Shape-shifting computer chip thwarts an army of hackers
May 25, 2021 22:26:45 #
This is from an item in Computer Science News. I thought it interesting to say the least. If you want the link, I will post it in a subsequent reply.
P
We have developed and tested a secure new computer processor that thwarts hackers by randomly changing its underlying structure, thus making it virtually impossible to hack.
Last summer, 525 security researchers spent three months trying to hack our Morpheus processor as well as others. All attempts against Morpheus failed. This study was part of a program sponsored by the U.S. Defense Advanced Research Program Agency to design a secure processor that could protect vulnerable software. DARPA released the results on the program to the public for the first time in January 2021.
A processor is the piece of computer hardware that runs software programs. Since a processor underlies all software systems, a secure processor has the potential to protect any software running on it from attack. Our team at the University of Michigan first developed Morpheus, a secure processor that thwarts attacks by turning the computer into a puzzle, in 2019.
A processor has an architecture—x86 for most laptops and ARM for most phones—which is the set of instructions software needs to run on the processor. Processors also have a microarchitecture, or the "guts" that enable the execution of the instruction set, the speed of this execution and how much power it consumes.
Hackers need to be intimately familiar with the details of the microarchitecture to graft their malicious code, or malware, onto vulnerable systems. To stop attacks, Morpheus randomizes these implementation details to turn the system into a puzzle that hackers must solve before conducting security exploits. From one Morpheus machine to another, details like the commands the processor executes or the format of program data change in random ways. Because this happens at the microarchitecture level, software running on the processor is unaffected.
A skilled hacker could reverse-engineer a Morpheus machine in as little as a few hours, if given the chance. To counter this, Morpheus also changes the microarchitecture every few hundred milliseconds. Thus, not only do attackers have to reverse-engineer the microachitecture, but they have to do it very fast. With Morpheus, a hacker is confronted with a computer that has never been seen before and will never be seen again.
To conduct a security exploit, hackers use vulnerabilities in software to get inside a device. Once inside, they graft their malware onto the device. Malware is designed to infect the host device to steal sensitive data or spy on users.
The typical approach to computer security is to fix individual software vulnerabilities to keep hackers out. For these patch-based techniques to succeed, programmers must write perfect software without any bugs. But ask any programmer, and the idea of creating a perfect program is laughable. Bugs are everywhere, and security bugs are the most difficult to find because they don't impair a program's normal operation.
Morpheus takes a distinct approach to security by augmenting the underlying processor to prevent attackers from grafting malware onto the device. With this approach, Morpheus protects any vulnerable software that runs on it.
For the longest time, processor designers considered security a problem for software programmers, since programmers made the software bugs that lead to security concerns. But recently computer designers have discovered that hardware can help protect software.
P
We have developed and tested a secure new computer processor that thwarts hackers by randomly changing its underlying structure, thus making it virtually impossible to hack.
Last summer, 525 security researchers spent three months trying to hack our Morpheus processor as well as others. All attempts against Morpheus failed. This study was part of a program sponsored by the U.S. Defense Advanced Research Program Agency to design a secure processor that could protect vulnerable software. DARPA released the results on the program to the public for the first time in January 2021.
A processor is the piece of computer hardware that runs software programs. Since a processor underlies all software systems, a secure processor has the potential to protect any software running on it from attack. Our team at the University of Michigan first developed Morpheus, a secure processor that thwarts attacks by turning the computer into a puzzle, in 2019.
A processor has an architecture—x86 for most laptops and ARM for most phones—which is the set of instructions software needs to run on the processor. Processors also have a microarchitecture, or the "guts" that enable the execution of the instruction set, the speed of this execution and how much power it consumes.
Hackers need to be intimately familiar with the details of the microarchitecture to graft their malicious code, or malware, onto vulnerable systems. To stop attacks, Morpheus randomizes these implementation details to turn the system into a puzzle that hackers must solve before conducting security exploits. From one Morpheus machine to another, details like the commands the processor executes or the format of program data change in random ways. Because this happens at the microarchitecture level, software running on the processor is unaffected.
A skilled hacker could reverse-engineer a Morpheus machine in as little as a few hours, if given the chance. To counter this, Morpheus also changes the microarchitecture every few hundred milliseconds. Thus, not only do attackers have to reverse-engineer the microachitecture, but they have to do it very fast. With Morpheus, a hacker is confronted with a computer that has never been seen before and will never be seen again.
To conduct a security exploit, hackers use vulnerabilities in software to get inside a device. Once inside, they graft their malware onto the device. Malware is designed to infect the host device to steal sensitive data or spy on users.
The typical approach to computer security is to fix individual software vulnerabilities to keep hackers out. For these patch-based techniques to succeed, programmers must write perfect software without any bugs. But ask any programmer, and the idea of creating a perfect program is laughable. Bugs are everywhere, and security bugs are the most difficult to find because they don't impair a program's normal operation.
Morpheus takes a distinct approach to security by augmenting the underlying processor to prevent attackers from grafting malware onto the device. With this approach, Morpheus protects any vulnerable software that runs on it.
For the longest time, processor designers considered security a problem for software programmers, since programmers made the software bugs that lead to security concerns. But recently computer designers have discovered that hardware can help protect software.
May 25, 2021 22:33:57 #
May 25, 2021 22:52:26 #
Longshadow wrote:
That's very interesting!
👍
I should add the link too I guess.
https://apple.news/AXNGXASiXQqioTJiyiESFTA
Not sure if the link will work for everyone, but it can be googled.
May 25, 2021 22:55:47 #
timcc
Loc: Virginia
Intriguing -- wonder if it will find wide application in consumer PCs in the future. Thanks for sharing.
May 25, 2021 23:47:33 #
I would think it would have initial applications in critical infrastructure control. Of course it doesn’t prevent other type of attacks (on the application or OS), but it’s a start until and if we ever get the cooperation we should from Russia, N. Korea and China to vigorously identify and prosecute the perpetrators of the hacks originating in their countries (which seem to be the source for many of the most pernicious ones). The Colonial Pipeline hack likely cost Americans in the east tens or hundreds of millions of dollars in lost time and increased gas prices, but not a word from Russia of any attempts to reign in these thugs (even though they have no trouble persecuting and jailing or poisoning their own internal dissenters).
May 25, 2021 23:49:48 #
Great news but a little late for us here in NZ. Hackers have basically put one of our largest hospitals out of business for about a week now. They have killed off everything including parking meters through to chemotherapy treatment, putting hundreds of live at risk. The hospital has no access to any patient records so cant treat anyone as they don't know what treatment they are waiting for.
They are now trying to blackmail the hospital that they will release patients records as well as holding the hospital operations to ransom. It seems its the same bunch that put a hospital out of business in Ireland recently.
The hospital is holding fast, as is the government, that no ransom will be paid.More here if you are interested: https://www.nzherald.co.nz/nz/waikato-dhb-cyber-attack-confidential-patient-notes-sent-to-media-by-alleged-hackers/7IUV5PHBRJZJEE44YZ55DTWAEM/
They are now trying to blackmail the hospital that they will release patients records as well as holding the hospital operations to ransom. It seems its the same bunch that put a hospital out of business in Ireland recently.
The hospital is holding fast, as is the government, that no ransom will be paid.More here if you are interested: https://www.nzherald.co.nz/nz/waikato-dhb-cyber-attack-confidential-patient-notes-sent-to-media-by-alleged-hackers/7IUV5PHBRJZJEE44YZ55DTWAEM/
May 26, 2021 00:07:48 #
TriX wrote:
I would think it would have initial applications in critical infrastructure control. Of course it doesn’t prevent other type of attacks (on the application or OS).
In the complete article they address that issue. I failed to get it all on the page the first time.
This starts where the last paragraph left off:
For the longest time, processor designers considered security a problem for software programmers, since programmers made the software bugs that lead to security concerns. But recently computer designers have discovered that hardware can help protect software.
Academic efforts, such as Capability Hardware Enhanced RISC Instructions at the University of Cambridge, have demonstrated strong protection against memory bugs. Commercial efforts have begun as well, such as Intel's soon-to-be-released Control-flow Enforcement Technology.
Morpheus takes a notably different approach of ignoring the bugs and instead randomizes its internal implementation to thwart exploitation of bugs. Fortunately, these are complementary techniques, and combining them will likely make systems even more difficult to attack.
We are looking at how the fundamental design aspects of Morpheus can be applied to protect sensitive data on people's devices and in the cloud. In addition to randomizing the implementation details of a system, how can we randomize data in a way that maintains privacy while not being a burden to software programmers?
More information
Mark Gallagher et al, Morpheus, Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems (2019). DOI: 10.1145/3297858.3304037
May 26, 2021 07:32:25 #
May 26, 2021 09:11:33 #
May 26, 2021 10:03:57 #
I wonder how much it slows the computer down. Also, I would think that app developers would have to write special software for that os.
May 26, 2021 10:28:40 #
Like mentioned earlier, this doesn't necessarily prevent the more common operating system and application level attacks. Most of us rarely fall victim to processor level implants. This is a big leap forward for critical infrastructure though!!!!!
May 26, 2021 15:25:06 #
TheShoe
Loc: Lacey, WA
TonyP wrote:
... The hospital has no access to any patient records so cant treat anyone as they don't know what treatment they are waiting for. ...
That speaks to the competence of the IT staff at the hospital.
May 26, 2021 16:24:58 #
TheShoe wrote:
That speaks to the competence of the IT staff at the hospital.
Thank you for your sympathy and understanding.
May 26, 2021 16:48:35 #
TheShoe wrote:
That speaks to the competence of the IT staff at the hospital.
But you are correct. I had about 8-10 major hospitals in my turf when I was at Oracle, and business continuity was a constant worry. One teaching hospital, with a mediocre IT staff, had a yearly drill where the goal was to get essential patient services (imaging, medication, records, labs, etc) back up within 24 hours of a disaster in the data center. After a number of years of trying, they had never been able to accomplish the goal. A clue was their first action was that an admin would get in his car for the 8-10 hour drive to the DR site in Pennsylvania (!). These are the same people that placed a bucket on top of an equipment rack to catch a drip from the A/C piping. You guessed it, the bucket miraculously turned over totaling the equipment in the rack. The insurance claim was 120K$. The hospital will go unnamed. You can’t make this $hit up.
May 26, 2021 17:51:06 #
No, in this case he isn't correct. The inquiry (its actually not one hospital, its what we call a DHB, District Health Board, covering 5 hospitals) has cleared the actual IT Dept of blame. Our hospital systems are getting thousands of attacks every week by these low life criminals, (same in Australia and probably the USA) and the best safeguards available are in place.
It seems this was caused by a staff members personal laptop (offline from the hospital system) downloading an email with an attachment that had the virus embedded. That laptop was then eventually connected to the DHB's wifi system and bingo, the virus went to work.
Backups of the data are available. The problem is the hackers have shut down the entire 'system' which would need to be rebuilt to access the data. (just like the US East Coast pipeline that was recently hacked?)
In the meantime, people who have been receiving life saving treatments for cancer etc are no longer able to access that treatment and people may start dying.
NZ, unlike the USA has decided not to pay the hackers the ransom they are demanding. This just encourages hackers if they are paid. The hackers have tried to force payment of the ransom by releasing private data to the media in NZ. So far, the media have refused to publish the data.
Instead of playing the 'blame game', at present every resource is being applied to repair systems and track down the criminals. Unfortunately, at this stage it looks like one of the usual countrys that support this terrorist type behaviour may be the origin of the hack. Its probably impossible for a country of about 6 million to win a war of technology against a country with billions.
Here's hoping it doesnt happen to a hospital near you.
It seems this was caused by a staff members personal laptop (offline from the hospital system) downloading an email with an attachment that had the virus embedded. That laptop was then eventually connected to the DHB's wifi system and bingo, the virus went to work.
Backups of the data are available. The problem is the hackers have shut down the entire 'system' which would need to be rebuilt to access the data. (just like the US East Coast pipeline that was recently hacked?)
In the meantime, people who have been receiving life saving treatments for cancer etc are no longer able to access that treatment and people may start dying.
NZ, unlike the USA has decided not to pay the hackers the ransom they are demanding. This just encourages hackers if they are paid. The hackers have tried to force payment of the ransom by releasing private data to the media in NZ. So far, the media have refused to publish the data.
Instead of playing the 'blame game', at present every resource is being applied to repair systems and track down the criminals. Unfortunately, at this stage it looks like one of the usual countrys that support this terrorist type behaviour may be the origin of the hack. Its probably impossible for a country of about 6 million to win a war of technology against a country with billions.
Here's hoping it doesnt happen to a hospital near you.
If you want to reply, then register here. Registration is free and your account is created instantly, so you can post right away.