Cyber Warfare

November 10, 2011

Since the time that Robert T. Morris launched the first Internet-destroying worm in 1988, it's been apparent that patient programmers will find ways to compromise nearly anything attached to the Internet. The Morris Worm was a wakeup call to DARPA, which immediately established the Computer Emergency Response Team Coordination Center (CERT/CC) at Carnegie Mellon University.

It's not just individual programmers who cause havoc. Nation states may be ramping up offensive capabilities in software attack. Just last year, the Stuxnet computer worm that affects industrial control software apparently caused significant problems to Iran's uranium enrichment facilities. There is speculation that Iran was the specific target of the Stuxnet worm.[1]

Was Stuxnet the first strike in a new cyber war? Apparently, things like this have been going on for quite a while. Thomas C. Reed, a former Secretary of the US Air Force who was a member of US President Ronald Reagan's National Security Council, revealed in his 2004 book, At the Abyss: An Insider's History of the Cold War, that the US used a similar tactic against the Soviet Union in 1982.[2]

In that case, software designed to run pumps, turbines and valves for a natural gas pipeline was compromised to force operation outside design parameters. "The result," wrote Reed, "was the most monumental non-nuclear explosion and fire ever seen from space," although the truth of the matter is not certain.

Bring out the big guns! A cyber cannon. (Base image via Wikimedia Commons).

Much computer development during World War II was a direct consequence of one form of cyber warfare, cryptanalysis. The UK government's Bletchley Park operation is where Alan Turing developed the Bombe, an electromechanical code-breaking computer. Such work trained the first generation of computing machine builders.

The US may have defeated the Axis Powers in World War II, but the Soviet Union appeared as the next threat; and this new threat moved quickly. A Russian youth group presented an impressive wood carving of the US Seal, approximately two feet in diameter, to U.S. Ambassador, Averell Harriman, on August 4, 1945. It was on the wall of the ambassador's Moscow home office until 1952, at which time it was discovered to be bugged; that is, it contained a listening device.[3]

Replica of the 'bugged' 1946 US Seal on display at the US National Cryptologic Museum (Via US National Security Agency Web Site).[3]

The Great Seal Bug is interesting from an electrical engineering standpoint. Battery power was not an option, of course, since the battery could not be replaced, so the bug was a passive device. The ingenious device, as designed by Léon Theremin, was somewhat like today's RFID devices. An quarter-wavelength antenna would detect a carrier wave from a remote transmitter, and this wave was phase modulated by a condensor microphone for detection by a remote receiver. The operating frequency was about 330 MHz.

Forewarned by such electronic eavesdropping, the US government promulgated what's called the TEMPEST standard in the late 1960s. The object of this standard was to shield electronic devices so that information would not be leaked to the outside. Radio frequency emissions were so large for early computing equipment that they interfered with radios and televisions.

As exposed in 1985 by Dutch computer researcher, Wim van Eck, it's quite easy to eavesdrop on computers using emissions from their display devices. Other research has demonstrated that even light-emitting diodes on computing equipment can leak information.

It's not surprising that governments are using sophisticated signals intelligence (SIGINT) systems to monitor Internet, cellphone and other information sources. The supposed code name for such eavesdropping by western nations is Echelon. So much has been written about Echelon that it's hard to separate the wheat from the chaff. There have been reports that it's been used for industrial espionage.

The composite losses from cybercrime, industrial espionage and industrial sabotage, as estimated by computer security companies, reportedly stand at a trillion dollars.[4-5] In that case, this really is war, since this is more than the financial cost for the US of the war in Iraq. What is known with more certainty is the amount of money spent on cyber security, estimated to be about $100 billion per year.[4-5]

The US response to cyber threats against its national infrastructure is the United States Cyber Command, as I reported in a previous article (The US Cyber Command, July 14, 2010). The military is rightly concerned, since much of its purchases are COTS (Commercial-Off-the-Shelf) products like those sold to consumers. Most of the electronic gadgets sold in the US are manufactured in other countries.

There's also the problem of increased software content in military products. It's reported that Lockheed's F-35 stealth fighter, scheduled to be introduced in 2016, has systems that use 20 million lines of code.[4-5]

One defensive move for many would be to migrate to Free and Open Source Software (FOSS), such as Linux. You can only be certain what your executable code does if you have the source code, and free distribution of the code puts it in front of many independent reviewers. As Linus' Law states, "Given enough eyeballs, all bugs are shallow."

References:

1. Valentina Pop, "There's a computer worm in your nuclear centrifuge," EU Observer, October 11, 2011.
2. Matt Loney, "US software 'blew up Russian gas pipeline'," Builderau.au.com, March 2, 2004.
3. National Cryptologic Museum - Virtual Tour
4. Misha Glenny, "The cyber arms race is on, as nations large and small mobilize to protect themselves and their enemies if provoked," Pittsburgh Post Gazette, October 23, 2011.
5. Misha Glenny, "The Cyber Arms Race Has Begun," The Nation, October 11, 2011.