Surprises can be great (think surprise fiver in last winter’s coat), and they can also be absolutely awful (think surprise pie in the face)! As anyone who’s ever thrown a pie in someone’s face knows, (or, er, so we hear…) timing is everything. And, when it comes to bad surprises – especially inside the wonderful world web – pre-empting the attack can help defenders reclaim the upper hand.
James Clapper, the director of US National Security, said cybersecurity is “first among threats facing America today,” which is the case for many other countries too, especially as it’s a particularly stealthy means of attack. But, two researchers have now, ‘mathematically formalized a strategy of computer hacking, potentially enabling anyone—governments, activist hackers, cybermafia—to determine the optimal timing of attacks.’ By extension then, so could victims.
Scientist Robert Axelrod and psychologist Rumen Iliev at The University of Michigan, created the model as a re-working of Axelrod’s original 1979 paper on cyber-attacks, ‘The Rational Timing of Surprise’. The original paper suggested how surprise can be turned to the advantage of the attacked. One example they used was from the Second World War: after discovering German spies in their midst, British troops allowed them to continue to gather information for years, feeding them false information leading up to D-Day and then decimating their defences. The new paper goes on to compare the findings to more recent events, such as the Stuxnet attack against the Iran’s nuclear efforts, which appeared to be at almost perfect timing.
They built the model on four variables:
Cyber-weapons which exploit a specific vulnerability.
Stealth of the weapon measures the likelihood of discovery.
Persistence of the weapon determines any flaws in the attackers own method, including how successful the weapon is likely to be and therefore if it can be used again.
Threshold defines the time when the stakes are high enough to risk the use of a weapon. After the threshold you will gain more than you will lose.
Whilst they acknowledge that this model could help cybercrims – which would be awkward to say the least – it’s also valuable in preventing crime. The new research could potentially allow defenders to predict when their system will be weakest, and how much of a target they might be; it can also help predict patterns in attacks. At the very least, John Arquilla – a defence analyst at the Naval Postgraduate School in Monterey, California – says, ‘The work provides a solid logical foundation for fresh thinking in the cyber security field.’ However, the model has also been criticised for being too simplistic.
Luckily at UKFast we’ve got security covered. You can also control your settings yourself from MyUKFast, so when it comes to protecting your data you don’t need to resort to maths!