Category: Cyber Security

Malware as an infectious disease: A perspective of malware through the lens of epidemiology

Abstract:

The following essay intends to draw attention to the similarities of code-based malware and biological pathogens, both in operation, behaviour and predictability. Applying methodology from the field of epidemiology rather than looking at novel approaches could allow for an enhanced approach to handle, prevent or mitigate malware outbreaks. This paper will additionally explore the similarities in terminology used in both fields drawing focus to the validity of the comparison

Following the Covid-19 outbreak starting in 2019, topics of handling and controlling infectious disease became an international concern both medically, economically, and politically. Covid-19 will serve as a case study to compare to the digital outbreaks of the WannaCry and NotPetya malware pandemics of 2017. This essay will argue that malware attacks are to be considered cyber pandemics. While far from a novel concept, there is still significant space to explore the use of epidemiological methodology within cyber-security. Additionally, the essay intends to show the lessons drawn from the Covid-19 outbreak could be applied in the sphere of cyber security.

Finally, using the lessons and history of infectious disease, this essay will consider the lack of an internationally supported operational response in the face of digital pandemics and the need for an independent authority on cyber security in the vein of the World Health Organization that has the capacity and intention to better worldwide digital safety and stability.

Incident Response Analysis

This is an incident response analysis assignment done for Noroff University. It is done on the m57.biz data set from Digital Corpora.

Incident Response Analysis (PDF) Download

Network Analysis – Sunny Station

This was an assessment written for Noroff University, doing network analysis and threat hunting

CPU Scheduler Simulation

This is an assignment written for Noroff University to simulate different CPU scheduler methods.

EternalBlue Analysis

This is a written assignment for Noroff University on the EternalBlue exploit.

Introduction

EternalBlue is an exploit, developed by the National Security Agency (NSA). It was leaked by a hacker group known as the Shadow Brokers on April 14th, 2017. The exploit was one of over twenty professional and advanced hacking tools leaked. It exploited a zero-day vulnerability in almost every Windows version prior to Windows 8, a flaw in the Server Message Block (SMB). The exploit allows for privilege escalation, lateral movement, and arbitrary code execution on vulnerable machines.

EternalBlue exploits a memory overflow in the srv2.sys driver in the SMB protocol, specifically a Non-Paged Pool overflow. It accomplishes this through a malformed header in the NT Trans2 packet header. The malformed header includes a pointer that points to the section of memory that holds the embedded shell-code, and by gaining control of the execution flow of the srv2.sys driver, the exploit is able to redirect it to the embedded shell-code that allows for the execution of the payload.

A Cyber Security Analysis of Mr. Robot

A brief analysis of scenes from the TV-show “Mr. Robot” focusing on the cyber security realism of a fictional cyber attack.

Powered by WordPress & Theme by Anders Norén