Transformers: War for Cybertron Trilogy in terms of cybersecurity | Kaspersky official blog

Credit to Author: Nikolay Pankov| Date: Thu, 15 Apr 2021 11:03:24 +0000

I have yet to meet a single child who doesn’t love watching animated movies. Parents, however, react to the pastime in different ways. Some have nothing against it, others say it’s a waste of time. In my opinion, animated movies have lots of useful things to teach kids — and I’m not talking about the usual morality tales they always weave in.

Animated series, especially science fiction, can be used to illustrate the basics of cybersecurity, which, without entertaining visuals, would not hold kids’ attention for very long. One of the best for this purpose is the new series Transformers: War for Cybertron Trilogy.

On the whole, the Transformer universe is pretty fascinating from a cybersecurity perspective. After all, Transformers are cyberphysical systems controlled by advanced artificial intelligence. If we look past the fantasy element (the “spark” that is the “soul” of a Transformer), then their basic principles of existence are the same as those of modern devices: They are lumps of hardware with computerized filling.

Therefore, much of the plot could conceivably happen in our world. Let’s look at some specific examples from Chapter One: Siege.

Episode 2: A trap for the Autobots

In the second episode of season one, the Autobot Ultra Magnus surrenders to Megatron. In captivity, he overhears talk of an insidious plan: The Decepticons are looking for the semimythical Transformers lifesource (the AllSpark); they want to use it to reformat all Autobots, turning them into Decepticons.

Ultra Magnus tries to warn the Autobots, but his low-frequency transmission gets intercepted. Megatron announces that he has managed to hack in to the hitherto secret frequency and transmit a message to the Autobots, luring them into his trap.

Practical lessons from episode 2

Oddly enough, the practical lesson here is not about frequency hacking. Essentially, the hack is possible because the Decepticons discovered the frequency on which Ultra Magnus communicates with his comrades, allowing the impostors to impersonate him. That basically means Magnus sends information unencrypted. If he had used a strong encryption algorithm:

The Decepticons would not have understood the messages (they didn’t have the encryption key) and thus would not have been able to lay such an effective trap.

The Decepticons could not have known for sure who the recipients were; radio waves propagate in all directions.

The Decepticons could not have mimicked Ultra Magnus — a unique key, in addition to concealing information, authenticates the identity of the sender.

So, first, you can explain to your child the folly of transmitting important information over an insecure channel. And second, that the author of a message received over a trusted communication channel may not be who they say they are. The first takeaway might sound a little paranoid, but the second has practical applications. For example, faking the sender of an e-mail or text message is extremely easy.

Episode 5: A data-hunting virus

Ultra Magnus’s memory contained vital information: the legacy of Alpha Trion. When Magnus died, a secret program was activated that transmitted the information over a distributed network consisting of planetary processors (most of which the Autobots had built).

The Decepticons do not know what the data is (it is complex, and so most likely encrypted), or where exactly it was sent, but they do know it is vitally important, so they want to destroy it at all costs.

As it happens, Shockwave is in possession of a virus that can be programmed to wipe Alpha Trion’s legacy. It too needs to be released into the distributed network, where it can spread from node to node, incapacitating all processors and mainframes along the way.

Even though the virus will damage the entire planetary infrastructure, Megatron has no qualms. To spread the virus, the Decepticons use the disabled Ultra Magnus, or rather his brain module.

Practical lessons from episode 5

There is much to be gleaned from this episode, both practical and theoretical. First, it’s good for explaining the concept of a hash. The Decepticons do not know what Alpha Trion’s information is, but they are able to locate it, together with all servers that bear its traces. The question is, how do they find that information?

The simplest way is to obtain its hash — that is, convert it into a short code that acts as a kind of unique fingerprint. Streams of data can then be scanned for information matching the fingerprint, to find copies of it. That’s how many antivirus solutions work: Armed with the hash of a malicious program, they look for it in traffic, and destroy it when found.

Another takeaway is the importance of multifactor authentication. Autobots built the network used to transmit — first Alpha Trion’s information, and then the virus. Hence, Ultra Magnus can connect to the network and send the data. Although the Decepticons cannot connect to it directly, they can use the brain module to do so.

That can mean only one thing: The network requires no additional factor of authentication. Ultra Magnus’s brain module is trusted by default, and information from it is unconditionally accepted.

It’s known that when a Transformer is deactivated, its memory becomes inaccessible (a bit earlier in the series, the Autobot Elita says the Decepticons won’t be able to obtain the coordinates of the base from Ultra Magnus because he would rather switch himself off than betray his friends). So, if the network had requested at least a unique password, stored in Magnus’s “consciousness” but inaccessible upon deactivation, the Decepticons would not have been able to use the module.

Most important, this episode highlights the need for network segmentation. If the virus is capable of damaging more than 80% of the servers on the planet, that means it can freely move around those servers — the servers are not isolated from each other. Dividing the network into segments, and transmitting information through gateways with built-in antivirus solutions, could minimize the damage.

Network segmentation may not be the most relevant topic for your child right now. But if one day they face the task of building a LAN, I’d like to think they’ll recall childhood memories of the Transformers series and not create a vulnerable network.


https://blog.kaspersky.com/feed/