Today Cyber Security plays a paramount role in global security. On this blog, the CEO of Paramount Defenses shares rare insights on issues related to Cyber Security, including Privileged Access, Organizational Cyber Security, Foundational Security, Windows Security, Active Directory Security, Insider Threats and other topics.


January 10, 2017

Who Needs WMDs Today?

Folks,

Today, I would like to share with you another Trillion $ question, one that I had originally asked more that 10 years ago. Today it is exponentially more relevant, given the paramount role that Cyber Security plays in national and business security.

So without further adieu, here it is - Who needs WMDs (Weapons of Mass Destruction) Today?


Ans: Only those who don't know that we live in a digital world, one wherein virtually everything runs on (networked) computers.

Why would an entity bother trying to acquire or use a WMD when (if you're really smart) you could metaphorically stop the motor of entire organizations (or nations) with just a few lines of code designed to exploit arcane but highly potent misconfigured security settings (ACLs) in the underlying systems on which the organizations of the world operate?

Today, all you need is two WDs in the same (pl)ACE and its Game Over.

Puzzled? Allow me to give you a HINT:.

Here’s a simple question: What does the following non-default string represent and why should it be a great cause of concern?
(A;;RP;;;WD)(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ac-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;1131f6ac-9c07-11d1-f79f-00c04fc2dcd2;;BA)(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCRCWDWOSW;;;DA)(A;CI;RPWPCRLCLOCCRCWDWOSDSW;;;BA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY)(A;CI;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;EA)(A;CI;LC;;;RU)(OA;CIIO;RP;037088f8-0ae1-11d2-b422-00a0c968f939;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU) (A;CI;RPWDLCLO;;;WD)(OA;CIIO;RP;4c164200-20c0-11d0-a768-00aa006e0529;bf967aba-0de6-11d0-a285-00aa003049e2;RU) (OA;CIIO;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RPLCLORC;;bf967a9c-0de6-11d0-a285-00aa003049e2;RU)(A;;RC;;;RU)(OA;CIIO;RPLCLORC;;bf967aba-0de6-11d0-a285-00aa003049e2;RU)

If you read my words very carefully, as you always should, then you'll find that it shouldn't take an astute and knowledgeable mind more than a minute to figure it out, given that I’ve actually already provided the answer above.

Some of you will have figured it out. For the others, I'll shed light on the answer soon. Stay tuned...

Best wishes,
Sanjay


PS: If you need to know right away, perhaps you should give your Microsoft contact a call and ask them. If they too need some help, tell them it has to do with a certain security descriptor in Active Directory. (There, now that's a HINT the size of a domain, and it could get an intruder whose been able to breach an organization's network perimeter to root within seconds.)

PS2: If this intrigues you, you may want to check out - Defending Active Directory Against CyberAttacks

PS3: On a more serious note, WMDs are possibly the most horrific creation of humans. Only those who have no respect or regard for the most precious thing in the world, life, would even think about acquiring or using them. If in 2 millennia of history, humans haven't learn this, and don't understand that all 7,000,000,000 of us on this precious planet we call home should all strive to peacefully co-exist, then I'm afraid humans haven't learnt much. As such, given the rate at which mankind is exploiting this unique, beautiful and so precious planet we call home, it may likely not last another millennia or even a few hundred years. We ALL owe it to our planet to take utmost care of it.