Skip to main content
  1. Home
  2. Computing
  3. Products

Researchers find best time for hackers to strike

Konrad Krawczyk
By
washington post hacked chinese origin suspected hacker
Image used with permission by copyright holder

For hackers, timing is key. At least that’s according to a group of University of Michigan based researchers that authored a paper on hacking and how timing could factor into the decisions and decision making processes engaged in by cyber criminals.

The paper, which was published in the Proceedings of the National Academy of Sciences of the United States of America, establishes a mathematically based model which considers multiple variables, including timing. Timing is of extreme importance due to the fact that once an attack is launched, patches designed to defend against and/or repel the attacks could go into development immediately after the strike is launched. Then there are efforts taken by software companies to repair holes in their products by offering rewards for zero-day exploits. Other variables considered in the paper include the stakes at hand, as well as stealth and persistence. Case studies included examinations of Iranian cyber attacks on Saudi Arabian oil pipelines, as well as cyber attacks carried out by the Chinese military.

Recommended Videos

The researchers, Robert Axelrod and Rumen Iliev, also indicated that “nations are accumulating cyber resources in the form of stockpiles of zero-day exploits as well as other novel methods of engaging in future cyber conflict against selected targets.” Yikes.

Related

For Axelrod and Iliev, the purpose of this paper was to provide “some concepts, theory, applications, and distinctions to promote the understanding of this new domain of cyber conflict. The goal is to mitigate the harm cyber conflict can do, and harness the capabilities it can provide.”

Whether this and future research papers actually do so, however, will remain to be seen. Time will tell.

What do you think? Sound off in the comments below.

Editors' Recommendations

Konrad Krawczyk
Konrad Krawczyk
Former Digital Trends Contributor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
Is ChatGPT creating a cybersecurity nightmare? We asked the experts
A person's hand holding a smartphone. The smartphone is showing the website for the ChatGPT generative AI.

ChatGPT feels pretty inescapable right now, with stories marveling at its abilities seemingly everywhere you look. We’ve seen how it can write music, render 3D animations, and compose music. If you can think of it, ChatGPT can probably take a shot at it.

And that’s exactly the problem. There's all manner of hand-wringing in the tech community right now, with commenters frequently worrying that AI is about to lead to a malware apocalypse with even the most green-fingered hackers conjuring up unstoppable trojans and ransomware.

Read more
Hackers may have stolen the master key to another password manager
keepass master password plain text vulnerability open padlock cybersecurity

The best password managers are meant to keep all your logins and credit card info safe and secure, but a major new vulnerability has just put users of the KeePass password manager at serious risk of being breached.

In fact, the exploit allows an attacker to steal a KeePass user’s master password in plain text -- in other words, in an unencrypted form -- simply by extracting it from the target computer’s memory. It’s a remarkably simple hack, yet one that could have worrying implications.

Read more
Hackers are using a devious new trick to infect your devices
A person using a laptop with a set of code seen on the display.

Hackers have long used lookalike domain names to trick people into visiting malicious websites, but now the threat posed by this tactic could be about to ramp up significantly. That’s because two new domain name extensions have been approved which could lead to an epidemic of phishing attempts.

The two new top-level domains (TLDs) that are causing such consternation are the .zip and .mov extensions. They’ve just been introduced by Google alongside the .dad, .esq, .prof, .phd, .nexus, .foo names.

Read more