Cyberwar that actually deserves the name

Paul Raven @ 24-09-2010

After a few years of grandstanding and chest-thumping about the dangers of cyberwar from the military complexes of the West, especially the US, we finally see something that actually looks like a covert act of digital warfare initiated at nation-state level (as opposed to the petty vandalism and independent street-gang-equivalent activity that has been heretofore labelled as cyberwar). And you know what? It might well have been the US military establishment that did it.

The story in question is the Stuxnet computer worm, which you’ve probably read about somewhere already. But just in case you’ve not, here’s the skinny: Stuxnet takes advantage of four different security holes in Microsoft Windows (which is far from out of the ordinary; if you’re gonna rob houses, go for the ones with no locks on the doors), which means it can spread very fast; it’s controlled and upgraded in a decentralised peer-to-peer fashion (also not new, as we saw the same thing in the big botnet worms of recent times), and has the added ability to jump onto removable media (thumb drives) to expand the infection vectors.

So far, so geeky. The weird bit is what Stuxnet actually does. Rather than setting up spam email farms or harvesting credit card numbers (the traditional remunerative ends of such software), it targets a very specific type of embedded industrial control software developed by Siemens… software that, according to Wired, is “installed in pipelines, nuclear plants, utility companies and manufacturing facilities to manage operations.” Furthermore, the configuration suggests a very specific sort of installation was the intended target, and that sabotage thereof was the intent; a German researcher theorises (admittedly without much in the way of evidence) that one of Iran’s nuclear plants was the target, and that the US or Israel are the likely nation-states-of-origin. It’s a sad thing to admit, but that’s all too believable a theory… which is doubtless why it’s getting so many mentions. Read, and read widely:

Of course, plausibility isn’t probability; perhaps Stuxnet was developed by a rival company wishing to discredit the safety of Siemens’ systems*. The web enables industrial espionage, so why not industrial sabotage? But it seems an odd angle to take; deft marketing does just as effective a job of discrediting market-leading tech without engaging in criminal activity, and a black-ops hacking project would be an odd way to spend an R&D budget that would be better spent on, y’know, building a better mousetrap. Sabotage is a political act, ideological warfare… and that’s a nation-state game, not a corporate one.

It’ll be interesting to see what more we hear about Stuxnet, if anything, but I suspect it marks the start of a new chapter of geopolitics and technologised warfare.

[ * The fact that said systems run on Windows machines should be indictment enough, to be honest. ]

Be Sociable, Share!

3 Responses to “Cyberwar that actually deserves the name”

  1. werwolf says:

    you know, that last bit there [“… Sabotage is a political act, ideological warfare… and that’s a nation-state game, not a corporate one.”] – imho, that is not quite the case.

    actually, observing big brand entities – such as the usually named ones like nike, levi’s, dell and so forth, but also those that do not superficially seem like a brand-only entitiy but market their position as a brand exceptionally well, such as apple, mercedes-benz, google and so on – it does appear that there is a strongly ideological core in these entities enterprises.

    perhaps i’m a bit affected by having only recently re-read bruce sterling’s “schismatrix”, but there are many indicators that the nation-state as we know it is becoming obsolete as a working paradigm. it might be argued that it’s being replaced (within timeframes of human society, mind you) by networklike structures. and most of the aforementioned corporations do have a networklike governing structure and also seem to have ideologies. wouldn’t be too farfetched to assume that some overzealous types dabble in fantasies of creating their own “corporate states” even now. which would move sabotage right back into their playing field.

    clearly i’m just freethinking here and mixing and meshing observations, ideas and impressions without any concrete proof, but one final thought:
    clever marketing campaigns to discredit competitors can be viewed as “information sabotage” – by manipulating and perhaps even destroying/overlaying information about your competitor, you manage to harm them in one way or another and gain an advantage. why shouldn’t “information sabotage” go hand in hand with the common version of sabotage?

  2. Will says:

    The UK-US online tech ‘zine The Register reported last month that investigators have discovered that the crash of SpanAir 5022 on 20 Aug ’08 at Madrid International was caused, ultimately, by Trojan infections of an airline computer. 154 died.

  3. Tom D. says:

    Since the worm did not apparently destroy anything, and may have been aimed at preventive actions, maybe we should just call it a possible “cyber fuse.” Set to go off when things get too hot, a cyber prevention tool. Maybe something that will give its designers a Peace Prize – as it’s certainly better than MAD, it would seem.