Fri Jul 27, 2012, 02:07 AM
alp227 (20,428 posts)
Rise Is Seen in Cyberattacks Targeting U.S. Infrastructure
The top American military official responsible for defending the United States against cyberattacks said Thursday that there had been a 17-fold increase in computer attacks on American infrastructure between 2009 and 2011, initiated by criminal gangs, hackers and other nations.
The assessment by Gen. Keith B. Alexander, who heads the National Security Agency and also the newly created United States Cyber Command, appears to be the government’s first official acknowledgment of the pace at which America’s electricity grids, water supplies, computer and cellphone networks and other infrastructure are coming under attack. Those attacks are considered potentially far more serious than computer espionage or financial crimes.
General Alexander, who rarely speaks publicly, did not say how many attacks had occurred in that period. But he said that he thought the increase was unrelated to the release two years ago of a computer worm known as Stuxnet, which was aimed at taking down Iran’s uranium enrichment plant at Natanz.
When the worm inadvertently became public, many United States officials and outside experts expressed concern that it could be reverse-engineered and used against American targets. General Alexander said he saw no evidence of that.
Read more: http://www.nytimes.com/2012/07/27/us/cyberattacks-are-up-national-security-chief-says.html
3 replies, 1349 views
Rise Is Seen in Cyberattacks Targeting U.S. Infrastructure (Original post)
Response to alp227 (Original post)
Fri Jul 27, 2012, 02:55 AM
stockholmer (3,751 posts)
1. pot meet kettle
Marching off to cyberwar: The Obama administration has greatly increased cyber-attacks. It is war without bloodshed, but war nonetheless.
Days before handing over the presidency to Barack Obama in 2008, George W. Bush invited the president-elect to the White House to talk about threats to America, and what the country was doing to confront them. Obama, in many ways, had campaigned as the anti-Bush, especially when it came to war and international affairs. It was Bush who sent America to war in Iraq; and it was Bush who opened the Guantánamo Bay detention camp. Obama had promised to leave Iraq and shutter the prison. It wasn’t obvious he would take his predecessor’s advice.
Yet when Bush urged Obama to maintain two classified programs, Obama, according to an insightful new book, agreed. As journalist David Sanger’s Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power details, the first involved drone attacks on suspected terrorists in Pakistan. Not only did Obama keep the program, but he greatly expanded attacks. The second, code-named “Operation Olympic Games,” was much more secretive and targeted a stronger and deadlier enemy: Iran. The U.S. and Israel had managed to insert a malicious computer program, a “worm,” into Iran’s nuclear facility at Natanz, believed to be the centre of Iran’s uranium enrichment program. Obama expanded this project, too. And despite stumbles—including the worm’s discovery when it escaped Natanz and spread globally—American-Israeli cyber-sabotage efforts struck a major blow against Iran’s nuclear program in 2010, when some 1,000 uranium-enriching centrifuges suddenly spun out of control and crashed. Iran’s nuclear ambitions were set back months, perhaps years.
The worm, popularly known as Stuxnet, signalled a remarkable escalation in cyber-warfare’s potential. A 2007 cyber-attack on Estonia—believed to have been Russian in origin—hit banks, newspapers and the country’s parliament, causing widespread inconvenience. Russia’s 2008 war with Georgia and Israel’s 2007 air raid on a Syrian nuclear reactor are also thought to have involved cyber-strikes. But Stuxnet was different. A computer worm had physically wrecked closely guarded nuclear equipment buried under 22 m of earth—something that might otherwise have required bunker-busting bombs, or troops on the ground who could be captured or killed. “If this had been done with a commando operation or C-4 explosives, we’d all recognize it as a form of warfare,” says John Arquilla, chair of the department of defence analysis at the Naval Postgraduate School in Monterey, Calif. “The fact that it was done with brave zeroes and ones doesn’t change the fact that it was an act of war, and a highly effective one.”
Obama, according to Sanger, was deeply involved in planning U.S. cyber-attacks on Iran. He would meet in the Situation Room in the White House basement, picking targets and authorizing ever riskier assaults. Not since Lyndon Johnson, writes Sanger, “had a president been so intimately involved in the step-by-step escalation of an attack on a foreign nation’s infrastructure.”
Confirmed: US and Israel created Stuxnet, lost control of it
In 2011, the US government rolled out its "International Strategy for Cyberspace," which reminded us that "interconnected networks link nations more closely, so an attack on one nation’s networks may have impact far beyond its borders." An in-depth report today from the New York Times confirms the truth of that statement as it finally lays bare the history and development of the Stuxnet virus—and how it accidentally escaped from the Iranian nuclear facility that was its target.
The article is adapted from journalist David Sanger's forthcoming book, Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power, and it confirms that both the US and Israeli governments developed and deployed Stuxnet. The goal of the worm was to break Iranian nuclear centrifuge equipment by issuing specific commands to the industrial control hardware responsible for their spin rate. By doing so, both governments hoped to set back the Iranian research program—and the US hoped to keep Israel from launching a pre-emptive military attack.
The code was only supposed to work within Iran's Natanz refining facility, which was air-gapped from outside networks and thus difficult to penetrate. But computers and memory cards could be carried between the public Internet and the private Natanz network, and a preliminary bit of "beacon" code was used to map out all the network connections within the plant and report them back to the NSA. That program, first authorized by George W. Bush, worked well enough to provide a digital map of Natanz and its industrial control hardware. Soon, US national labs were testing different bits of the plan to sabotage Natanz (apparently without knowing what the work was for) using similar centrifuges that had come from Libya's Qadaffi regime. When the coders found the right sets of commands to literally shake the centrifuges apart, they knew that Stuxnet could work.
When ready, Stuxnet was introduced to Natanz, perhaps by a double agent.
Getting the worm into Natanz, however, was no easy trick. The United States and Israel would have to rely on engineers, maintenance workers and others—both spies and unwitting accomplices—with physical access to the plant. “That was our holy grail,” one of the architects of the plan said. “It turns out there is always an idiot around who doesn’t think much about the thumb drive in their hand.”
In fact, thumb drives turned out to be critical in spreading the first variants of the computer worm; later, more sophisticated methods were developed to deliver the malicious code.
reap what you sow
Response to alp227 (Original post)
Fri Jul 27, 2012, 03:14 AM
dballance (3,701 posts)
2. Cyber War Weapons like Stuxnet are tactically much like the a-bomb
Once the horse is out of the barn it's too late to close the door.
We did it by being first to use a nuclear weapon in war and annihilating hundreds of thousands of people. Then nukes just seem to have magically proliferated in the then USSR and then in Israel (who I'd bet we gave all the technology to build their nukes).
If other nations haven't already backwards-engineered Stuxnet they are probably still trying or they're just assembling their best software designers and developers to make their own home-grown weapon. You don't have to enrich uranium for it. You just need some smart people and some computers. Very hard for the US to monitor since there are no tangible raw materials to have to buy or smuggle.
China has 1.3 billion people and the USA has 313 million. Statistically obviously China has a much larger pool of people from which it can draw upon to find smart people.
Response to alp227 (Original post)
Fri Jul 27, 2012, 03:36 AM
agent46 (859 posts)
3. There are so many new variables
There are so many new variables at play, known and unknown, that it is now impossible to predict social/political/economic outcomes. I believe we are in unknown territory due to the new technologies and the rise of global corporate power.
The rest of us need to get on with things.