Cyberwarfare

From Sphere
Jump to navigation Jump to search

Life Feed: PACT/MilNet/USMC/MCCYWAR/RobertGuCyberwarfareSchool/Induction
Speaker: Maj. Kenneth Zaman

The Fiction

You've seen the representations in the shows of an expert runner hacking smartguns in real time, taking over AI vehicles, and other feats. You've heard of the gun ads by Winchester and Kalashnikov that exhort you to buy a completely mechanical weapon for home defense, to ensure that it doesn't crash or get hacked. You've gotten ad after ad to update your network firewall against hacking, as well as your guns, your home environmental system, and anything that could be vaguely dangerous.

That's the media representation of computer hacking nowadays-some sort of pervasive, all-powerful force capable of turning men into gods. Like most things in the media it's done that way because the reality is boring, down to earth, and not dramatic at all. You see...

The Reality

The reality of the matter is, 95% of all hacking requires social engineering and that its effects were incredibly minor. It's a specialist tool that does very little. Let's examine the myths:

Brainhacking: Yeah, it shows up in media, but in reality a cyborg is just about the worst target to hack. The cyborg is generally not networked, requires direct contact, and if you're in direct contact with a cyborg you're trying to hack something that's almost certainly completely aware of your connection attempt and capable of ripping your face off. Even if you manage a connection, cyborgs don't generally have killswitches. That's fictional. You can screw around with his medical records and maybe some non-important programming but that's it. Maybe if the 'borg has active killswitches (generally always removed after rehabilitation therapy) you can shut him or her down, but that's it-and the killswitch activation always sends a "phone-home" signal. This stuff's Read-only, you can't do much about it.

Weapons hacking: This is almost as bad. Sure the smartgun generally has wireless access to allow someone to use it, but that's generally-and even then, the worst you can do is shut down the sights and force someone to use ironsights. One wielded by anyone wearing a mob suit or with the proper implants will have a skinlink and generally not have wireless transmission-which means that 99.9% of the smartguns you see will be unhackable. Worse yet? The links are generally low power, so if you want to hack someone's gun, you'll need to be next to them. This is generally not a good position to be in, when the other guy has a loaded gun.

AI: There is bad, and then there's stupid. Nonsentient AI is generally pretty well defended just by dint of having a good firewall, failsafes, and a lot of processing power backing it. Sentient AI generally writes its own security as if its life depended on it-which, of course, it does, and that security is very, very tight. If it doesn't, it'll almost certainly have bought the top of the line stuff, and probably a few other layers of network security just to be sure. In either case it's not a good idea.

...

So let's examine what it can do and how it's done. Unlike the "randomly hit keys on a virtual keyboard" representation, or the "go into VR and laser defensive programs" representation, 95% of hacking is spy fieldwork. You give someone a load of BS that they end up believing, and they give you a password. Proper training and competent procedure virtually eliminate this line of hacking, but it is still an infinitely useful tool. You know how to schmooze people, you've probably used it dozens of times to get into the pants of someone you like. And that's not what we're covering in the next 15 weeks.

What we're going to cover in the next 15 weeks is the remaining 5%. Exploiting bugs and code wonkiness. We're going to learn how to find the exploits in a system, use them to get in, and then do as much real damage as you can at that point. We're going to teach you how to break a password, how to exploit biometric security, and the reality of this business.

My job is to teach you all of this in 15 weeks when it takes years for a civilian hacker to get proficient. Your job is much simpler-just shut up and learn.

Retrieved from "https://swiki.fancruft.com/index.php?title=Cyberwarfare&oldid=5111"