Stop Software Attacks From Destroying Your Servers
Jul 06, 2011, 14:03 (0 Talkback[s])
(Other stories by Paul Rubens)
WEBINAR: On-demand Event
Replace Oracle with the NoSQL Engagement Database: Why and how leading companies are making the switch REGISTER >
[ Thanks to Amy Newman for this link.
"Software attacks that stop the physical hardware from ever
working again are known as Permanent Denial of Service (PDoS)
attacks. The Stuxnet virus -- which attacked Iran's nuclear
facilities -- was so complex that many security companies concluded
it must have been the work of one or more government agencies
rather than individual hackers.
"But that doesn't mean all PDoS attacks have to be difficult to
devise, according to Kotler. "Think about it -- you can "brick" an
iPhone or iPod accidentally when you try and jailbreak it," he
pointed out. Back in 2008 at EUSecWest, HP researcher Rich West
demonstrated that NAS, security and networking appliances can be
vulnerable to malware that downloads malicious firmware and flashes
the appliance with it, rendering the hardware unusable. For that
reason there has been a trend toward ensuring that appliance
firmware updates are digitally signed by the manufacturer."