Confessions of a Nation-State Penetration Tester – Versus Centralized Technology

I was a developer and cybersecurity expert for a government-level institution. My responsibilities included several implementations in the IT and cybersecurity area.

It started with the integration and implementation of various technologies, such as intrusion detection systems. That is, detect attacks and track malicious packets on the network in real time, deduce them and implement countermeasures at the physical protocol and routing level.

Basically, I worked on everything related to cararn (government) technology from a security point of view. se included threats in cyberspace, such as attack scenarios and attack surfaces that could be exploited by malicious actors.

See everything from the inside

I learned a lot about the technologies available to state actors in the OpSec field.

For example, there are technologies that inject small pieces of data into malicious data packets. In this way, it allows the authorities to collect information about the origin and destination of the package.

With our permission, we may communicate with various internet service providers and centralized network relay nodes. It would track malicious packets to their final destination and find out where they came from.

If someone, for example, were hiding behind the virtual private network or various proxy routing protocols, they would follow the packet on the physical layer. refore, we can still determine where the package came from.

We would study the man-in-the-middle attacks. Determine in real time how we can spy on two connections to understand how malicious actors think and execute attacks.

Read also Mastercard and cryptocurrency company Bakkt have partnered to enable cryptocurrency card payments

As part of our duties, we have also trained those who work in other government departments. se included teaching law enforcement and others about monitoring for cybercriminals.

Through the years working in the OpSec field, I have come to understand a great deal about how the world works. I found out that there is a cyber war.

Threats in cyberspace are growing beyond the speed and scope with which countermeasures can be implemented.

No matter how decentralized the software we are using, no matter how large this peer-to-peer network is, we must always ask ourselves one question: where is this software running? Too often, blockchain technology, including DeFi, runs on centralized technology.

cryptocurrency industry faces the existential threat of centralized technology

In the crypto industry, we are still married to a centrally controlled infrastructure. We use government infrastructure, ISP infrastructure, nodes and centralized DNS providers.

So the technology that we create in cryptocurrencies may very well be decentralized, but ultimately the underlying physical layer, in fact the entire basic foundation, is quite centralized.

Unless there is a real alternative, a second decentralized Internet, the industry faces a cyber-level OpSec and DevSec problem. Addressing this deficiency with a truly decentralized Web3 is of utmost importance to the future of money.

We are at a point where there are so many threats and risks in the cyber world that we all need to be aware and extremely cautious. This is true even if we keep a low profile online.

Also read Bitcoin tries to rally, Ethereum, XRP and DOT outperform

Most internet users today don’t take OpSec seriously, not even people in the crypto industry.

Unless you’ve been the victim of a hack, scam, virus, or worm, you might not even have a proper antivirus or basic firewall setup. se are, of course, just the beginning of good operational safety.

Decentralized technology protection

In fact, as cyber wars continue, the public will become more and more aware. future of the cararn world depends to some extent on cybersecurity. We need to protect privacy and decentralization.

It is very clear that an unprotected physical layer represents an existential threat to any decentralized technology, since the users themselves are the network.

Security may seem like a drawback, but it is critical. If we share the global Bitcoin network and the broader crypto networks, which could one day support a future iteration of the web, our own security is part of greater social responsibility.

We must all be willing to learn simple security precautions and implement them in our use of cryptocurrencies.


All information on our website is published in good faith and for general information purposes only. Any action taken by the reader on the information found on our website is strictly at your own risk.

Source link


Related Posts

© 2024 Cryptocoin