How Can We Stop ‘ROP’ Cyberattacks?

By on

rop1

IBM recently announced a software-oriented solution to help eradicate attacks by return-oriented programming (ROP) malware. ROP malware is a significant and growing problem in the industry. Crafty hackers will use snippets of code from other trusted programs and stitch them together to create their attacks. This method has become a very popular and effective technique for top malware.

The Security Intelligence article states that “almost 90 percent of exploit-based software attacks use the hostile ROP technique in the chain of attack.” The story also referenced a blog I wrote in June about how McAfee and Microsoft have developed a hardware-based solution. Leading companies are looking to prevent these types of attacks.

This problem is real, and will likely be a favorite method of attackers because of its effectiveness and stealth properties. Because ROP malware uses parts of trusted code, it is very difficult to detect and stop. Software solutions have tried in the past to stem the problem, but have largely been unsuccessful. Software fighting software is just too even a fight; attackers need to find only one way around preventive solutions to win. I hope the IBM solution has a positive effect, but am concerned about its long-term viability.

In the end, I believe the future of ROP security will be based on features embedded beneath the software, operating systems, virtual machines, and even the firmware. It will be located in the hardware processor itself. Hardware remains outside the maneuvering zone of software hackers, and thus can give a definitive advantage to securing the system from ROP-based attacks. The architecture can be designed to give advantages to secure computing practices, help operating system be more secure, and compensate for vulnerable software.

Regardless of where the solution lies, it is very important for innovative minds to continue to work on taking the fangs out of ROP attacks.

 

Interested in more?  Follow me on Twitter (@Matt_Rosenquist) and LinkedIn to hear insights and what is going on in cybersecurity.

Similar articles

At the end of last year, a survey revealed that the most popular password was still “123456,” followed by “password.” These highly hackable choices are despite years of education around the importance of password security. So, what does this say about people who pick simple passwords? Most likely, they are shooting for a password that is ...
Read Blog
If you’re a gamer, you know how important virtual currency is. It allows you to purchase new costumes and weapons to personalize your avatar. But how does one go about gaining virtual currency? Players complete in-game challenges and are rewarded with coins to spend in their virtual world. These challenges can be pretty difficult and ...
Read Blog
Cryptocurrency mining is the way transactions are verified and added to the public ledger, a database of all the transactions made around a particular piece of cryptocurrency. Cryptocurrency miners compile all of these transactions into blocks and try to solve complicated mathematical problems to compete with other miners for bitcoins. To do this, miners need ...
Read Blog