Revenge of the nerds
Computer hacking poses an increased threat to society's infrastructure
As each day goes by our world becomes more technologically advanced and interconnected through a web of networks and computer systems. Stock markets, power plants, military and personal information, banks, news, and virtually every other aspect of our current society is connected to networks and computers all over the world.
Although technology is often quickly applauded for making our lives easier, there is an ever-increasing threat growing in the shadows. Largely ignored, and often overlooked, computer hacking and cyber warfare provides one of the biggest threats to the infrastructure and stability of any developed nation. Hacking is often snubbed and dismissed as a childish teenage activity that poses little threat to anyone’s lives and wellbeing. But as it turns out, this could not be further from the truth.
Nearly every important piece of information that exists, from social security numbers to government defence strategies, are stored in computers that are connected to the Internet. Power plants, air traffic control, and emergency services are all coordinated using computers, and the entire economic stability of our country is rooted in the use of computers networks.
But all of these systems are open to manipulation and corruption by anyone with the proper amount of knowledge. Credit card information and personal identity theft receives the most attention in the mainstream media, however, this is only the tip of the iceberg.
Governments all over the world are now acknowledging that a skilled team of hackers could potentially shut down power grids, steal government military information, and even program factory machinery to malfunction and literally destroy itself from the inside. And all of this is done from computers that could be located anywhere on the planet.
The Internet is a powerful tool, but an imperfect one. Unfortunately, developed nations every ware have permanently connected themselves to a system that is open to manipulation by anyone who so desires.
With Cyber defence capabilities still at a rather immature level, the ability to make money, steal information, and disrupt society has never been greater. This all leads computer experts, like Jim Lewis, to believe that the next devastating attack on a nation state won’t be the result of a bomb, but rather a keystroke.
As our society becomes more and more connected with the Internet, the need to defend ourselves increases as well. The Internet is no longer a useful tool to help us organize and enrich our lives, it has become, in essence, the mind of our society; it holds all our secrets, all our knowledge. Civilization can’t live without it.
Even though the most dangerous threat posed by cyber attackers is certainly aimed at government installations and infrastructure, the technology that people use every day is also at risk. Specifically, the technology we carry in our pockets.
iPhones and Androids are highly susceptible to Trojans – malicious software masquerading as applications. Essentially these “Trojan horses” are allowed access to the phone by the user, who willingly downloads them believing that they are some kind of (usually free) application.
“The mobile phone industry is not fit for this purpose, especially financial transactions,” Alex Fidgen, of MWR Infosecurity, told the Guardian in a recent interview. “The evidence is irrefutable. You cannot be assured of security with smartphones. As soon as a handset is compromised, all the data is up for grabs.”
This is terrible news for people who do their banking with their phones. As the article in the Guardian highlights, most smartphone manufacturers are more concerned with getting out newer hardware and applications, rather than creating devices that are capable of maintaining security.
Many smartphones are essentially rudimentary computers with phones attached. But, unlike personal computers, smartphones are rather unequipped to resist attack – and in some cases, Trojan malware can take over complete control of the phone. For an intelligent computer engineer, hacking a smartphone would be like Mohammad Ali boxing a small child.
In a demonstration at the Guardian’s London offices, representatives from MWR Infosecurity showed how easy it really is to hack a smartphone. The test started by clicking on an attachment sent via text message. The file contained a particularly nasty Trojan, designed by MWR staff. The virus quickly installed itself on the phone and seized control over the operating system without impairing the normal functionality of the phone – making it appear as if nothing had happened.
However, the virus would monitor the user’s keystrokes and memorize banking information. Even more shocking is that when the user thought they have turned the phone off, it was actually still on. The Trojan keeps the phone operating while shutting off the screen, and then starts recording conversations through the microphone.
All of this information is then sent to the hackers email account. MWR suggests that “jail-broken” iPhones are at an even higher risk of malware infection.
This means big business for cyber criminals. Last year alone, the FBI arrested over 90 computer hackers who had stolen over 70 million dollars worldwide from hacking smartphones.
The message sent by the MWR staff is clear. Don’t trust your phone's security abilities, smartphones are incredibly easy to crack. And whatever you do, don’t bank using your phone.
Acts of war
Currently, most of the major breaches in North American cyber security have been for purposes of espionage – stealing information for the purpose of gathering intelligence. However, most experts acknowledge that there is the potential for much more damage to be done in the future, and the demand for defence is an issue that needs to be addressed now.
The goal of any cyber attack is simple: break through another nations computer networks in an attempt to cause disruption and damage. Although there is the potential for much worse, the majority of cyber attacks have been for the purpose of gathering information, both from the private sector and the government.
The days of spies sprinting around in tuxedos and fake passports are a thing of the past. In today’s realm of military surveillance, spies lurk behind computer screens thousands of miles away from their targets.
In addition to the threat of losing information, hacked computer networks are also at risk of having sensitive information altered or deleted outright.
Starting in 2003, the U.S. government’s computer systems were assaulted by a consistent barrage of cyber attacks. Alan Paller, director of the Sans Institute, told American news outlets that the attacks were “most likely the result of Chinese military hackers trying to gather information on U.S. systems.”
Though it was never proven that the Chinese where behind the attacks, the attack was successful nonetheless. The attackers attained access to the networks at NASA, Lockheed Martin, and Redstone Arsenal among others.
Another attack on U.S. systems, nicknamed “Moonlight Maze”, took place in 1998, in which hackers were able to breach U.S. security systems and remain inside gathering information for almost two years before being discovered. The list of victims included NASA, the Pentagon, the U.S. Department of Energy, and several private universities around the U.S.
The United States government has admitted that maps of military installations, designs for military hardware, and troop configurations where all stolen during the two year breach.
In both cases, the sources of the attack could be traced back to an approximate region, such as the country of origin, but not an exact location – making it almost impossible to know who is behind the assault. Talented hackers can also leave behind false “paper” trail often in an attempt to lay blame on a third party.
Marc Rotenberg, Executive Director of the Electronic Information Privacy Center, told newspaper outlets that this is a major problem in the battle against cyber attacks. “In the old days, at least if there was a foreign threat it was reasonably easy to determine the source of the threat,” said Rotenberg. “With cyber warfare there is a very real difficulty in determining the source of the threat. In addition to that, there is the risk that a country may be mislead, by a third party, to believe that they are under attack from one nation, while in reality, the third party is responsible. So I think that people have become very concerned,not only about the new threat, but what the appropriate response will be.”
The U.S. Department of Defence has recently recognized “cyber” as an official domain of war, alongside land, sea, and air.
Even though officials at the U.S. department of defence admit that a cyber war is an unlikely event on its own, they concede that the potential for it to be effectively used alongside conventional means of warfare warrant the instalment of the new department.
Indeed, U.S. president Barack Obama has stated that “this new cyber threat is one of the biggest concerns to the wellbeing of our economic stability.”
In 2009, the U.S. president's concerns were justified when the nation’s power grid was infiltrated and alien files were introduced to the system. Despite being one of the most important pieces of infrastructure to any nation, the U.S.’s power grid is not
protected by the same defences as government systems, or even run-of-the-mill desktop computers.
"There is a pretty strong consensus in the security community that the SCADA[supervisory control and data
acquisition] equipment, a class of technology that is used to manage critical infrastructure, has not kept pace with the rest of the industry," Dan Kaminsky, director of penetration testing for a security company called IOActive, told Reuters news agency after the attacks. “Software for desktops and the Internet have been dealing
with the issue of security for the last 10 years, and that hasn't really come into the SCADA realm.”
It was said that attackers planted files inside the power grid system that could potentially shut it down. While these files were never activated, many experts believe that in a time of war these files could be used to cut off a massive portion of electrical distribution to major U.S. cities. If the grid was turned off, even temporarily, it could provide a diversion for another attack, a means of disrupting the economy, or simply inciting panic and fear in the general population.
Close calls like this are making government officials very nervous about their lack of defence in these areas. According to the U.S. Department of Defence, if the U.S. and other countries like it want to protect themselves against the cyber threat, then real military- style tactics need to be implemented.
In an interview with Al Jazeera, Michael Chertoff, the former secretary of U.S. Homeland Security, stated that if the U.S. wants to defend itself against a potential attack, then the U.S. must pose a threat to potential enemies. “Part of that is to deter by responding, by taking out the attacker or by being able to retaliate,” Chertoff said. “That suggests that you need to have a certain offensive capability. The key is going to be to define a kind of doctrine that establishes what kind of offensive steps we are willing to take, and what kinds we are going to put off limits.”
At the current moment, it seems that direct retaliation would be difficult, considering the U.S. and countries like them are not even capable of pinpointing the location of an attack. However, as time moves forward, the world will only become more and more connected with the technology that already surrounds us. And the need for protection has never been more palpable.
In the past, the threat of cyber attacks was contained within the digital realm. Attacks would damage, steal, or disrupt information, but cause no real physical damage. That all changed in 2010.
Enter Stuxnet, the most dangerous and malicious piece of software ever created. “Typically when people think of computer viruses, they basically imagine that some of their data has been lost or corrupted,” Marc Rotenberg, Executive Director of the Electronic Information Privacy Center, told Al Jazeera. “Typically it is a digital problem. I think what has so many people worried about Stuxnet is that it has caused a bridging from the digital world into the physical world. What this program does is take control of machine processes and nuclear reactors.”
Rotenberg and other experts like him can‘t help but imagine the dreadful potential for a new generation of programs that are capable of taken control of physical equipment. “Once you begin to imagine a world where all the devices are connected digitally, but operate in the physical world, can be now used for a whole range of dangerous purposes. We now have a very different problem than we once had with cyber warfare.”
Stuxnet is believed to be designed with the intention of disrupting Iran’s uranium enrichment infrastructure by infecting enrichment plant software and taking control of critical systems indiscriminately. The program is designed to spread throughout the system without being detected and attempt to gain control over internal control systems. These systems contain special code that automatically controls internal systems – such as the machinery in a power plant.
Once the worm has reached its target, it immediately programs its own code into the internal control system while simultaneously hiding itself. The virus then intercepts and blocks communication from the software previously used to control the machinery and begins to send its own commands, altering the rotational speed of the engines used to control the equipment. The worm is designed to rapidly increase and then decrease the frequency of the motors, causing them to malfunction and possibly destroy themselves from the inside out. Stuxnet also sends false readings to safeguard programs to ensure that the equipment can’t detect the abnormal behaviour and shut down.
Although it is believed that Stuxnet was created to attack Iran’s uranium enrichment, many experts believe that the same software could be used to attack other infrastructure such as water treatment plants and industrial factories.
Stuxnet is also much larger and more sophisticated than usual malware, leading many to believe that this could only be the product of a government-funded attempt to attack critical infrastructure. Like most cyber attacks, the culprit is unknown, but the United States, the UK, France, China, and even locations inside Iran have been speculated as the possible origins of the worm.
While Stuxnet was not able to cause any serious damage, the Iranian government has speculated that the program has already spread around the world.
If anything, this incident has shown the world that the threat of cyber attacks that cause real damage in the physical world is a real threat that needs to be addressed now. As the world becomes more and more technologically oriented, the threat of that technology being used as a weapon of war and terrorism increases too.