Sunday, December 12, 2010

As the Worm Spins Out of Control

War is heck! Picture a "pilot" manipulating the joystick controlling the flight of his aircraft… half a world away… a drone on a mission across the terrorist safe haven area in Pakistan's Tribal District… searching for enemy targets for its onboard missiles and gathering visual information, night and day. Imagine a computer programmer inventing ways to penetrate sophisticated governmental antivirus shield… with malevolence on his mind. We've seen a pile of "virtual attacks" many of which began in earnest back in 2008, accelerating into 2009, and what is hitting today is fascinating.


Within the first month of China ’s Defense Ministry setting up cyber-shop (on August 20, 2009), 2.3 million attempts to hack into the system were recorded! Just days before Russian forces invaded the nation of Georgia in early August, 2008, Georgian-government file servers (their digital storage systems) and Websites were taken out by an explosion of messages, many directed from the United States . The August 13, 2008 New York Times reported: “Researchers at Shadowserver, a volunteer group that tracks malicious network activity, reported that the Web site of the Georgian president, Mikheil Saakashvili, had been rendered inoperable for 24 hours by multiple D.D.O.S. attacks.” This is the first recorded use of such a cyber attack in a military conflict. The principal message of this cyber attack: “win+love+in+ Russia .”


Shortly thereafter, on Thanksgiving (November 27, 2008), a “malware” computer attack of the U.S. Central Command (which oversees combat operations in Iraq and Afghanistan ) also appeared to originate from “somewhere inside Russia ,” and wreaked havoc with vital defense systems in the region. The virus appears to be of a new variety that is designed specifically to disable or cripple military networks. We can expect this form of attack to become a routine aspect of warfare, probably expanding to target the Web connectivity of entire nations, slamming both military and civilian targets. To this day, the U.S. government clearly states that we are truly unprepared for the havoc that will result from a well-coordinated cyber-attack across our power grids, online financial networks and in many case actual U.S. military sites. Can an outsider shut down America?


But cyber-warfare is current and constant, with perpetrators often staying quietly in the background, denying any real involvement. So it is with a recent "Stuxnet" computer worm that has found its way into India, Indonesia and most importantly, Iran. For those who want to know the difference between a computer virus and a worm, Wikipedia offers this explanation: "A computer worm is a self-replicating malware computer program. It uses a computer network to send copies of itself to other nodes (computers on the network) and it may do so without any user intervention. This is due to security shortcomings on the target computer. Unlike a virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer."


While no one is admitting culpability at to this very recent worm attack, it is said that security experts in Israel are smiling. But what this Stuxnet critter does or has done to Iran's nuclear program is very interesting, especially as Iran just announced an entirely new and vastly more sophisticated anti-aircraft detection and destruction program to protect its secret sites from missle strikes and bomber assaults. The November 18th New York Times explains: "Experts dissecting the computer worm suspected of being aimed at Iran’s nuclear program have determined that it was precisely calibrated in a way that could send nuclear centrifuges wildly out of control… The new forensic work narrows the range of targets and deciphers the worm’s plan of attack. Computer analysts say Stuxnet does its damage by making quick changes in the rotational speed of motors, shifting them rapidly up and down… Those fluctuations, nuclear analysts said in response to the report, are a recipe for disaster among the thousands of centrifuges spinning in Iran to enrich uranium, which can fuel reactors or bombs. Rapid changes can cause them to blow apart. Reports issued by international inspectors reveal that Iran has experienced many problems keeping its centrifuges running, with hundreds removed from active service since summer 2009."


The destruction of entire economies, communications networks, military defense capacities, weapon systems and the like are destined to be determined in the dark corners of the intelligence world as geek-soldiers work to undermine the cyber nexus that holds modern societies together. Just picture what the U.S. would look like if such a diabolical attack were even partially successful. Our dependence on technology has created vulnerabilities that few could have dreamed of even a decade ago.


I'm Peter Dekom, and it is what it is… but if….

No comments: