To read this content please select one of the options below:

So long, and thanks for only using readily available scripts

Hannes Holm (Swedish Defence Research Agency, Linköping, Sweden)
Teodor Sommestad (Swedish Defence Research Agency, Linköping, Sweden)

Information and Computer Security

ISSN: 2056-4961

Article publication date: 13 March 2017

282

Abstract

Purpose

It is often argued that the increased automation and availability of offensive cyber tools has decreased the skill and knowledge required by attackers. Some say that all it takes to succeed with an attack is to follow some instructions and push some buttons. This paper aims to tests this idea empirically through live exploits and vulnerable machines in a cyber range.

Design/methodology/approach

The experiment involved 204 vulnerable machines in a cyber range. Exploits were chosen based on the results of automated vulnerability scanning. Each exploit was executed following a set of carefully planned actions that enabled reliable tests. A total of 1,223 exploitation attempts were performed.

Findings

A mere eight exploitation attempts succeeded. All these involved the same exploit module (ms08_067_netapi). It is concluded that server-side attacks still are too complicated for novices who lack the skill or knowledge to tune their attacks.

Originality/value

This paper presents the largest conducted test of exploit effectiveness to date. It also presents a sound method for reliable tests of exploit effectiveness (or system vulnerability).

Keywords

Citation

Holm, H. and Sommestad, T. (2017), "So long, and thanks for only using readily available scripts", Information and Computer Security, Vol. 25 No. 1, pp. 47-61. https://doi.org/10.1108/ICS-08-2016-0069

Publisher

:

Emerald Publishing Limited

Copyright © 2017, Emerald Publishing Limited

Related articles