If you are a network manager, a computer systems administrator or a computer security specialist, you have undoubtedly heard about the Flame trojan, a malware program that redefines ones concept of espionage and warfare on the cyber front.
In a recent post on The Weekly Standard magazine’s Web site, Jonathan V. Last provides an interesting perspective of the Flame pertaining to what Flame means in terms of the evolution of malware.
Bride of Stuxnet
Webcraft as spycraft.
http://www.weeklystandard.com/articles/bride-stuxnet_646424.html
While accurately describing Flame as “the most spectacular computer worm ever made”, Jonathan Last minimizes the true threat it presents by categorizing it as “the perfect spy.”
Aside from the obvious espionage threat this malware poses, its potential evolution as a disruptive and destructive threat is far more ominous. The current Flame trojan could be merely a first release in the wild, a recon version on a spy mission, from computer geeks and hackers with hostile anti-American or anti-Western intent. The ramifications of such a weapon in the hands of terror organizations willing to sacrifice everything to advance their agenda could be devastating.
Our next great war will not be on land, sea, or in the air but across the wire. Cyber warfare may sound simplistic and inconvenient but it has the potential to be deadly and world changing. Having dealt with computer security throughout my career, I have warned for years about the ever increasing prospects for cyber warfare.
Crashing the FAA Air Traffic Control system is not the worst scenario. Consider the effects of altering the data so that pilots and controllers don’t have a clue about the proximity of traffic around them; or sending computer guidance systems the wrong landing data in order to corrupt automated landing systems, especially hazardous late at night or in bad weather.
Crashing the nation’s energy grid is not the worst scenario. But re-routing power across major transmission centers in order to cause an overload and damage the facilities requiring days or even weeks to repair during a heat wave or harsh winter storm.
Crashing Wall Street or NASDAQ, even the SWIFT banking system that handles the majority of all the fund transfers worldwide, is not the worst scenario. Altering or erasing data to obfuscate holdings or corrupt accounts could create chaos, panic and a run on the world’s money supply with dire consequences. Most of the world’s money is held electronically and not backed by currency or commodities. A sudden universal run on financial systems would leave a large majority of people penniless and close most banks causing a financial meltdown that would make the Great Depression look like a cakewalk.
The possibilities and consequences abound that could affect virtually every aspect of our lives as we become more and more dependent upon technology.
Our nation is not merely a white hat defender in this emerging confrontation. While defending against virtually non-stop attempts to breach its systems, the U.S. is also a combatant, aggressively targeting domestic and foreign enemies, including al Qaeda and its off shoots, with a strike first defensive goal. This effort is a carefully guarded secret but cautiously acknowledged in intelligence circles.
Beyond the threat of an intentional attack, there is also the risk of an unintended boomerang. Like the Australian Aboriginal hunting tool of old, a cyber boomerang would occur when a combatant’s efforts to strike an adversary goes awry and returns home. Viruses, trojans, malware, etc. are all software programs complete with the inherent possibilities of flaws and oversight due to human logic, especially as the efforts increase in sophistication. The boomerang threat, at which point we become our own worst enemy, is less of an IF scenario as a WHEN time frame with the amount of self-inflicted damage being predicated by HOW WELL PREPARED we are to defend against our own best efforts or those of an ally.
Fortunately, most efforts to date have been well coordinated between allies and tightly focused to minimize any threat of a boomerang. However, despite being the world leader in computer software development and technology in general, the U.S. is not immune from error and remains vulnerable, even to some of our own allies.
An interesting side note to the article is that Eugene Kaspersky, CEO and co-founder of the Kaspersky Labs mentioned in the article, graduated from the Institute of Cryptography, Telecommunications and Computer Science, co-sponsored by the Russian Ministry of Defence and the KGB. During the Cold War and for some time afterwards, it was reported that one of the graduation requirements towards earning a Computer Science degree from certain eastern bloc countries was to write and release a computer virus into the wild, a supposition supported by the many early viruses that were traced back to eastern bloc countries.
It was Kaspersky Labs, a Russian based company, that helped the Iranians diffuse the Stuxnet worm that targeted the Iranian uranium enrichment centrifuges. With Kaspersky’s assistance, the Iranians were able to minimize the damage and continue enriching uranium towards the potential manufacture of a nuclear weapon. Despite such actions being in direct violation of U.N. and U.S. Iranian Embargoes in place at the time, Kaspersky Labs continues to enjoy a robust market here in the U.S. as one of the largest suppliers of anti-virus software to individuals and corporations alike, and a major provider of the core logic used by dozens of other less widely used anti-virus software.
So while dirty bombs, even nuclear attacks, and biological weapons remain a real threat, they are far more complicated to devise and execute, providing many more opportunities to be discovered and thwarted, than cyber attacks that can inflict equally, if not more, devastating results on their target.
. . .