Word Notes 9.8.20
Ep 14 | 9.8.20
remote access Trojan or RAT (noun)
Transcript

Rick Howard: The word is: remote access Trojan or RAT.

Rick Howard: Spelled: R as in Ruffin, a.k.a. Oxblood Ruffin, A is in Ada, a.k.a. Lady Ada, and T is in Tweety Fish.

Rick Howard: Definition: from the intrusion kill chain model, a program that provides command-and-control services for an attack campaign.

Rick Howard: Example sentence: Many hackers don't develop their own RATs, instead they use commodity RATs that they purchased off the Dark Web or found at open source materials.

Rick Howard: Origin: while the first ever deployed RAT is unknown, one early example is a program called Back Orifice, made famous by the notorious activist group called The Cult of the Dead Cow, or cDc. Back Orifice was written by the hacker Sir Dystic, a.k.a. Josh Bookbinder, and released to the public at DEFCON in 1998.

Rick Howard: Context: the "Trojan" in the name implies that RAT developers generally try to hide the malware on the compromised system inside other programs or disguised as other programs. The reference refers to the famous fake out in the classic story told in "The Odyssey," where in the siege of Troy, the Greeks built a giant wooden horse, hit soldiers inside, left it as a gift outside the gates of the city, and appeared to sail away. The Trojans pulled the horse into the city, and that evening the soldiers snuck out, opened the city gates and let the Greek army, which had sailed back under cover of night, destroy the city and end the war.

Rick Howard: In his Cybersecurity Canon Hall of Fame book, "The Cult of the Dead Cow," Joe Menn sums up the hacktivist group this way: "The more powerful machines become, the sharper human ethics have to be. If the combination of mindless, profit-seeking algorithms, dedicated geopolitical adversaries, and corrupt US opportunists over the past few years have taught us anything, it is that serious applied thinking is a form of critical infrastructure. The best hackers are masters of applied thinking, and we cannot afford to ignore them. Likewise, they should not ignore us. We need more good in the world. If you can't be lawful, then let it be chaotic."