Advanced Persistent Timelords

No TARDISs here!

Before I start, let’s list the arbitrarily chosen assumptions about time manipulation capabilities:

• Attackers can jump to chosen points in time but cannot move equipment through time
• They cannot jump in space
• They can meddle with the past and changes will affect the future. Let’s assume Temporal Intelligence Operatives are just really good at not causing paradoxes
• They can pause time and still move around while it’s paused but cannot interact with objects
• Our people cannot manipulate time as defence is more interesting when the odds are against you
• The general population don’t know time manipulation is possible (for a great explanation of why that’s a good idea read the short story ‘The Dead Past’ by Isaac Asimov)
• For the thought experiment, only currently possible security controls are allowed, it’s cheating otherwise

Building Security

Securing buildings will be a greater challenge if attackers can manipulate time. Building layouts will be easily derivable by jumping back to when the building was constructed and security was weaker, and then pausing time and mapping it out. Organisations will either need to apply full physical security during complete building phase or accept that their layout will be known. Temporally secure areas will need airlock doors or mantraps so that attackers cannot simply pause time while the doors are open and wander in, hide, and then unpause time when they need to interact with objects.

How do you secure a room if an attacker can jump to when a building was decommissioned (or before it was built) and then walk to where the secure room previously was and jump to when it is an active secure room. This is a significant challenge. A possible defence may be to build secure areas deep underground. An attacker would then need to dig the hole themselves if they wanted to jump to before the building was built. When the building was decommissioned, the hole can be filled in to prevent attackers coming from the future.

Attackers also may be able to go back to a building’s creation or a piece of equipment’s manufacture and place a device in it that only becomes active at the specified time and for the purpose required. This is a problem already with supply chains but it would be more difficult to detect if an attacker could use time travel. For example, they could identify the exact serial number of a printer to be placed in the secure room and go to it’s manufacturing and place a device that does nothing until the right point in time. Organisations would need to ensure complete destruction of everything that was ever in a temporally secure area.

Document Security

There will be a few extra challenges for protecting documents. The primary challenge will be that a document classification will not be changeable. For example, if a document is ever declassified the attacker can jump forward to when the document is declassified. Documents will therefore have to never be declassified or ensure that redactions applied would not give current attackers any advantage.

Document reclassification will be difficult, if a document is reclassified at a higher level an attacker may go back in time to when it was less protected and compromise it then. The only significant defence is to keep the fact that a document was ever reclassified a secret so attackers do not know which documents to target in the past, or default to classifying documents higher than would otherwise be required on the offchance they may be higher classification in the future. Documents should not ever be down classified as an attacker could simply compromise the document at that point.

Personnel Security

Extra controls may need to be taken around staff as well. There could be a risk that a previously cleared person will become compromised later in their career when they do not have access to sensitive documents and then jump back to when they did have access to a document. Current classifications can specify that a document can only ever be given to a particular individual, it may be necessary to implement a new classification that means a document can only be given to an individual at a specific point in time. For regular access to documents it would be necessary to work out where in the individual’s timeline the individual currently was, i.e. are they the ‘current time’ or are they from the future having jumped back. Organisations are not recommended to radiolabel their staff although this remains possible. (see http://en.wikipedia.org/wiki/Isotopic_labeling)

Digital Security

Digital security will be affected by a significant problem in that encryption, certainly current levels of encryption, will not be reliable. In a scenario largely stolen from the ‘Day of the Doctor’ episode, an attacker could jump forward into the future to when there is a highly powerful computer, then start it cracking the encryption and jump forward to when it was finished. Security controls for temporally sensitive documents would likely need to not be reliant on encryption, ie using other controls.

Summary

This is obviously a completely hypothetical scenario but an interesting problem in that the attacker’s capabilities are much greater than current controls are designed to deal with. There are some other interesting thought experiments not addressed here: What if the attacker can move in space and time? How would you stop The Doctor getting access to a document? If we could also use time travel, how could we use it defensively? Tweet us your ideas at @mwrlabs and these ideas may or may not be covered in a future blog. It depends on whether a future me turns up and convinces me not to.