There are different types of attacks that expose enterprise data. An application can be attacked at various layers, on different hardware, and with very different goals in mind, creating a very complex problem for companies who want to protect their intellectual property. Here are some common attacks:
- Analysis . In order to understand and trace the compiled application code, hackers use various static analysis tools and debuggers that allow them to access, analyze, and reverse engineer the binary code. Such analysis enables hackers to understand how the internal algorithms work, discover sensitive information, and pinpoint vulnerabilities.
- Intellectual Property (IP) Theft . Some attacks are designed specifically to extract sensitive information, copyrighted material, or proprietary algorithms. If attackers can reverse engineer and analyze a program, the internal secrets are essentially exposed and vulnerable to stealing.
- Key Extraction . Cryptographic keys are at the very core of all security systems that deal with encrypted data. If hackers can locate keys in the code or device memory, they can completely circumvent or remove the security features and steal intellectual property.
- Tampering . Tampering is the process of modifying the application code with the goal to make it behave in a different way. For example, by tampering with the program code, hackers can remove license checks, copyright protection, and all other security features.
- Piracy . Illegal distribution of copyrighted material is one of the primary concerns of software and content publishers. Such companies suffer tremendous loss due to the fact that their content is being freely copied and transferred to unauthorized parties.
- Malware Injection . Today viruses, Trojans, and other harmful software cause serious problems not just on desktop computers, but also on smartphones, tablets, and embedded systems. If applications are not sufficiently protected, they can be exposed to privacy attacks, performance-loss, remote control, and unwanted behavior.
With that said, Jai Vijayan at Information Week’s Dark Reading, penned an article titled The 10 Worst Vulnerabilities of the Last 10 Years , that lists some of the more potent attacks over the years. To recap:
- OpenSSL Heartbleed Vulnerability – Almost one-third of all major websites were thought to have been vulnerable when it was first disclosed in April of 2014.
- DNS Cache Poisoning Issue: Kaminsky Bug – A flaw at the DNS protocol level allowed attackers a way to use spoofed data to redirect Web traffic to destinations of their choice.
- GNU Bash Remote Code Execution Vulnerability: Shellshock – Affecting most versions of Unix, Linux and Mac OS X, it allowed attackers to execute malicious code on vulnerable systems.
- Stagefright Vulnerabilities – Found in Android’s Stagefright multimedia framework library, this vulnerability allowed attackers to execute malicious code on vulnerable Android mobile devices.
- Protocol Vulnerability and POODLE Attack – Caused by an implementation weakness in the SSL 3.0 protocol relating to the encryption of whole data blocks, this weakness gave attackers a way to break encrypted communications between a Web server and client browser to steal authentication cookies and other data.
- Remote Code Execution Vulnerability in Microsoft Server Service – This flaw gave attackers a way to remotely execute malicious code on vulnerable systems using a specially crafted remote procedure call.
- Java Serialization Bug – A critical issue that affects all Java applications that accept serialized objects, this bug could be exploited in middleware products like WebLogic, JBoss, WebSphere, OpenNMS and Jenkins.
- GLIBC: getaddrinfro Stack-based Buffer Overflow – This issue affected some tens of thousands of apps, systems, and embedded devices including network routers.
- Bad USB – Attackers are able to convert a benign USB device into a malicious one by reprogramming its controller chip through a firmware update.
- VENOM Vulnerability – While harder to exploit than Heartbleed, VENOM is likely used for more targeted attacks.
Our Cryptanium Code Protection applies integrated protection mechanisms to the entire application code at different layers. With no changes to your source code, code protection obfuscates the code base using patented obfuscation algorithms, injects hundreds of overlapping integrity checkers, and embeds platform-specific anti-debug, anti-piracy, and anti-malware code. As Cryptanium applies security features at different levels, hackers cannot easily remove applied security techniques one-by-one. In order to succeed, the entire protection must be cracked at once, which is a very difficult task when using Cryptanium.
Photo credit to Epicantus.