Tag Archives: cyberwar

Botnet blue-screens 100,000 PCs

Ye olde Blue Screen of DeathUsually, it’s in the best interests of a botnet operator to let the infection sit on the host machine until finally detected and expunged by the end user. After all, the longer you stay in, the more chance you’ve got of hoovering up useful goodies and infecting other computers.

But the worms and trojans that carry the infections often have less subtle capabilities built into them, as was demonstrated last month when the person (or persons) controlling the Zeus botnet used it to completely FuXx0r a hundred thousand windows machines:

Zeus, unlike many other malware programs, managed to make each installation appear different to virus trackers so that it would be more difficult to remove. But Zeus had another interesting feature—one that isn’t terribly uncommon among botnet software, it turns out. A command was built into the software to kos—or “kill operating system”—and it was apparently executed some time last month.

The reason for BSODing 100,000 machines isn’t quite clear, but several security experts have offered up their opinions. S21sec wrote on its blog that those behind Zeus might have wanted more time to exploit the financial data they had harvested by removing the user’s ability to get online and see that money was being transferred.

It may even have been a momentary error, or a flashy cut-and-run. What interests me about this story is that it shows a new potential angle for so-called cyberwarfare – one that could be more easily justified as a politically motivated attack.

Let’s say you could target all the computers belonging to a specific government or corporation; that wouldn’t be too hard to do with a little research into IP numbers and so forth. If you get a good enough infection rate – and knowing how weak most computer security procedures are, even in organisations that should know better, that shouldn’t be too hard a trick either – you could then choose to deep six that organisation’s computer infrastructure at a time of your choosing with the press of a few keys. If your trojan was designed to do nothing else, or its other capabilities were left inactive, that potential could sit unnoticed for some time – until your revolution was ready, perhaps, or your planned day of protest actions, or your stock value raid. To put it in medieval terms, it would be like having a bunch of sleeper-agent sappers spread throughout your enemy’s castle, waiting for the horns of Jericho. [image by Justin Marty]

It’s probably not the sort of thing that an organisation or country with any reasonable military clout would bother deploying, but destructive botnet warfare (as opposed to corrosive attacks, fraud or espionage) will appeal to the geographically-scattered groups who lack the sort of conventional leverage that can be gathered in one place; 100,000 dead PCs won’t bring down a government or kill a company, but it’s going to make a loud and expensive statement for a very small financial outlay.

Botnets still seem predominantly the concern of criminals with a financial motivation, but as the recent Palestinian conflict demonstrated, political factions are waking up to the potentials; when the situationists and anarchists get wind of this stuff, they might start thinking bigger than smashing bank windows or releasing the penguins from your local zoo.

Cybercrime isn’t all that bad…

…or at least as bowel-voidingly terrifying as people might think.

Prof David S. Wall from the University of Leeds has published a paper – Cybercrime and the Culture of Fear: Social science fiction(s) and the production of knowledge about cybercrime – which has been profiled on IO9 that claims that:

Cyberpunk effectively defined cybercrime as a harmful activity that takes place in virtual environments and made the ‘hi-tech low-life’ hacker narrative a norm in the entertainment industry. It is interesting to note at this point, that whilst social theorists were adopting the Barlovian model of cyberspace, it was the Gibsonian model that shaped the public imagination through the visual media.

Of “the Barlovian model of cyberspace,” to save you the trouble of Googling, after the IO9 article there is an extract from a lecture on Media and Cyberculture, which says that Barlovian refers to John Perry Barlow, the Grateful Dead lyricist, and one of the founders of the EFF. He declares in A Declaration on the Independence of Cyberspace :

“We are creating a world that all may enter without privilege or prejudice accorded by race, economic power, military force, or station of birth, We are creating a world where anyone, anywhere may express his or her beliefs, no matter how singular, without fear of being coerced into silence of conformity. In our world, whatever human mind may create can be reproduced and distributed infinitely at no cost. We must declare our virtual selves immune to your sovereignty, even as we continue to consent to your rule over our bodies. We will spread ourselves across the Planet so that no one can arrest our thoughts. We will create a civilization of the Mind in cyberspace. May it be more humane and fair than the world your governments have made before”

Which is interesting, to say the least. Check out Professor Wall’s paper in full here (I doubt I could write a better profile than the one at IO9).

And if that was not enough, you too can immerse yourself in the reality of being a successful cyberpunk novelist and Zeitgeist-definer by listening to William Gibson’s playlist.

[story via Beyond the Beyond, William Gibson’s playlist via Boing Boing]

Carpet-bombing in cyberspace – the case for a military botnet

Bombs in an aircraft bomb-bayMore botnet news, this time in the form of military fist-shaking bluster! Here’s an article [via SlashDot] in the Armed Forces Journal that suggests the US military apparatus should build its own botnet for “the ability to carpet bomb in cyberspace”:

“The time for fortresses on the Internet also has passed, even though America has not recognized it. Now, the only consequence for an adversary who intrudes into or attacks our networks is to get kicked out — if we can find him and if he has not installed a hidden back door. That is not enough. America must have a powerful, flexible deterrent that can reach far outside our fortresses and strike the enemy while he is still on the move.”

If I’m not very much mistaken, Colonel Williamson has only partially grasped the whole “internet as a non-locational space” thing.

“As much as some think the information age is revolutionary, local networks and the Internet are conceptually similar to the ancient model of roads and towns: Things are produced in one place and moved to another place where they have more value.”

Well, yes – things are produced in one place, sometimes (er, crowdsourcing?). But with the web, that thing can then be everywhere, all at once. Data is an infinite good. Colonel Williamson’s talk about roads-and-towns and “states competing against one another” goes a long way toward suggesting why traditional military organisations have struggled to combat terrorism – they simply don’t have a clue how it (or the internet) works.

But back to the carpet-bomb botnet – Colonel Williamson says that “[t]he U.S. would not, and need not, infect unwitting computers as zombies.” Instead, he thinks it best that the power be built up legitmately – which, again, kind of misses the point of a botnet, in that they’re designed to leverage an amount of hardware that would be financially impractical to buy, build and maintain. [image by TailspinT]

Here’s a better idea – how about a kind of “Milnet@home” project? Show your love and pride in your nation by letting it use some of your spare cycles for smiting the enemy! Come on – you’d trust Uncle Sam with your computer, wouldn’t you?

Battles in cyberspace: Anonymous vs Scientology

William Gibson, considered by many to be the father of cyperpunk, has written recent novels in the present time as we’re almost in a cyberpunk world alreadyWhen the first cyberpunk writers picked up their pens in the eighties and wrote about conflict acted out over computer networks, it seemed like a lifetime away. In recent years we’ve seen internet attacks on Estonia and on power infrastructure. Countless griefers, hackers and virus-creators have found a way to virtually attack others.

Now it seems there’s something akin to a war on in one corner of the internet. A number of individuals calling themselves ‘Anonymous’ have posted a series of videos on Youtube decrying the Church/Cult of Scientology and what they call its manipulation of its followers. In related moves, a number of high profile Scientology websites were attacked by hackers and taken down. The Anonymous group seems to be using many of the techniques used by Alternate Reality Games like World Without Oil or Perplex City to create a campaign against elements of the real world.

It’s very reminiscent of the blending between virtuality and reality seen in Charles Stross’ Halting State. You can find Anonymous’s original message to Scientology video here and their reply to the media interest here on Warren Ellis’ blog. A new video was released yesterday explaining some more of the group’s message, in particular making it clear they are not just a group of hackers. It also warns of protests against Scientology on the 10th February. Whoever is doing it and for what reason, it’s a fascinating example of just how different our world(s) are now compared to even a few years ago.

[via Elizabeth Bear, image via Wikipedia’s page on William Gibson’s Spook Country]

Mixed messages: Wired in two minds over Estonian “cyberwar” story

For me, the most interesting thing to come out of the so-called cyberwar DDoS attack on Estonia back in May this year is the different ways that different media have approached the story. Nowhere is this more obvious than with Wired; the magazine ran a long and beautifully written piece that completely overstates the issues for the sake of sensationalist warnings about potential risks to the US, while blogger Kevin Poulson cheerfully dissects and deflates all the hyperbole while sitting in an office at the same company headquarters.

Of course, I’m not suggesting that bloggers are inherently less prone to sensationalising a subject … but I’m increasingly finding the web is a better news source, precisely because I can get a broad selection of angles on a story with ease. How about you?