Catarina's World

Innovation is the name of the game and applies not only to businesses but espionage as well. Gone are the days when 007 was sent to sort out Blofeld. Bond is about to be made redundant and most of his work will be done online. Devote 2 minutes to watching  a cyber security expert explain the workings of espionage program Flame that is targeting governments and businesses in the Middle East:

Iran and Israel/Palestine have been the main targets which have made experts all over the world believe that America and/or Israel is behind it.

The New York Times have looked into Struxnet and Olympic Games (the code name given to it already by the Bush White House) for 18 months. According to their article, Struxnet suddenly started spreading into computers outside the Iranian nuclear plant and the Americans believed the Israelis had done something to enable that. Maybe that was the beginning of Flame? If so, it wouldn't surprise me if the hackers that work for Israel's Unit 8200, that I wrote about in  Cyber Warfare – Hackers to the rescue, were behind it. Maybe it's time to make "hacker" a profession and enable more of them to use their skills in positive ways to protect governments and businesses against this kind of attacks, instead of in destructive ways?

Imagine a virus that can delay exports

Flame not only steals information but is also said to have disrupted oil exports by shutting down Iranian oil terminals. But then again,  Struxnet destroyed some of Iran's nuclear centrifuges. 

What nation state is behind it?

A security official in China was arrested this year for spying for the US. Maybe he handed over the information needed to get Flame into Chinese networks and places of interest?

Can't help wondering if some other nation could be behind Flame? The Chinese government is actually known for their cyber activities and so is Russia and Iran. But according to the above mentioned article in The New York Times, the era of viruses such as Flame started when George W. Bush was president. Having falsely accused Iraq of having weapons of mass destruction he had no credibility for, again, accusing a country of nuclear ambitions. And the Iranians knew it. So when Bush was presented with the opinion of cyber warfare he found the sophisticated cyber weapon too good to resist. Obama followed suit and in fact speeded up cyber attacks against the Iranians. 

Just read an article in in Foreign Policy Magazine asking if there are US special ops inside North Korea. Maybe to find the information needed to get Flame into places of interest in Pyongyang? If so, in the future Flame and its successors may take care of espionage in North Korea as well. The new cyber spy tool sounds to me not only to be up to the task but able to penetrate where ops cannot thread. 

The beginning of a new era

Seems to me that using viruses like Flame is the way of the future for espionage. Catch is, all nations will follow suit, if they haven't already. And that includes Iran and North Korea. In fact, how long will it take before Iran pays the US and Israel back for Struxnet?  It's essential for all countries in the world to boost their ability to withstand such attacks. And the same applies to businesses who may otherwise have their secrets stolen and their markets taken away. 

Do you believe viruses such as Flame is the way of the future? Should all countries and businesses increase their ability to withstand such attacks?Are the US and/or Israel behind Flame? Will the number of James Bonds in the world be gradually reduced? Catch is the Blofelds of this world neither are, not will be, in decline. Should hacking be made a profession in order to benefit from their skills? Is privacy gradually becoming a thing of the past? Will we all have to get used to a world where everything is seen and heard? If so, will the 007s or Blofelds be the winners? Or maybe the Bond Girls? If so, hopefully the good flames that end up with Bond in the end. The current Flame beats most honey traps, after all.

Video: ReutersTV -YouTube

In the future, a US president could consider economic sanctions, cyber-retaliation or a military strike if key US computer systems are attacked, officials said in the wake of recent attacks on the defense contractor Lockheed Martin.

The world should follow Israel’s example and offer hackers the choice of going to prison or work for the state. It’s actually an excellent way of making use of hacker’s talents instead of them being used destructively, or worse for criminal purpose.

The Pentagon is busy drawing up a cyber defense strategy to protect America from cyber attacks from foreign nations.

Leaders in cyber warfare

The Center for a New American Society published a study claiming the United States, Britain, France, Israel, Russia and China as the leaders in cyber-war. They also believe Moscow and Beijing view cyber-attacks as an attractive option in the event of a major conflict.

Alarming isn’t it? Obviously cyber warfare is a horrendous prospect that we would all like to avoid. Somehow it doesn’t seem fair. Or maybe it’s no worse than military action? Catch is it can also be carried out by any criminal organisation wanting to say black mail a government to release one of their own from prison. Or hold a corporation at ransom.

Growing concern about the reach of hackers

Internet-based attacks on critical systems such as gas, power and water have increased around the world.

The Wall Street Journal reported that the Pentagon strategy will classify major cyber-attacks as acts of war i.e. paving the way for military retaliation. It’s intended as a warning to foes that may try to sabotage the US electricity grid, subways or pipelines, officials said.

“If you shut down our power grid, maybe we will put a missile down one of your smokestacks,” a military official told the Wall Street Journal.

Considering that China and Russia are, rightly or wrongly, considered the most likely sources of such attacks I really don’t see how the United States could take military action? Unless of course they intend to start World War III?

Governments and companies open to attacks

Sony was for the third time since April this year attacked by a group of hackers calling themselves Lulz Security. According to those hackers it was child’s play to get access to Sony’s information since it wasn’t even encrypted. And China recently, again, according to Google, hacked them from a Chinese military cyber warfare unit, to get access to US and Asian senior officials’ gmail accounts.

From what I understand most information online is easy for hackers to access which is a terrifying prospect. It actually seems that most companies have only bothered to really protect credit card details, if that. No wonder it’s easy for criminals to steal identities.

Israel knows the name of the game!

Obviously drastic measures are needed to prevent cyber wars and handle attacks if and when they happen. And unfortunately sometimes go on the offensive as well.

The most intelligent solution I have come across is the way Israel is handling the problem.

Already in the 1990s they decided to conquer cyber warfare and presented Israel’s hackers with a choice of going to prison or work for the state.

That was the start of defence unit 8200 that thousands are said to have joined since. Needless to say this smart move has given Israel an advantage in a world rapidly immersed in cross border technology attacks.

Unit 8200 is a leader in high technology warfare. It’s actually widely believe that’s where the Struxnet worm was created. If so maybe they did the world a favour?

The West scrambling to bolster its capabilities

The US has, for instance, set up Cyber Command to coordinate its ability to withstand an attack. Britain has Cyber Security Operations based at GCHQ, as well as Ministry of Defence and Cabinet Office units to guard the national infrastructure.

A new cyber warfare strategy in the US will most likely mean that Nato will have to devise its own rules or response to cyber-attacks. The alliance need to examine whether or not its principle of collective defence will apply to online warfare as well.

Iran, not least because of Struxnet, is also believed to have assembled a cyber warfare crack team. Am sure that not only Iran but North Korea and other such states are at the minimum starting to build up units that can conduct cyber attacks. So it’s high time for the rest of the world to seriously increase online safety. The time when systems for gas, electricity and water didn’t need to be protected are long gone. So the rest of the world needs to wake up and follow in Israel’s footsteps. Better late than never.

Hackers, usually learn their skills engaging in illegal activity as teenagers. However, most of them are not hardened criminals. They really have a lot to offer all countries when it comes to defence against cyber warfare, or going on the offensive against an enemy. In my opinion we should all follow in Israel’s footsteps and offer our hackers a choice of going to jail or work for the state. Do you agree with me or do you have a better idea of how we can defend ourselves against cyber attacks, and hackers in general, for that matter?

photo: José Goulão – Flickr