Flexera Software acquires Palamida » Maidenhead, U.K: Flexera Software has announced that it has acquired Palamida, provider of Software ... HAUD SS7 firewall protects 23m subscribers in Vi... » Vinaphone to benefit from market leading security & monetisation solution Malta: Go-to partner in... Nuisance calls global report from Hiya: US, Hong... » Hiya, the call-blocking and caller ID company, has released its new Robocall Radar Report, which rev... FireMon acquires FortyCloud for multi-cloud m... » LONDON, UK: FireMon has announced its acquisition of FortyCloud, a field-proven cloud infrastructure... Southwark Council brings digital courtroom te... » With the aim of modernising court services, the London Borough of Southwark has successfully introdu... Data protection veteran is backup, recovered and... » LEEDS, UK: Data protection expert and industry veteran Simon Chappell has announced the launch of As... CNL Software expands Americas Operations » CNL Software has announced that it has expanded its U.S. operations with the opening of its new Regi... Mirantis & Openwave Mobility collaborate on Subs... » REDWOOD CITY, Calif: Openwave Mobility has announced a collaboration with Mirantis, the pure play Op... AV-TEST: Secucloud Mobile Security App named as ... » Hamburg, Germany: People now use their smartphone to access the internet more than any other device ... vCPE technology will create a “win-win” situatio... » LONDON: Enterprises demand is one of the key driving factors for cloud applications, but businesses ...


Advertise with Vigilance

Got News?

Got news for Vigilance?

Have you got news/articles for us? We welcome news stories and articles from security experts, intelligence analysts, industry players, security correspondents in the main stream media and our numerous readers across the globe.


Subscribe to Vigilance Weekly

Information Security Header

Cyber attackers have crossed the line between the digital and physical world warns Skoudis

Organisations and information security professionals must adapt skills to meet the threats against critical systems or face real world consequences

Organisations need to be more aware of the changing threat landscape where hackers are targeting infrastructure that is directly impacting on our physical world, believes Ed Skoudis, one of the world’s most respected security researchers and penetration testers and a faculty Fellow with the SANS Institute.


“For a while, we have seen somewhat humorous examples of hackers changing electronic road signs to give jokey messages like ‘Zombies Ahead’ instead of more useful traffic information,” says Skoudis. “But the principle is rather scary especially when you look at other real world systems that are increasingly computer controlled.”

Skoudis points to hackers attacking the uranium centrifuges run by the Iranian government as an extreme example but points out other more potential targets, “A water treatment plant is largely an automated environment run by complex computer systems. While the procedure used to refuel planes is also underpinned by software – even the electricity grid is a software centric environment.”

Hackers are looking at new ways to penetrate these often closed systems; “USB sticks, infected mobile devices, interception of data in transit and even QR codes are all areas where we have seen hackers use physical elements to breach a IT security perimeter,” explains Skoudis.” You may see comments from authors such as Thomas Rid questioning whether Cyber war is really happening? I can tell you that for every Stuxnet in the public eye, there are a dozen significant incidents across the globe that due to national security consideration will never see the light of day.”

Skoudis has conducted a demonstration of hacker techniques against financial institutions for the United States Senate and is a frequent speaker on issues associated with hacker tools and defences. He is also an author of numerous articles on these topics as well as the Prentice Hall best sellers Counter Hack Reloaded and Malware: Fighting Malicious Code.

“It is not a case of scaremongering, but more a game of cat and mouse,” he says.” Every time we spot a new method and block it, the very best of the hackers will then try a new approach. With technology constantly evolving, new exploits and a greater attack surface increase the threat. Without proactively testing defences, there is no way to know if the barricade is working as planned.”

Skoudis has authored and regularly teaches SANS courses on network penetration testing (Security 560) and incident response (Security 504); helping over three thousand information security professionals each year improve their skills and abilities to defend their networks.

“The Penetration testing skill set is also changing,” he believes. “We are increasing looking at a much wider attack surface then we did say 10 years ago. If you look at the most theoretically interesting attacks, they often used methods that combine social, physical and psychological tricks to breach secure systems.”

Skoudis believes that changes in attack patterns and targets are also reflected in the types of individuals and organisations that are increasingly investing in penetration testing skills. “The recent courses I have taught have had a higher percentage of students from the military, critical national infrastructure, manufacturing and government agencies ahead of what used to be predominantly financial services.” He says, “In addition, the types of students now includes IT professionals and managers that need to understand the core pen-testing concepts to engage pen-testers and to enact the recommendations of the testing process.”

According to Skoudis, the courses are also evolving to teach how to deliver a real business value through pen testing and a methodology to ensure processes are systematic and repeatable. “We also teach technical depth, not just teaching students how to use a bunch of tools, but to understand how the hack actually works – to help student think like an attacker so they can find the hole and close it before an attacker gains control over a critical system.”

Skoudis will be teaching SEC560: Network Pen Testing and Ethical Hacking for the first time in Europe at the upcoming SANS Secure Europe 2013. As one of the region’s largest InfoSec training events, Secure Europe will be returning to Amsterdam’s Radisson Blu Hotel from 15th to 27th of April 2013 with a roster of 8 courses including a new session covering Advanced Computer Forensic Analysis and Incident Response. For more information on the event including course overviews and GIAC Certification, or to register