Are there hackers capable of hacking anything they want to?

 It is possible to make a disconnected system essentially immune to compromise by technical means and to reduce the probability of human compromise to arbitrarily small odds, and I believe it is likely that a very small number of systems in the military and intelligence community actually deploy these protocols for things like nuclear launch codes or certain undercover operative identities. These systems would have no input or output of any sort except a monitor, keyboard and mouse, would be inside locked windowless insulated Faraday cage rooms, use filtered power supplies, and possibly other safeguards. Authorized users would be closely monitored at all times on a rotating schedule to prevent collusion.

Other than these systems, a good team of penetration testers can get into anything in a few weeks. It may take a bit longer if the defenders are good and the attackers don't want to get caught. This is a good but "normal" hackers. A guy I used to work with told me he had control of a dam within a week on one engagement (he may have been changing some details e.g. it could have been a nuclear plant). This would have been working normal 8-9 hour days. A more elite team would need less time, probably much less. 

Two important things to keep in mind: the attacker is always a team. Advanced attacks need diverse skills, and essentially no individuals have them all, and when they do it's still less efficient than using specialists. Also, attackers always use pre-existing toolkits, though typically modified for each attack. They don't really start from scratch except in very rare cases. Stuxnet is one example, which I consider to have hit the hardest target that we know to have been compromised - a disconnected network of systems in a military nuclear installation. What let Stuxnet in is that the engineers were using USB sticks to transfer files from connected computers to the disconnected network, and the virus caught a ride on at least one of those. The Heartland breach is another hard target that got hit - the attacker breached the corporate network (easy), then used a legitimate developer account to modify the protected payment network (hard). Keep in mind that the hardest targets are military/intelligence so we probably wouldn't know if they got breached.

Comments