OVER THE WEEKEND, I started to do some catch up reading on "cyber-terrorism" in the context of the continuing Anonymous/hacktivist DDoS attacks on commercial internet sites such as PayPal, MasterCard and Amazon.
In my preliminary search, I came across this report in last week's Time Magazine--Swampland.. Once again I was distracted by the STUXNET software worm which is familiar to ZH readers.
"The experts at the Congressional Research Service have just issued a chilling report entitled The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability. Unfortunately, the title is a statement; there's no question mark at the end. The Stuxnet's initial target was apparently Iran's nuclear program, and it's obvious that someone, somewhere is developing insidious computer programs that could change life as we know it:
From the perspective of many national security and technology observers, the emergence of the Stuxnet worm is the type of risk that threatens to cause harm to many activities deemed critical to the basic functioning of modern society...Depending on the severity of the attack, the interconnected nature of the affected critical infrastructure facilities, and government preparation and response plans, entities and individuals relying on these facilities could be without life sustaining or comforting services for a long period of time. The resulting damage to the nation's critical infrastructure could threaten many aspects of life, including the government's ability to safeguard national security interests."
The significance of the STUXNET worm, which has been described as the "first precision guided cyber-munition" is apparent from this further excerpt:
"Since the invention of the first computer-assisted industrial control system (ICS) device over 40 years ago, both the technical and national security communities have voiced concerns about software and hardware vulnerabilities and potential security risks associated with these devices. Such concerns have generally involved the infiltration of a computer system for purposes of degrading its capabilities, manipulating data, or using the device to launch cyber attacks on other systems. The Stuxnet worm, which was first reported in June 2010 by a security firm in Belarus, appears to be the first malicious software (malware) designed specifically to attack a particular type of ICS: one that controls nuclear plants, whether for power or uranium enrichment. The malware attacks and disrupts a Microsoft Windows-based application that is employed by a particular ICS produced by the German company Siemens. The worm can be spread through an air-gapped network by a removable device, such as a thumb drive, and possibly through computers connected to the Internet, and it is often capable of remaining hidden from detection. It is difficult to determine the geographic origin of the malware, as cyber attackers often employ sophisticated methods such as peer-to-peer networking or spoofing IP addresses to obviate attribution. Likewise, malware placed on a removable device may contain no signatures that would identify its author. Some security analysts speculate that Stuxnet could have been developed by a Siemens insider who had direct access and knowledge of the system; others contend that the code’s sophistication suggests that a nation state was behind the worm’s development, either through proxy computer specialists or a government’s own internal government and military capabilities.
To date, numerous countries are known to have been affected by the Stuxnet worm to varying degrees of disruption in their technology systems. These include Iran, Indonesia, India, Pakistan, Germany, China, and the United States. A lack of publicly available information on the damage caused by Stuxnet in these countries makes it difficult to determine the malware’s potency."
It is fascinating to consider how bytes can be substituted for bombs. It is even more fascinating when you read reports of how STUXNET is wreaking havoc on its apparent target, the Iranian nuclear program.
Today Fox News (I know don't say it) reports: "Iran's nuclear program is still in chaos despite its leaders' adamant claim that they have contained the computer worm that attacked their facilities, cybersecurity experts in the United States and Europe say.
The American and European experts say their security websites, which deal with the computer worm known as Stuxnet, continue to be swamped with traffic from Tehran and other places in the Islamic Republic, an indication that the worm continues to infect the computers at Iran's two nuclear sites.
Ralph Langner, the German expert who was among the first to study and raise alarms about Stuxnet, said he was not surprised by the development. “The Iranians don’t have the depth of knowledge to handle the worm or understand its complexity,” he said, raising the possibility that they may never succeed in eliminating it. “Here is their problem. They should throw out every personal computer involved with the nuclear program and start over, but they can’t do that.
Moreover, they are completely dependent on outside companies for the construction and maintenance of their nuclear facilities. They should throw out their computers as well. But they can’t,“ he explained. “They will just continually re-infect themselves.” [Emphasis added] “With the best of expertise and equipment it would take another year for the plants to function normally again because it is so hard to get the worm out. It even hides in the back-up systems. But they can’t do it,” he said.
Read the Full Article here: http://www.foxnews.com/scitech/2010/12/09/despite-iranian-claims-stuxne…
Ouch!
On top of all of this, the Iranian scientist in charge of countering the STUXNET worm was recently blown up.
What we are witnessing is the nascent stage of a new and improved kind of warfare, which is apparently being waged very effectively by someone who does not like the idea of Iranians with atomic bombs. A kind of warfare that uses bytes alongside well placed bombs.
Most troubling, there is nothing that prevents this kind of Byte Warfare from being brought to our home turf. No doubt there are people in far away lands working 24/7 to figure out just how to do it. Moreover, the prospect of this technology falling into the hands of subnational terrorist/criminal organizations is frightening to say the least.
Is not not ironic that in the Iranian case, a program to create the ultimate form of Clausewitzobolical weapon (an Atomic bomb) is being stymied by an example of the new class of so called "asymmetrical cyberweapon."
Link to Full CRS Report: Here
On Cyberterrorism In The Information Age: Here
WB7