“Should we shut this thing down?” President Obama asked, after the worm now known as Stuxnet escaped onto the web, according to an excerpt from David E Sanger’s recently published book ‘Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power’. Mr Sanger is the Chief Washington Correspondent for The New York Times, and has detailed how the Bush and Obama administrations created the cyber weapon Stuxnet, designed to spy on and subvert Iranian organisations, as well as Flame – malware with the specific purpose of targeted cyber espionage. The United States Government only recently acknowledged developing cyber weapons, and it has never admitted using them. However, Stuxnet and Flame, as well as potentially many more not known to the public, were developed under the umbrella of the US Government’s project Olympic Games, and are evidence that the US is increasingly turning to cyber warfare in lieu of traditional military means.
Dating back to 2006 under the Bush administration, Olympic Games was created as a response to Iran continuing to enrich uranium at an underground site at Natanz. President Bush saw few options for dealing with Iran; America’s European allies were anxious about the effect imposing sanctions on Iran would have on their own economies, as well as Bush himself having little public credibility after falsely accusing Saddam Hussein of having Weapons of Mass Destruction. For the first time, the US would use cyber warfare for military purposes. The National Security Agency worked together with a secret Israeli team known as Unit 8200 to develop a cyber weapon to slow down Iran’s ability to develop nuclear weapons. The US wanted to work with Israel not only for their respected cyber skills, but also to dissuade them from potential pre-emptive military strikes against Iran. Out of this project came Stuxnet, a worm whose purpose was to infiltrate the systems at Natanz, and wreak havoc.
This piece of malware was not just a one off attack. Stuxnet was designed to hide dormant for weeks, collecting normal data, and then speed up the centrifuges (vital for separating the volatile parts of uranium), causing them to explode, all while sending normal looking data back to monitoring systems. The intention was to make the Iranians feel paranoid and stupid.
Recently, another piece of seemingly state-sponsored malware, Flame, has been described by the Budapest University of Technology and Economics as “arguably … the most complex malware ever found”; it “may have been active for as long as five to eight years”. Flame is designed to obtain information. It can record audio, webcam and keyboard activity, take screenshots, and additionally monitor network traffic.
While Kaspersky Lab, the world’s largest private computer security company, originally believed that Flame bears no resemblance to Stuxnet, after further study they discovered that Flame contains substantial amounts of code used in Stuxnet to infect computers through USB drives. Kaspersky’s chief malware expert has stated that there is “no doubt about it being a nation-state that sponsored the research that went into it.”
The complexity of the attacks that can be launched by Flame is another interesting aspect of the malware. Flame was able to successfully obtain a Microsoft certificate in order to fraudulently claim authenticity through a previously unknown technique.
The US has officially denied responsibility for the malware; however the sophistication, geography of the targets, as well as the links to Stuxnet, suggest otherwise.
The US is certainly not the only nation state participating in cyber warfare. Earlier this year, a US Department of Defense report warned that China is one of “the world’s most active and persistent perpetrators of economic espionage”. Russia, Israel, North Korea, Iran and potentially many others all have sophisticated cyber-armies.
Guy-Philippe Goldstein, in a TED talk from Paris 2010, discussed some of the problems this atmosphere can generate for world peace. A potential enemy announces that they are building a cyber defence unit, purely to protect their country and their citizens. However, how can one distinguish between a defensive and offensive unit? In fact, even if their motives are simply for defense, as Professor Robert Jervis of Columbia University in New York explaines in his journal article ‘Cooperation Under the Security Dilemma’, “In international politics […] one state’s gain in security often inadvertently threatens others.” If you do not know if the potential enemy is preparing for defence or attack, and weapons give an advantage in attack, the resultant atmosphere can easily spark a conflict. These ideas echo through the writings of Machiavelli and Sun Tzu.
Cyber weapons have begun to create this political atmosphere. It is far easier to design a piece of malware that can take advantage of one security vulnerability than to have a completely concrete defence.
The use of cyber warfare is bound to increase. The Obama administration toes a fine line. Due to the success of previous cyber attacks, some officials within the administration must be urging for more, against North Korea or China. Overuse could be disastrous.