Tuesday, June 5, 2012

Stuxnet, Flame and security

First of all, I'd like to thank all my readers, I've had over 10,000 views in my first year of blogging. That's amazing and is so many more views than I expected to ever have. Thank you for making it well worth my time to blog!

Recently a friend of my asked me to comment about the latest cyber attack, Flame, uncovered by Kaspersky, a Russian security firm. It's still not entirely certain who unleashed the attack, but at the time I argued that it could have been Israel acting alone as they have a very capable tech sector. They put out high quality software, they have security experts and they have some serious R&D from US companies like MS and Intel.

Flame targeted Iranian computer systems, very much like Stuxnet did. At the time, it was unclear who released Stuxnet, which attacked Iranian centrifuges. It could have very easily been Israel acting alone or with some help from the US. Being a realist I fully expected the US to be involved, however I did not expect Obama to have issued the order himself. Based on history it is equally likely that Flame was initiated by the US as well.

Flame targeted data being sent over the internet such as PDF, Office and AutoCAD data and did not actively attack anything like Stuxnet did, according to Kaspersky. However, this doesn't mean that it's not being used by a spy agency. It's also interesting to note that the infected computers are all outside of the US, which indicates that it could very easily be a US spy agency as they are not usually allowed to spy on US citizens.

These two programs leave me with a great deal of concern, because "the Pentagon has concluded that computer sabotage coming from another country can constitute an act of war, a finding that for the first time opens the door for the U.S. to respond using traditional military force." Does this mean that if Iran responded with military force that our own Pentagon would argue that they were justified? I don't think they would, but essentially they already have.

Aside from the risks of war it also gives greater leverage for a regime like Iran's to argue for a more suppressed internet. They can now without any worry claim that they are doing it for national security. They are doing it for that reason, their centrifuges have been attacked (Stuxnet) and their people are being spied on (Flame). In addition other repressive regimes will likely use Flame as justification as a crack down on the internet. There may also be repercussions for Microsoft as Flame exploited a weakness within their auto update.

This also raises other concerns about what other types of cyber programs Obama has given the OK to. As he is the most technically savvy president we've had since the rise of the Internet, I think he fully understands the choices he is making. With Bush it may have been argued that he didn't really understand as well what he was approving as he doesn't have an in depth knowledge of how people use the internet and how systems interact with technology. He also wouldn't have a good understanding of how viruses like this could turn against their creators. In this case Obama should. He should know that once in the wild a worm can mutate in a way that could turn against the people that released it and that we could destroy ourselves.

I think that these actions will weaken our position in any negotiations with Iran and possibly other countries that we have pushed for a more open internet. They could, rightly perhaps, argue that we only want the internet open, so it's easier for us to infiltrate.

I don't believe that's the reason. I believe that the internet is the an amazing tool that has improved people's condition to at least some extent. It has allowed for freer flowing of knowledge, but it can be used for wrong just as easily as any other media or communication tool.

No comments:

Post a Comment