Cyber Attack: The Attackers’ Weapon & Tools

When we talk about attacks, they are never possible without weapons. Weapons on the other hand are made up of several tools. While cyber weapons will be an interesting topic of discussion today, we will be looking at some cyber weapons and tools used by cybercriminals for cyber attacks.

According to Wikipedia, it defines cyber weapons as “A cyberweapon is a malware agent employed for military, paramilitary, or intelligence objectives as part of a cyberattack”. What differentiates a malware considered to be a cyber weapon from regular malware is that regular malware is generally available for any persons that want to make use of it. 

A malware cyber weapon is designed, developed, and implemented either by the military, paramilitary, or intelligence. On the other hand, regular malware can be designed and developed by anybody, usually blackhat, and used mainly by blackhat hackers.

Another criterion of a cyber weapon is the objective attached to the malware that has been developed. Regular malware is aimed for general application, but cyber weapon malware is developed strictly for spying, which can be considered to be an act of war. The objective of cyber weapons cut across the surveillance of system and system users, which includes credentials harvest. It also can implement theft of intellectual properties and data. As well as the destruction of computer systems, hardware, industrial control system, and data. There are cases where the objective can cause loss of human life.

Finally, in line with cyber weapons, we should understand that most cyber weapons are usually state-sponsored, by this I mean government-sponsored.

Moving forward, while we are generally tempted to consider all malware as cyber weapons, we should also use the above criteria to distinguish both. So now let’s take a look at some examples of cyber weapons.

The flame is the first case scenario that we should take a look at. It is cyberweapons against a window-based operating system that is also known as skywipper or flamer. It was designed for cyber espionage and targeted the middle east region for implementation. Washington post in 2012 claimed that the weapon was developed by a combined team of US National Security Adviser, CIA, and Israeli Military. Also according to May 2012 Kapersky internet post, this weapon has been used to attack government agencies in Saudi Arabia, Syria, Sudan, Iran, Isreal, Palestine, and Egypt etc.

Next is the stuxnet, the introduction of stuxnet as a weapon in cyberspace is considered to be a game-changer for cyber-based attacks. This is due to its ability to not only control the system but also a Programmable Logic Controller (PLC), which is present in all Industrial Control Systems (ICS) and Special Control and Data Acquisition (SCADA) systems. 

Findings also have revealed that due to the extensive features of this weapon, it must have been designed and developed by a combined force of the US and Isreal computer scientists. Stuxnet was exclusively and objectively designed to halt the Iranian nuclear project during Obama’s administration.

Now, let’s talk about the cyberattack tools. A cyberattack tool is a computer software, whether Operating System (OS) or application software, that facilitates cyber intelligence, espionage, and hacking. There are different types of applications that are required for an effective cyber attack to be carried out and we will be looking at some of these tools.

Although some of these tools can also be used for IT system protection. In fact, the majority of these cyber-attack tools were originally designed and developed to make IT security easier to manage and administrate. Unfortunately, cybercriminals now use these same tools to their advantage, because the same tool that is used to protect can be used to attack.

Just like guns, it can be used to protect by the security operatives and also still use to attack. What determines whether it will be used for protection or attack is the person holding the gun.

Cyberattack tools were never designed for attacking but for protecting a computer resource. However, cybercriminals now use the same tools to attack their victims or targets.

Among is the list of tools that is a must-have by an attacker is the kali Linux distribution OS.

Kali Linux is a Debian distribution of Linux based operating system that was developed for security testing, auditing, and cyber intelligence. It has installed by default over six hundred (600) application categories into the information gathering tool, vulnerability analysis tools, exploitation tools, Web analysis tools, forensic tools, sniffing & post-exploitation tools, database assessment tools, and social engineering tools, etc.

Kali Linux is a graphical user interface but most users prefer to use the terminal and shell application to communicate and give instruction to the system. The uniqueness of this OS is that it is a free and open-source OS that is funded by Offensive Security Projects. It can be installed as a virtual machine, standalone, or dual boot operating system.

Just like Kali Linux majority of cyberattack tools are open source and they are freely available on the internet, thereby making the fight against cyber attack difficult. Just imagine if you can buy a gun from anybody on the street at zero naira or dollars. That is exactly what is happening to the cyber tools in cyberspace!