Tag Archives: espionage

Steeling data

Via Bruce Schneier, here’s a piece about how a graduate student has reinvented – and hence blown the lid off of – a technology that can “transmit data at high rates through thick, solid steel or other barriers”. It can carry power, too.

Why is this a big deal? Well, not only is it a reinvention of something that BAE had built for the British government for purposes undisclosed, but it’s a technology that can cut through Faraday cages and eavesdrop on electronic communications that are supposed to be heavily shielded from the world outside:

If you had the through-metal technology now reinvented by Lawry, however, your intruder – inside mole or cleaner or pizza delivery, whatever – could stick an unobtrusive device to a suitable bit of structure inside the Faraday cage of shielding where it would be unlikely to be found. A surveillance team outside the cage could stick the other half of the kit to the same piece of metal (perhaps a structural I-beam, for instance, or the hull of a ship) and they would then have an electronic ear inside the opposition’s unbreachable Faraday citadel, one which would need no battery changes and could potentially stay in operation for years.

So Tristan Lawry has unwittingly levelled the espionage-tech playing field. It’s hard to hide secrets about hiding secrets.

Turn-key sockpuppet software

Here’s another interesting peripheral nugget from the HBGary Federal fallout, courtesy some pseudonymous and doubtless unpaid person on HuffPo who’s been digging through the Anonymous email dump:

As I also mentioned yesterday, in some of the emails, HB Gary people are talking about creating “personas”, what we would call sockpuppets. This is not new. PR firms have been using fake “people” to promote products and other things for a while now, both online and even in bars and coffee houses.

But for a defense contractor with ties to the federal government, Hunton & Williams, DOD, NSA, and the CIA –  whose enemies are labor unions, progressive organizations,  journalists, and progressive bloggers,  a persona apparently goes far beyond creating a mere sockpuppet.

According to an embedded MS Word document found in one of the HB Gary emails, it involves creating an army of sockpuppets, with sophisticated “persona management” software that allows a small team of only a few people to appear to be many, while keeping the personas from accidentally cross-contaminating each other. Then, to top it off, the team can actually automate some functions so one persona can appear to be an entire Brooks Brothers riot online.

Cue lots of what I’m coming to recognise as the default tone of US leftists, namely “embattled panic”:

I wanted to make this clear because it is in the interests of government and propagandists, and anyone else who wants this story to go away to try and blow all this off as one little company who wrote a proposal no one even read and who isn’t even competent enough to protect its own servers so no one should pay any attention at all to what they were up to.

That is the narrative being spun, even here on this site, and it is entirely fictitious.

We are under attack. And the attackers are damn good at what they do. Pretending they’re not, or that this isn’t happening isn’t going to make it better.

Sunlight as best disinfectant… well, we can hope so, anyway. This chap (or chapess) seems to have missed a chance to deconstruct his own metanarrative at the same time (paint yourself as a footsoldier in the trenches, and you’ll hear the whistle of shells pretty quickly), but that’s a hard gig to play for anyone who’s only just realised that the kraken are battling beneath the waves.

Or maybe I’m just getting hardened to these revelations through overexposure; my first reaction to reading that piece was “what took them so long?” Given that the FBI is cheerfully making public requests to Congress for backdoor access to a whole raft of social media tools, one can assume that they’ve got a fair few already, and would like them enshrined in a framework of legality so they can use them properly…

Stuxnet almost certainly meant to hobble Iranian uranium

Remember all the hypothesising about what the Stuxnet worm was supposed to do, and who had designed it for such? Well, the expert verdicts are in, and it appears Stuxnet was designed to very subtly sabotage uranium centrifuges by varying their rotation speeds in a way that, while hard to notice for humans, would effectively negate the enrichment process they are designed to perform.

So Iran’s Bushehr plant was almost certainly the target (or one target among many); and while we don’t have (and may never have) any substantive proof as to exactly who decided that they wanted to spoke Ahmedinejad’s nuclear wheels on the sly, I think we all know how the odds would fall if you were to pop down to your local bookmakers*.

Regardless of who did it, Stuxnet represents the opening of a particularly well-stocked Pandora’s box: highly-specific sabotage targetting of embedded (and potentially critical)  industrial systems. As Bruce Sterling points out, anyone who hadn’t thought of it before has certainly thought of it now. All the recent hyperbole describing the antics of patriotic  DDoS skript-kiddiez as “cyberwar” is gonna look pretty facile when stuff like Stuxnet becomes commonplace… which, with the benefit of hindsight, may have been the entire point all along.

[ * I’ll take a £5 spread on the US and Israel, please. ]

What we know and what we assume: Schneier on Stuxnet

Bruce Schneier has a good round-up of the hard facts about the Stuxnet worm (as mentioned previously), as well as an examination of how those hard facts – combined with a few very speculative conspiracy-theory-grade interpretations of some of the more cryptic and tiny facts – have led to the current state of the story in mainstream (i.e. non-techie) media, namely “it was probably an Israeli job”.

Best I can tell, this rumor was started by Ralph Langner, a security researcher from Germany. He labeled his theory “highly speculative,” and based it primarily on the facts that Iran had an usually high number of infections (the rumor that it had the most infections of any country seems not to be true), that the Bushehr nuclear plant is a juicy target, and that some of the other countries with high infection rates–India, Indonesia, and Pakistan–are countries where the same Russian contractor involved in Bushehr is also involved. This rumor moved into the computer press and then into the mainstream press, where it became the accepted story, without any of the original caveats.

Once a theory takes hold, though, it’s easy to find more evidence. The word “myrtus” appears in the worm: an artifact that the compiler left, possibly by accident. That’s the myrtle plant. Of course, that doesn’t mean that druids wrote Stuxnet. According to the story, it refers to Queen Esther, also known as Hadassah; she saved the Persian Jews from genocide in the 4th century B.C. “Hadassah” means “myrtle” in Hebrew.

Stuxnet also sets a registry value of “19790509” to alert new copies of Stuxnet that the computer has already been infected. It’s rather obviously a date, but instead of looking at the gazillion things–large and small–that happened on that the date, the story insists it refers to the date Persian Jew Habib Elghanain was executed in Tehran for spying for Israel.

Sure, these markers could point to Israel as the author. On the other hand, Stuxnet’s authors were uncommonly thorough about not leaving clues in their code; the markers could have been deliberately planted by someone who wanted to frame Israel. Or they could have been deliberately planted by Israel, who wanted us to think they were planted by someone who wanted to frame Israel. Once you start walking down this road, it’s impossible to know when to stop.

Are those mysterious little comments in the code the flourished signatures of master cyberwar artistes? Or a frame-job packed with credible deniability? Or an elaborate double (or triple) bluff? Truth of the matter is, we’re all just guessing. They say that life sometimes imitates art; this is a case of life imitating The Illuminatus! Trilogy, only without so many puns or sex scenes. We all have a story we want to map on to the world, and it only takes a few pins to tack it down in a way that seems to explain everything…

[ * For the record, my instinct tells me – with admittedly very little professional knowledge to back it up – that Stuxnet stinks of nation-state vs. nation-state, and I get the impression Schneier thinks so too. His point is about how we treat speculative interpretations as givens when they match up with the way we already think things work… confirmation bias, in other words. ]