Tag Archives: Application Based Denial of Service

GENESIS - Big Data Super Nova - Part One (Eve)

GENESIS – Big Data Super Nova – Part Three (Apple)

Leave a reply

Hey and welcome!

The “Genesis – Big Data Super Nova and the Journey Back to Privacy and Security” broadcast is about to begin.

This time I decided to share with you my insights and ideas through a story.
So tighten your seatbelt as we jump into hyperspace through time.
It’s now exactly 37 years forward – the morning of March 13, 2050, 11 AM: Earth Standard Galaxy time.

This is chapter 3, here is where you can find The first chapter of this Big Data Sci-Fi Novella (Eve)

Chapter 3: Apple

GENESIS - Big Data Super Nova - A Sci-fi Tech Novella, Chapter 3: Apple

Listen to this postListen or Download audio of this chapter here: 

It was the 1st of April 2013.

One year before, there were rumors that the world is going to end, that is, if you believed the ancient Mayan literature.

It turned up to be a bit later and more digital than physical.

Back then, social networks such as “Facebook” and “Twitter” allowed people to share their thoughts and feelings through external personal outer-body devices.
People called those cumbersome ugly devices “iPhone” and “Android”.

Everyone was hooked to those networks. Companies started letting people get access to services, based on their always-on authentication, to the social networks.
But people were using “Pass-words” to get connected to the social networks. They chose easy pass-words and did not care replacing them occasionally.

So if you found out one’s social network password (let’s say on Twitter), you also got access to any other service they had authorized (O-AUTH) to get logged on to, based on authentication token stored in their Twitter account.

Basically if you had someone’s twitter password, you could buy stuff and have them pay for it, look at the medical records, and review their personal assets. You actually became them.

When the big Digital Tsunami happened, it started by a huge surge of credit card and bank transactions fraud. Then as money pore into the attackers bank accounts (there were many used, so you could not track a single source), it started spreading away as a massive purchase wave.

Amazon, eBay and similar services were hammered with endless waves of purchases, and then rebounded into cancellations. Everyone tried to cancel the fraud purchase attempts.
There were similar attacks on health, government, manufacturing and other essential services, all directed to make them useless.

Later on this kind of attack was labeled “Application Based Denial of Service” – where instead of driving lots of requests to a service, you would overload the remediation system of a service with transactions that require huge effort to remediate (such as reversing a fraud transaction).

There was lots of confusion and slow response, addressing the global, world-wide break-in, because of the miss-leading reports, that it was all a 1st April joke.

In less than one hour all the financial institutions, digital merchant and many other critical systems were completely ruined.

It took 4 months to get most of the damages fixed. But by then many lives were lost.
You could die, because you could not get food or medical treatment, or you could get attacked, by desperate people who tried to forcefully take what you had.

No Anti Malware system could find out the secret key-loggers which had everyone’s passwords, because they were part of many operating systems.

The attackers worked many years, getting to the right people in every operating-system manufacturer’s staff. Then the secret key-logger code was added to the operating system’s codebase. Every developer the attackers acquired, had to add or change just a small piece of code, entirely blind to the demonic intension driving all those small changes (Time Shifted Attack).

The attackers had even penetrated the NSA (National Security Agency) staff, and implanted their own code on top of the home-land security hooks. Those hooks were originally designed to allow law-agencies get access to people’s cloud stored data as well as communications, in case those people were suspects. Now those law enforcement hooks had a parasite code, wire-tapping everything, ready to spray all this information to the malicious crackers.

It all sat there, silent, waiting, collecting and using Big Data to analyze and further, and reveal additional access details. Gone were the days of brute force password cracking – you guess passwords much faster, using Big Data analysis.

And then it was time for the software octopus to wake.

It started ignition on March 13, and up it woke on April 1.

Adam recalled that there was one more important event which took place on the 1st of April 2013.
The “Naturalists Group” was born.

The attack was carried on through Windows, Linux, Oracle, Java infrastructure suppliers and Cloud Providers.
Cloud services failed one by one and the true lack of the Cloud concept was revealed: We did not have “The Cloud”. What we had was many disparate cloud services, each one with its own weakness and finalized amount of resources.

Each Cloud provider had a final central set of “engines” operating all its services, which could easily hacked and brought down, essentially making it useless.
You really had nowhere to fail over to.

The lack of Data Integration was apparent across Big Data archives, so you couldn’t really see what was going on. We had no “Big Eye in the Sky”, no “Digital Defense Satellite”, watching our data and computers.

That was the day when true “Universal Computing” and the “Neuro-Fibre Net”, were born.

Lots of server systems halted that day, and many personal devices got their share of blackout as well.

But most of the victims had the mobile device of choice of that time.

It was produced by Apple.

Get additional chapters by reading the book by Clicking Right Here