Symbiot – Mutually Assured Disruption

1 minutes estimated reading time

Symbiot a Texas based Internet security company has announced a new technology that allows companies to ‘strike back’ at cyber attackers. Symbiot is looking to become a sort of ‘Smith & Wesson’ or Winchester of the ‘world wild web’, this may not be a good idea.

Imagine giving bank staff access to machine guns. Then imagine telling them that you are going to export their jobs to Mumbai or a 14 year-old kid upsets them and you end up with a Falling Down type scenario. Further imagine that the bank employee kills a whole pile of bystanders.

This is the real-world equivalent of what could happen on the Internet. Hackers and script kiddies use slave machines to mount an attack whilst being concealing their own identities.

ISPs and POPs (the internet equivalent of bus companies and roadways) could end up casualties, whilst the real perps get away scot free. In fact, this infrastructure disruption could encourage hackers to seek out and provoke a Symbiot powered response as a ‘denial of service attack by proxy’ on a particular network provider.

In the real world this already happens with SWATing. A false call is made to the local police station of whoever is to be SWATed. Claims are made of sounds of gunshots, yelling or even hostages and the local police SWAT team rolls out on the unsuspecting victim. This is all relatively easily done through caller ID spoofing and other phone phreaking techniques. There is a clear analogue between this and hackers using IP spoofing or even machine hijackign to trigger a response.

Now, imagine if one of Symbiot’s killer boxes was hacked and got into the hands of someone who really knew how to do it?

While the Dept of Homeland Security worries about the risk of radical Islamic hackers, its time they should start looking a little bit closer to home….

You can read my contribution to AlwaysOn about Symbiot. More security related content here.