attack is very important”: The entire Internet has been hacked

Only IT specialists realize how dangerous it is that the platform of the Internet, the World Wide Web (www), and its many different elements are maintained not by a huge and powerful organization, but by enthusiastic volunteer IT specialists. Economist in the relevant alarm situation report In his article.

A situation has emerged that is both instructive and worrying at the same time
Image: Pixabay

A few weeks ago, on March 12, was www's 35th birthday. On this occasion, the program developer, Sir Tim Berners-Lee He gave his invention a not entirely positive quality. He said of his godchild that he had become a “pervert.” It does more harm than good. And in the past three and a half decades, it has become home to giant platforms and their omniscient algorithms that shift people's behavior in a destructive, anti-social direction – Quoted The specialist is Time magazine.

This may be the biggest drawback of the World Wide Web, but the fact is that people live part of their personal lives through it, and the global financial system is vulnerable to the World Wide Web. Besides, who knows what secret information it will contain. A cybersecurity case has highlighted the risks involved in amateur maintenance of underlying software on the World Wide Web.

Suitable for a spy story

Microsoft engineer Anders Freund published a detective story at the end of March, and the starting point was a small discovery. He noticed that the so-called SSH system, which is responsible for ensuring that devices can communicate with each other securely over the World Wide Web, has recently become 500 milliseconds slower than expected.

See also  Economy: The new mall skyscraper is flooded, and water is collected in inflatable children's pools

During further investigation, it was found that a malware had integrated itself into a program called XZ Utils, which is an important part of the Linux operating system. This operating system runs on a large number of publicly available Internet servers. These machines serve, for example, major financial and government services. The malware served as a so-called master key so attackers could use it to steal encrypted data or install additional malware — that is, malicious applications — on the network.

Here comes the role of crime stories that draw attention to the weakness of regime control. XZ Utils is open source software, which simply means that anyone can access and change its code. This is usually handled by professionals who know the software well. One of them, Lacey Cullen, a software development engineer, realized in 2022 that the amount of freelancing he had devoted to this had completely sapped his energy. Mentally tired.

The mysterious turning point has come

So he was happy that a colleague who called himself Jia Tan, who set up his own online account a year ago, offered to help. For two years, the person, who could be a woman, a man or a team representative, provided helpful assistance in hundreds of cases, gaining Colin's trust. Then in February, it smuggled malware into XZ units.

An independent cybersecurity expert known by the pseudonym The Grugq, who is followed by many professionals, said the attack was very significant. It is a highly hidden and specially installed security backdoor. They may have wanted to hide his identity too much, and this may have caused the SSH process to slow down and ultimately kill the malware.

Jia Tan's endless patience and the fact that there were a number of netizens encouraging Colin to hand over the baton to him suggests that this was a sophisticatedly planned and executed operation. Large, technically well-equipped secret services are capable of doing this, according to analysis by The Grugq.

Who are the suspects?

It is possible that Russia's foreign intelligence service SVR hacked into the SolarWins Orion network management software in 2019-2020, gaining access to the US government's internal IT network. Analysts Rhea Carty and Simon Henniger reported that Jia Tan tried to hide the time zone he was working in, but it was believed to be two to three hours ahead of Greenwich Mean Time (GMT) and did not work on weekdays in Eastern Europe. However, this theory still needs to be verified.

See also  Paid Facebook and Instagram are coming, and we'll show you how much that will cost

Experts agree that this is the most ambitious “supply chain attack” in recent memory, targeting not a computer or computers, but rather back-end software and hardware that could have been used to launch a variety of actions. In defense of the open source code – which ultimately made the attack possible – IT experts claim that Freund discovered the procedure thanks to this. This made it possible to eliminate the malware.

Skeptics are not so calm. Freund admits that he realized the problem thanks to a coincidence of several factors. Others point out that he was the only one to report the attack. No one noticed. That's why they think Freund deserves countless free beer invitations.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Top News

In a harrowing incident that has shaken the community of Lewiston, Maine, a series of shootings on Wednesday evening resulted in a tragic loss...

Top News

President Joe Biden’s abrupt departure from a speech on the U.S. economy at the White House on Monday sent a ripple of speculation and...

World

Chinese scientists have discovered a little-known type of ore containing a rare earth metal highly sought after for its superconducting properties. The ore, called...

Tech

A dangerous application appeared in the Apple App Store disguised as a known program. 24.hu reported the Based on TechCrunch article. Dangerous app in...

Copyright © 2024 Campus Lately.