Saturday, 6 December 2014

Book Review: Cyber War is already upon us

Historians might find it difficult to differentiate between the 1990s and 2000s. They will however have one technology which made the 21st century truly different: the internet.

That’s a technology the authors of the poignant book Cyber War: The next threat to national security and what to do about it fully understand. There’s a war going on behind the curtain in cyberspace that almost no one gets to see. Increasingly this war is targeting real people with real lives, and it’s only going to get worse.

Raise your hand if you’ve heard about cyber attacks? Stupid question? Maybe, but while most people vaguely know about cyber attacks how many know how to spot one or even how they work? No one’s hands are still up. Really?!

That’s probably not entirely unexpected. The concept of computer coding is pure magic to most people over a certain age (and most people in general, if we’re being honest). If they didn’t grow up using it, coding isn’t something executives or professionals will probably ever do for fun.

Yet coding and the internet is all around us. We’re not living in The Matrix but the internet is part of our banking applications (who goes to the local bank teller anymore?), cars, communication devices and all the way down to what food we should eat next.

The internet is now the very foundation of businesses. Some companies don’t exist in the physical world at all, aside from computers in an office, everything they do happens online and nowhere else. Without the internet, a lot of people would struggle to make a living at all.

But the fierce fighting on the internet is affecting not just businesses - which lost billions of dollars this year from cyber attacks - but it is hurting everybody.

As the authors point out, real people are trying not to be killed by what’s happening on the internet. Cyber attacks can’t quite reach out into the physical world because there’s still a wall between the cyber domain and human domains. People are trying to find ways of tearing that wall down however.

Sometimes internet attacks can already affect the real world. The authors use the example of Estonia in 2007 when a group of “patriotic Russian hackers” – everyone knows it was the Kremlin - effectively shut the Estonian government down by overwhelming its computers with what is known as a distributed denial of service (DDOS) attack.  

These attacks employ the services of potentially hundreds of thousands of compromised computers to request data from certain sites until the servers collapse under the weight of requests. It can cost thousands of dollars to repair such damage and get the websites running again.

In Estonia, the attacks coming from Russia spread to affect almost all of the Estonian cyber world – not just the government computers which were the primary target.

That might not sound like a national security threat but in Estonia in 2007, the Baltic country was the most wired and internet-savvy population on the planet.

Almost every facet of the country’s economy, government and infrastructure relied on the internet. Shutting it down effectively brought the country to its knees. There is no better premonition of what the future holds as the world becomes just as wired and interconnected as Estonia was in 2007.

That was the first volley in the war raging behind the cyber curtain. No bullets have been fired (yet) although it’s very clear to observers that every nation-state from the US through to Iran, North Korea, France and even New Zealand must be trading digital blows in quiet.

In late November this year, for instance, cyber analysts in Russia discovered a new form of a highly-sophisticated computer worm probably created by a nation state. Called “Regin”, only a smattering of details are known about it, but it certainly wasn’t formed by a criminal enterprise or a sour hacker in some basement.

The discovery of Regin was important news because the last one of these worms analysts found in the wild revolutionised the consequences of what’s going on.

The Cyber War book is aptly named when it comes to this so-called infamous “Stuxnet” worm. This worm is so complex and built perfectly for a particular target that, when it infected the computers it was looking for, it hid itself in innocuous coding avoiding detection for months while it planned its strike.

And that’s where the story gets interesting. Once analysts dissected the Stuxnet worm they found it was fabricated to infect a particular type of computer program created by the German infrastructure manufacturer Siemens. On which computers was this program operating? It was running a centrifuge in an Iranian power plant suspected to be enriching uranium to weapon’s grade levels.  

The worm snuck in - via a method still unknown - instructing the computers to spin the centrifuges at self-destructive speeds while displaying to the watching technicians that everything was normal. The resultant 2010 destruction of the centrifuges crippled the Iranian enrichment programme from which they are still recovering.

Now, there are a number of nation states which would dearly love for an event like this to happen to Iran’s nuclear programme. In fact, there really aren’t a lot of nations willing to publically condemn such an action.

Some have pointed to the US and Israel as likely suspects, but that is speculation. There is no evidence implicating either states.

In the short term, destroying the centrifuge was an unarguable good for international security. However, that’s only a limited perspective. There is a far scarier way of looking at this event as a seminal moment in history. All this takes to understand is to describe the Stuxnet attack in a slightly differently way.

For instance, in 2010, someone - very clearly a nation state - created a malicious worm to infect a computer system belonging to and operated by another nation state.

The worm then broke into what could only being described at the time as that nation’s critical civilian infrastructure and proceeded to destroy it.

If this doesn’t blur the lines between the digital and physical worlds, it’s unclear what will qualify.

There’s a good analogy for this. Someone has crossed the proverbial Rubicon and there is now a legion on the other side of the river. Not wanting to mix the historical analogies too much, but hearing about this event feels a bit like 1939. No wonder the cyber conflict is heating up.

The authors use many other examples of events in the new digital world. It’s becoming extremely clear that the existing social and political systems are not capable of dealing with the internet and all its promises and perils.

At the same time that governments are trying to protect digital society, it is using the internet to fight its wars. Who will guard the guards themselves?

The book isn’t overtly bleak - the internet probably won’t kill us all. And yet the people charged with protecting the populace are struggling to pass effective laws to keep up with the changes and may be running out of time. 

No comments: