Absolute secure system does not exist in a world which is controlled by the cyber information age, Stuxnet, PRISM, Ransoma viruses and so on a series of cyber security events are telling us: zero-day threats to cyber security in close proximity. In the July just passed by, we had the following cyber attacks involving national security:
In July 2022, a hacker claimed to have obtained the records of 1 billion Chinese people from a database of the Shanghai police and posted the data for sale online. At the same time, such data sales have indeed appeared on the dark web.
In July 2022, hackers target the Iranian Islamic Culture and Communication Organization (ICCO). The attack shut down at least six websites, placed images of Iranian resistance leaders on 15 others, wiped databases and computers, and allowed hackers to access sensitive ICCO data.
In July 2022, Hackers have attacked social media accounts owned by the British Royal Army. The attack took over the British Army's Twitter and YouTube accounts.
In July 2022, hackers compromised a Ukrainian media company to broadcast the critical news of Ukrainian President Volodymyr Zelensky on multiple radio stations. Zelensky blamed Russia for the attack.
In the ongoing Ukrainian-Russian war, cyber attacks like the above are commonplace, but there has been a shadow of operating weapons and equipment through cyber attacks. The Russian military claims to be able to penetrate and precisely locate the HIMARS rocket launcher, although this news has not been confirmed, but not denied either.
Almost all modern weapons, with the exception of small arms and those intended for use by aircrews (such as machine guns), include built-in computer systems. These computers added functionality, including fire control (correction and adjustment of targets for distant or fast-moving targets), navigation (receiving GPS signals), and communications (voice and data transmission). They are often connected to large, sometimes global networks to issue orders, collect data, report enemy sightings, or even coordinate attacks or defenses between geographically disparate forces.
Theoretically, these weapons and the communication networks used are highly likely to be attacked. What might one of these cyberattacks look like? In the 2015 tech thriller Ghost Fleet, the U.S. military goes to war with both Russia and China. The war included a surprise attack on Hawaii, including a full-scale hack to disable America's most powerful weapon. Warships, F-35 fighter jets and other systems were knocked back without a single shot being fired.
Due to the confidentiality and complexity of military weapons, it is difficult to obtain subcomponents and firmware information, which makes it impossible to track exploitable vulnerabilities. All rigorous testing is too expensive, so it is impossible to identify all vulnerabilities that can be exploited by adversaries. Moreover, due to the information gap and confidentiality requirements between departments and projects, and it is difficult to achieve cross-project and cross-department service vulnerability information and lessons learned, it is more difficult to detect weapon security.
Our Reactor Engine extracts the fingerprint information of the file content in the firmware, and through fingerprint comparison, determines the executable file version and associated vulnerabilities in the firmware, and solves the problem of fragmentation of versions and sub-versions in weapon equipment, and strict confidentiality leads to untraceable problems. The self-developed BinQL can customize the vulnerability mining scheme, combined with the system characteristics of weapon equipment, to find possible vulnerabilities with different characteristics. Through firmware correlation analysis and executable file modification instruction level extraction, a firmware correlation network is established to automatically track the firmware supply chain. Provide underlying capabilities for national defense and government security.
