The IEEE International Conference on Homeland Security in Boston will expose warnings of traitorous security software
DALLAS (Sept. 23, 2013) – Cyber warfare professionals are most worried when attacks come on the software we ourselves have installed to protect us from hackers’ viruses and worms. Known as attacks from buffer overflow and binary code injection, these are pervasive flaws in every operating system used today.
Our defense, banks, hospitals, indeed our entire infrastructure is hopelessly vulnerable to attackers. And our own popular antivirus tools can be the most dangerous yet, says Dr. Gregory Sullivan, principal research scientist at BAE Systems. “Those programs are entrusted with a lot of authority to look at all the files and all the traffic on our computers,” says Sullivan. “Well guess what! Those are extremely large complex bug ridden piles of software like the rest of the stuff on our machines.” Sullivan says “when attackers get into your antivirus software then you’re in real trouble.”
Sullivan spoke by phone from his office in Burlington, MA, on the ScienceNews Radio Network program, the Promise of Tomorrow with Colonel Mason. The program originates in Dallas, Texas, and can now be heard Webcast and archived for its world audience.
Sullivan says solutions are coming with the CRASH SAFE project he and others are working on at BAE Systems. Those solutions will be presented at the IEEE Homeland Security Technology Conference [HST ‘13] held at the Westin Waltham Boston Hotel in Waltham, Mass., USA, 12-14 November 2013.