Reference : Network Attacks and Exploitation by Matthew Monte
If you can forsee its coming, it is not a friction but obstacles
Mistake
No matter the effort expended, mistakes will remain a source of friction.
Complexity
The complexity that makes a network harder to manage, also makes it harder to exploit.
Implementing different systems in the network requires a diff set of tools and skills (Server: Linux. DB: Oracle. Router Huawei)
Complexity requires more time, knowledge, and development to survey, understand, and circumvent. Because the
level of complexity is diffi cult to predict and can severely impact the effi ciency of an operation, it is a friction.
Flawed Attack Tools
- Best Flaw: Not function, but maintaining persistent access/command/control
- Loss of access: If not being noticed, it is recoverable if there is backup plan
- Worst Flaw: Noticeable Side Effect. ig. After the update, repeatedly crashed computer —> drew the attention.
Upgrades and Updates
Upgrade: Introduces a new stuffs that replace an existing ones; may challenge the Attacker’s methods of persistence.
Update: Improvement that leaves substantial portion of the original in place; consititute a substantial threat to maintaining access for the Attacker.
Other Attackers
Other attackers may ruin the operation.
The Security Community
- Strengthening Defense: sudden intro of new detection tech - only short period of time.
- Weakening Offense: Google Project Zero - find and fix the vulnerabilities. Or publication of offensive methods
