The last two weeks have brought us two different attack vectors affecting servers and PC's alike. First Invisible Things Lab's Joanna Rutkowska and Rafal Wojtczuk presented the details of an attack on Intel's System Management Module which lets the malware do whatever it wants and effectively hides from everything else. Meanwhile, An
The last two weeks have brought us two different attack vectors affecting servers and PC's alike. First Invisible Things Lab's Joanna Rutkowska and Rafal Wojtczuk presented the details of an attack on Intel's System Management Module which lets the malware do whatever it wants and effectively hides from everything else. Meanwhile, Anibal Sacco and Alfredo Ortega presented an attack that subverts the BIOS at CanSecWest. Can it get any worse?Well, sure it can. Both of these attack vectors are highly specialized, but Rutkowska did confirm that it's possible to create malware that could discover the necessary parameters carry off an SMM attack rather than having to create specific malware for each motherboard and chipset combination. She's also quick to point out that there are other, easier, and more effective ways to get control of a host.
Conficker is one recent example. Exploiting a known vulnerability for which there is a patch, Conficker continues to spread and according to analysis by SRI continues to evolve and demonstrates the creators ability to adapt and enhance the malware. Conficker is sophisticated, to be sure, but it's no where near the cutting edge exploit that a BIOS update or SMM rootkit is. Yet, Conficker has much more potential.
Both attacks are highly specific and require substantial expertise to become effective. In SMM Rootkits: A New Breed of OS Independent Malware, a paper that Rutkowska references, the authors list number of limitations in making a generalizeable SMM rootkit not the least of which is not having OS driver support to utilize installed hardware.
The research is interesting and the attacks are viable, but given the simpler, easier, more wide spread methods of gaining control of a system, hacking the BIOS or SMM probably isn't big threat.
The Agile ArchiveWhen it comes to managing data, donít look at backup and archiving systems as burdens and cost centers. A well-designed archive can enhance data protection and restores, ease search and e-discovery efforts, and save money by intelligently moving data from expensive primary storage systems.
2014 Analytics, BI, and Information Management SurveyITís tried for years to simplify data analytics and business intelligence efforts. Have visual analysis tools and Hadoop and NoSQL databases helped? Respondents to our 2014 InformationWeek Analytics, Business Intelligence, and Information Management Survey have a mixed outlook.