Cyberwarfare Gets Political
This year there's a Summer Olympics, a European football contest, and a U.S. presidential election. The Olympics return to London for the first time since 1948, the Euro Cup comes to Poland and Ukraine, and the U.S. election hinges on only a few states as the USA still uses a colonial-era "electoral college" which supersedes the popular vote.
This year's Euro Cup features Eastern Europe locations -- while Ukraine struggles with its public political image, Poland emerges as a player within the EU. Five years ago, I visited the stadium in Warsaw -- it was a derelict, overgrown open-pit with rotting bleachers. Dodgy characters offered to sell me bootleg vodka and pirated CDs. Friends told me that handguns and AK-47s were sometimes on offer.
You'll see the same stadium (considerably revamped) soon as a centerpiece for Euro Cup matches. Decades ago, Poland distanced itself from what former U.S. president Ronald Reagan called the "evil empire" (the Soviet Union), then the entire "Iron Curtain" came crashing down suddenly as Western newscasters struggled to pronounce the words "glastnost" and "perestroika" . . . and the USA lost its favorite arch-enemy.
But now the Euro Cup graces the former turf of the "evil empire," and there's another presidential election Stateside. Former U.S. chief executives could often conjure villains for the electorate -- the now-kaput Soviet Union won't do. What now? What appeals to "Generation Facebook"?
What else? "Cyberwarfare." Given the rapid rise of personal-computing power, with resultant gaps in public-understanding of technology, the specter of villains lurking online -- ready to crash essential systems in a concerted cyberstrike -- holds more appeal than comparing Putin to Stalin.
Worm as Warfare
But a new report has wrenched the cyberwarfare-angle. According to the New York Times, the Stuxnet worm (one of the more sophisticated viruses ever found in the wild) is the result of "a joint US and Israeli effort to target Iran's nuclear program." IDG journalist Jaikumar Vijayan writes that the Times report "is sure to trigger a sharp increase in state sponsored cyberattacks against American businesses and critical infrastructure targets, security experts warn."
"Alan Paller, director of research at the SANS Institute, said the revelation dramatically alters the cybersecurity landscape," wrote Vijayan. "'We are now going to be the target of massive attacks,' Paller said...'for a long time everything has been under the radar, no one was really sure that the U.S. was practicing this kind of activity. The U.S. has acted like it was an innocent victim' of state-sponsored attacks by other countries, he said."
The damning Times article details some pithy moments: "'Should we shut this thing down?' Mr Obama asked, according to members of the president's national security team who were in the room."
Well, no, Mr. President, that's not how properly constructed military-specification computer viruses work when they're in attack-mode. You don't hit the 'Like' button on your friend Mister Antivirus to make it all go away.
Stuxnet, (ironically code-named 'Olympic Games' and initiated by the Bush administration in 2006) "was of an entirely different type and sophistication," according to the Times. "It appears to be the first time the United States has repeatedly used cyberweapons to cripple another country's infrastructure, achieving, with computer code, what until then could be accomplished only by bombing a country or sending in agents to plant explosives," said the article.
"Mr. Obama, according to participants in the many Situation Room meetings on Olympic Games, was acutely aware that with every attack he was pushing the United States into new territory, much as his predecessors had with the first use of atomic weapons in the 1940s, of intercontinental missiles in the 1950s and of drones in the past decade. He repeatedly expressed concerns that any American acknowledgment that it was using cyberweapons...could enable other countries, terrorists or hackers to justify their own attacks."
Ready for Cyberbattle?
And in 2012, as Londoners discover the Ministry of Defense is considering placing surface-to-air missiles on residential flats during the Olympics, the Times article said "another cyberweapon called Flame was recently discovered to have attacked the computers of Iranian officials...American officials say that it was not part of Olympic Games. They have declined to say whether the United States was responsible for the Flame attack."
The Olympic Flame seems to have acquired an unintentional double-meaning. But among these half-revealed tales of cyberwarfare, who are the real bad guys? Security experts know that malware is in a constant of flux, and actions often provoke reactions -- just ask Sony about its experience with Anonymous.
Perhaps the U.S. president was prescient by repeatedly voicing his concern over the U.S. government's actions. We can only hope that the technological expertise that created Stuxnet was also applied to hardening weak-points that may be attacked -- now that the USA has lost the moral high-ground.
No word yet on whether the U.S. presidential candidates plan to make "cyberwarfare" a campaign-issue. Perhaps this particular issue has become too hot for mere politicians to handle.