Quantum internet breakthrough could help make hacking a thing of the past

September 02, 2020

The advent of mass working from home has made many people more aware of the security risks of sending sensitive information via the internet. The best we can do at the moment is make it difficult to intercept and hack your messages – but we can’t make it impossible.

What we need is a new type of internet: the quantum internet. In this version of the global network, data is secure, connections are private and your worries about information being intercepted are a thing of the past.

My colleagues and I have just made a breakthrough, published in Science Advances, that will make such a quantum internet possible by scaling up the concepts behind it using existing telecommunications infrastructure.

Our current way of protecting online data is to encrypt it using mathematical problems that are easy to solve if you have a digital “key” to unlock the encryption but hard to solve without it. However, hard does not mean impossible and, with enough time and computer power, today’s methods of encryption can be broken.

Quantum communication, on the other hand, creates keys using individual particles of light (photons) , which – according to the principles of quantum physics – are impossible to make an exact copy of. Any attempt to copy these keys will unavoidably cause errors that can be detected. This means a hacker, no matter how clever or powerful they are or what kind of supercomputer they possess, cannot replicate a quantum key or read the message it encrypts.

This concept has already been demonstrated in satellites and over fibre-optic cables, and used to send secure messages between different countries. So why are we not already using in everyday life? The problem is that it requires expensive, specialized technology that means it’s not currently scalable.

Planet Earth overlaid with network of connected lights
Quantum communication is now possible across the world but not yet scalable. Toria/Shutterstock

Previous quantum communication techniques were like pairs of children’s walkie talkies. You need one pair of handsets for every pair of users that want to securely communicate. So if three children want to talk to each other they will need three pairs of handsets (or six walkie talkies) and each child must have two of them. If eight children want to talk to each other they would need 56 walkie talkies.

Obviously it’s not practical for someone to have a separate device for every person or website they want to communicate with over the internet. So we figured out a way to securely connect every user with just one device each, more similar to phones than walkie talkies.

Each walkie talkie handset acts as both a transmitter and a receiver in order to share the quantum keys that make communication secure. In our model, users only need a receiver because they get the photons to generate their keys from a central transmitter.

This is possible because of another principle of quantum physics called “entanglement”. A photon can’t be exactly copied but it can be entangled with another photon so that they both behave in the same way when measured, no matter how far apart they are – what Albert Einstein called “spooky action at a distance”.

Full network

When two users want to communicate, our transmitter sends them an entangled pair of photons – one particle for each user. The users’ devices then perform a series of measurements on these photons to create a shared secret quantum key. They can then encrypt their messages with this key and transfer them securely.

By using multiplexing, a common telecommunications technique of combining or splitting signals, we can effectively send these entangled photon pairs to multiple combinations of people at once.

We can also send many signals to each user in a way that they can all be simultaneously decoded. In this way we’ve effectively replaced pairs of walkie talkies with a system more similar to a video call with multiple participants, in which you can communicate with each user privately and independently as well as all at once.

We’ve so far tested this concept by connecting eight users across a single city. We are now working to improve the speed of our network and interconnect several such networks. Collaborators have already started using our quantum network as a test bed for several exciting applications beyond just quantum communication.

We also hope to develop even better quantum networks based on this technology with commercial partners in the next few years. With innovations like this, I hope to witness the beginning of the quantum internet in the next ten years.

Source: https://theconversation.com/our-quantum-internet-breakthrough-could-help-make-hacking-a-thing-of-the-past-145139

Author: Siddarth Koduru Joshi – Research Fellow in Quantum Communication, University of Bristol

Ransomware deploys virtual machines to hide itself from antivirus software

The operators of the RagnarLocker ransomware are installing the VirtualBox app and running virtual machines on computers they infect in order to run their ransomware in a “safe” environment, outside the reach of local antivirus software.

RagnarLocker
Background: https://news.sophos.com/en-us/2020/05/21/ragnar-locker-ransomware-deploys-virtual-machine-to-dodge-security/

This latest trick has been spotted and detailed today by UK cyber-security firm Sophos and shows the creativity and great lengths some ransomware gangs will go to avoid detection while attacking a victim.

WHAT’S RAGNARLOCKER?

Avoiding detection is crucial because RagnarLocker is not your typical ransomware gang. They’re a group that carefully selects targets, avoiding home consumers, and goes after corporate networks and government organizations only.

Sophos says the group has targeted victims in the past by abusing internet-exposed RDP endpoints and has compromised MSP (managed service provider) tools to breach companies and gain access to their internal networks.

On these networks, the RagnarLocker group deploys a version of their ransomware — customized per each victim — and then demands an astronomical decryption fee in the tune of tens and hundreds of thousands of US dollars.

Because each of these carefully planned intrusions represents a chance to earn large amounts of money, the RagnarLocker group has put a primer on stealth and has recently come up with a novel trick to avoid detection by antivirus software.

THE VIRTUAL MACHINE TRICK

The “trick” is actually pretty simple and clever when you think of it.

Instead of running the ransomware directly on the computer they want to encrypt, the RagnarLocker gang downloads and installs Oracle VirtualBox, a type of software that lets you run virtual machines.

The group then configures the virtual machine to give it full access to all local and shared drives, allowing the virtual machine to interact with files stored outside its own storage.

The next step is to boot up the virtual machine, running a stripped-down version of the Windows XP SP3 operating system, called MicroXP v0.82.

The final phase is to load the ransomware inside the virtual machine (VM) and run it. Because the ransomware runs inside the VM, the antivirus software won’t be able to detect the ransomware’s malicious process.

From the antivirus software’s point of view, files on the local system and shared drives will suddenly be replaced with their encrypted versions, and all the file modifications appear to come from a legitimate process — namely the VirtualBox app.

Mark Loman, director of engineering and threat mitigation at Sophos told ZDNet today that this is the first time he’s seen a ransomware gang abuse virtual machines during an attack.

“In the last few months, we’ve seen ransomware evolve in several ways. But, the Ragnar Locker adversaries are taking ransomware to a new level and thinking outside of the box,” he added.

An overview of the entire RagnarLocker ransomware, including its VM trick, is available in Sophos’ recent report here:

https://news.sophos.com/en-us/2020/05/21/ragnar-locker-ransomware-deploys-virtual-machine-to-dodge-security/

Source: https://www.zdnet.com/article/ransomware-deploys-virtual-machines-to-hide-itself-from-antivirus-software/

By: By Catalin Cimpanu for Zero Day

Microsoft’s Linux love continues as PowerShell Core comes to Snap Store

‘Microsoft loves Linux’, the company’s CEO Satya Nadella declared in 2014.

Evidence of that newfound affection has been evident throughout 2018: with Ubuntu 18.04 being made available in the Microsoft Store, Windows File Explorer gaining the ability to launch a Linux Shell and a new option to install Windows Subsystem for Linux (WSL) distros from the command line. That’s without mentioning Microsoft’s release of the Linux-based Azure Sphere operating system.

Now Microsoft has released its command-line shell and scripting language PowerShell Core for the Ubuntu Snap Store, as part of PowerShell Core’s release as a snap package.

PowerShell Core in the Snap Store
Image: Canonical / Microsoft

Snap packages are containerized applications that can be installed on many Linux distributions, which Joey Aiello, PM for PowerShell at Microsoft, says has several advantages.

“Snap packages carry all of their own dependencies, so you don’t need to worry about the specific versions of shared libraries installed on your machine,” he said, adding updates to Snaps happen automatically, and are “safe to run” as they don’t interact with other applications or system files without your permission.

To install PowerShell Core as a snap package on a Linux-based OS, first install snapd and then run the command snap install powershell —classic. Then run the command pwsh from the terminal.

Microsoft continues to make regular improvements to the Windows Subsystem for Linux (WSL), which allows Windows 10 to run various GNU/Linux distros from the Windows Store, providing access to Ubuntu, openSUSE, Fedora, Kali Linux, and Debian, and other distros to be added over time.

WSL distros run with a command line shell, rather than offering graphical desktops, and support a range of command line tools, as well as applications such as Apache web server and Oracle MySQL.

WSL allows different Linux distros to run side-by-side within Windows and Microsoft has previously stated that its aim with the WSL is to provide “the best development environment, regardless of the technologies that developers use, or the platforms they wish to target”.

However, at present, the WSL also has many disadvantages over a running a dedicated GNU/Linux system. Microsoft doesn’t support desktop environments or graphical applications running on WSL, and also says it is not suitable for running production workloads, for example an Apache server supporting a website.

This year saw Microsoft improve WSL to add support for Unix sockets allowing for communication between Windows, as well as for the curl and tar commands

The big takeaways for tech leaders:

  • Microsoft has released its command-line shell and scripting language PowerShell Core for the Ubuntu Snap Store, as part of PowerShell Core’s release as a snap package.
  • Snap packages are containerized applications that can be installed on many Linux distributions.

Ref: https://www.techrepublic.com/article/microsofts-linux-love-in-continues-as-powershell-core-comes-to-ubuntu-snap-store/

By: Nick Heath