In a recently published white paper, Anjuna Security analyzed the complete MITRE attack matrix and found 77 Mitre attacks that Confidential Computing can instantly eliminate. In this series of blogs, we will cover in detail the top five critical attacks and address how Confidential Computing implemented using Anjuna software can abolish these attacks forever!
The second most prevalent MITRE attack we cover in this series is T1554: Compromise Client Software Binary. For this attack, we must assume that the adversary has breached the outer layers of security with an initial attack and now has complete access to your machine. Once an individual machine is compromised, the next stage is to infiltrate other machines by modifying the binary of an application to insert malicious code. This approach of expanding laterally gave rise to the popular term “computer virus”, and is the most common technique used by attackers. You don’t have to look too far before you encounter a serious virus. Virus threats have been used to target every industry and every type of machine. A few notable examples include Stuxnet, CovidLock, UK National Health Service’s, and APT41 ‘Supply Chain’ Attack.
To remove the possibility of unauthorized modifications to client software binaries (T1554: Compromise Client Software Binary), the most commonly used approach is to employ a program to sign off on each and every code change. Unfortunately, this approach is not foolproof given that the program used to check and sign off on the code is also a piece of software, in turn, leaving it vulnerable to attackers who can modify it to allow malicious updates. In fact, it is well understood that attackers have evolved a whole stream of evasion techniques to either avoid or attack virus scanning software in order to accomplish this task.
How to Protect Against T1554: Compromise Client Software Binary
Accomplished leveraging Confidential Computing in secure enclaves, attestation is a code-signing mechanism that relies on the hardware as opposed to software to verify that the code you intend to run has not been modified. Attestation relies on an immutable hardware root of trust as the basis of code signing. Anjuna uses the hardware attestation process to connect to a key manager, and only releases keys to an application after it can cryptographically prove it is the correct, unmodified code. No code can run in a Confidential Computing environment without undergoing the attestation process and by this means, the integrity of the proper application binary is assured by default.
Learn More About Other Attacks!
If you missed our previous blog that dives into detail about how Anjuna provides a solution against MITRE attack T1059: Command and Scripting Interpreter, you can access that below.