Wednesday, June 17, 2020

Cyber Weapons

What is Cyber Weapons

 Cyberwarfare is probablythe greatest challenge that we have asfar as our nation's national security is concerned. We have an advantage overevery other form of competition with possible allies exceptone, and that is cyberwarfare. And when you see thepotential of what a successfulcyber-attack can achieve, it's enough to makeyou deeply concerned. This is going to bethe new battlefield-- an unseen invisiblebattlefield-- where teams of hackers fromvarious nations will duel. In 2010, a computervirus named "Stuxnet" demolished a secret Iraniannuclear weapons plant. Hackers at Symantec Corporationunraveled its mysteries. What made Stuxnet differentwas it didn't just stick to the cyber world, it actuallyreached and caused sort of real world kinetic damage. It's nothing that wehad ever seen before. And so Stuxnet just beganspreading all around the world onto Windowsmachines everywhere. But what it was doingwas, it was also looking for something else. It was looking for thesethings that are called PLCs, or these small computers thatcontrol things like factories, like the power grid. What you see here is thecode that is put on to the PLC, and this is the normal processcode goes on to the PLC turns the PLC on oroff and controls it. When we first got the code,it's literally zeros and ones. It's sort of unintelligible. It was only later that we wereable to determine that actually this code was targeted,specifically, at Iran's uranium enrichment plant in Natanz. LIAM O'MURCHU: Uraniumenrichment facilities are very secure facilities. It's not like they'reconnected to the internet. You can't get your codein and out in that way. So one of the waysthat Stuxnet was able to get into thefacility was via USB key. So it was able toinfect USB keys, and then somebody wouldbring the USB key with them into the secure facility notrealizing it was infected, plug into a computer inside,and then that computer inside would be infected. We don't know definitivelywho is behind Stuxnet, but it's very clear thatit's a nation state, and it's nation states thathad something against Iran, and it's likely that itisn't a single nation state. And remember, as well, withcyberwarfare that the barrier to entry is quite low. If a country wantsto do something like build a nuclearmissile, that's actually quite difficult. But whenyou talk about something like cyberwarfare, it's actuallyquite cheap and quite easy for a country todevelop a cyber weapon, and that cyber weapon canhave equivalent effects. You can have a cyberweapon potentially shut down the powergrid, for example, on the whole east coast. New York is out. Wall Street is out. All your banks are out. You can't even withdraw money. You can imagine people-- panic starting-- andpeople trying to get cash. You can't get cash. ATMs aren't working. And then things like your waterwaste and treatment plants aren't working,so no clean water. There's going tobe a run on stores. Stores potentiallyaren't even operating. Your credit card is notgoing to work at the store. There will beabsolutely mass panic. If you can blindthe US military-- if you could shut down ourGPS and our computer networks, our military is basicallyunable to function. And it could take days orweeks to get those systems back up and running. They can do tremendous damage. They can defeat your armies,your fleets, your Air Forces, by simply blindingthem-- by taking down their cyber systems. I think that's a hugerisk that we face. With cyberwar, I always thinkone of the most effective ways to fighting in cyber, is to findthe computer and the operator and put a bulletthrough both of them.

 Somewhere in the South China Sea, a US andEuropean missile cruiser on joint patrol stray too close to one of China's many man-madeislands. Illegally built and hardened with militaryfacilities- despite a ruling to their illegality by The Hague in international court- Chinahas warned repeatedly that it will not tolerate any other nation's military presence nearthe controversial islands. The United States and the European Union meanwhilehave both taken the side of many of the South China Sea's lesser nations, such as Vietnamand the Philippines, who see the military buildup as an incursion into their sovereignwaters and an attempt to bully them into submission. Refusing to bow before Chinese aggression,the US and European militaries have routinely engaged in freedom of navigation exercisesthrough the disputed man-made island chains. Yet this patrol is different. The local Chinese commander- acting on hisown or perhaps with authority from his chain of command- orders a Chengdu J-20 combat patrolinto the air. Armed with anti-ship missiles, the jets supercruiseto within a few dozen miles of their targets, but this time instead of warning off the Europeanand American ships, they are ordered to retaliate for the incursion. On board the European cruiser, alarms soundas three of the four Chinese aggressors loose a volley of anti-ship missiles. Immediately the ship syncs up with its Americancounterpart via a wireless communications link, and together the two ship's powerfulAEGIS systems track the incoming missiles and fire off countermeasures. One ship protecting the other, supersonicinterceptors fire off from the decks of both ships, eight tasked with intercepting theincoming missiles and another eight screaming into the night sky to take out the Chinesejets. The exchange between the two sides lasts justforty five seconds, at the end of which three Chinese planes are fiery wrecks, with onehaving landed a hit on the European cruiser and killing dozens of sailors. Military comm networks relay news of the confrontationat light speed to commanders around the globe, and within minutes air, sea, and ground forcesacross Asia, Europe, and America are gearing up for World War III. Yet within just seconds of the news of theattack on the European and American ships, a new generation of weapons have already beendeployed. Less than a minute after news of two dozendead European sailors and three downed Chinese pilots reach the desks of their respectivemilitary commanders, cyberweapons have already gone on the offensive, a digital war sweepingacross the internet at the speed of light, and catching the entire world in its wake. Such a scenario may seem a bit far-fetched,yet it's an eventuality that every day militaries all over the world prepare for. In fact, every single day a digital war takesplace amidst the background chatter of daily internet use, with nations attacking eachother's critical infrastructure looking for vulnerabilities. Considered a 'soft war', these attacks aremeant to look for and stockpile potential vulnerabilities in the digital systems thatare the lifeblood of modern nations. Energy grids, communications and financialnetworks are the primary targets, and while no nation is yet launching an offensive toactually cripple these systems, they instead stockpile vulnerabilities so that they canexploit them in a time of war. Yet other nations, such as Russia, carry outmore overt and hostile attacks such as against a nation's political systems. Best seen in the 2016 US Presidential election,during which Russia hacked the DNC to favor the Donald Trump campaign, Russia has in factbeen carrying out cyber attacks against the political systems of NATO and Baltic nationsfor at least a decade. Russia has regularly used its cyber muscleto favor far-right politicians while attacking centrists and liberal candidates. They use their cyber influence to stoke dissentamongst a country's citizens, and to stoke fear and xenophobia which they can channeltowards the far-right, nationalistic candidates that they prefer and can thus manipulate onceelected into office. Russia's reach is indeed far, and while theirinfluence on the 2016 election was significant, their best success to date so far may be Britain'sBrexit vote, during which they ran disinformation campaigns online to stoke xenophobia. With Brexit being a widely recognized politicaland economic disaster for Britain, Russia has found great success in its cyber offensiveoperations. Yet if cyber warfare is so prevalent and hasobvious hostile intent, why don't nations react the way they would to kinetic attacks? That's partly to do with the fact that cyberwarfareitself is a very new development, and so the international community is at a loss as tohow exactly respond to the cyber offenses of another hostile nation. In Russia's example, NATO could react witha kinetic attack against Russia, but politicians must ask themselves if cyber operations aretruly threatening enough to warrant an all-out kinetic war. When a hostile nation has so clearly meddledin your politics and perhaps set the course of your nation's political leadership, thequestion may indeed need to be considered a strong yes- after all, just how sovereigna nation are you really if your elected leader is a tool of the Kremlin, or routinely takesactions on the international stage that benefit the very nation that is hostile to you andis attacking you every day? There simply exist no clearly defined boundariesbetween what constitutes a hostile military attack against a nation, and what is simplycyber crime. Currently cyber attacks by hostile nationsare lumped together with espionage, crime, and hactivism, and realistically you wouldn'tcall for an airstrike against a teenager hacking into Papa John's to get themselves free pizzadelivered. You wouldn't do such a thing because it wouldbe an over-reaction, but also because it's completely unrealistic: nobody wants PapaJohns pizza- even if it's free. On a serious note though, our current lackof political will to classify hostile cyber attacks as military actions only leaves nationseven more vulnerable to being further attacked. Russia, emboldened by their 2016 success inthe US election, has for instance been widely reported by intelligence agencies around theworld as gearing up for an ever greater campaign against the American voter in 2020. Yet the US has largely been silent in itsresponse to Russian aggression- despite President Obama's expulsion of several Russian diplomatsknown to be active spies, and an alleged brief cyber attack against Russian systems thatled to some Russian computers overheating and melting down. Sadly the Trump administration has shown littlewillingness to punish Russia for its attacks against the US, and not only is the lack ofthe political will to strike back suspicious, but it is also dangerous for the world atlarge. If the world continues down the road we areon, cyber attacks will only escalate until ending disastrously in an attack that's finallylarge enough to warrant a military response, starting a large scale war. Yet such an attack will likely be completelydevastating to the victimized nation, resulting in major disruptions to its power grid orfinancial and communication systems, bringing its economy to a screeching halt. Perhaps what would be best instead is if cyberattacks were at last met with a significant response, thus marking a clear line in thesand for just how far cyber warfare can be taken before military retaliation is inevitable. But just how deadly could a cyber war reallybe? The answer to that question is in our ownnot too distant past. In the early 2000s before the Iran nucleardeal, Israel was reaching a political crisis point. For its own continued survival it could notallow Iran to develop nuclear weapons, yet with the expansion of several enrichment facilitiesIran was poised to do just that in a matter of years. Many inside of Israel saw a preemptive strikeas the best course of option, yet each time Israeli jets had strayed into Iran, they hadbrought up the possibility of major retaliation. An all-out war between Israel and Iran wouldhave quickly spilled over into other Arab countries, leading to yet another Jew-Arabwar which would have in turn brought in Israel's American and European allies. For the US this situation was completely unacceptable,as was a nuclear Iran. Not only was there the risk of a nuclear exchangebetween Iran and Israel, but if Iran was allowed to develop nuclear weapons, Saudi Arabia andJordan both had already stated that they would immediately begin developing their own nuclearweapons as well. In short, a nuclear iran would lead to a nuclearmiddle east, the single most volatile region in the entire world. Yet allowing Israel to kick off another majorwar by invading Iran was not a good option either, and with Iran digging its enrichmentcentrifuges deep underground, simple military strikes would prove fruitless. That's when US and Israeli computer scientistscame forward with a solution. They believed they could infect Iranian computerswith a worm that could in turn destroy the Iranian centrifuges, and leave the Iraniansnone the wiser as to what exactly happened. The plan was immediately ok'ed, and workingtogether, US and Israeli engineers developed the Stuxnet virus. However, the centrifuges and the computernetwork they were linked to were not connected to the internet for obvious security reasons. This means that the virus would have to bebrought in physically and uploaded directly to the secure computer network, and to dothis several Iranian nuclear scientists were singled out and targeted digitally. Eventually the team managed to infect thelaptop of one of the scientists while he was connected to the internet, and when he broughtthe laptop into the nuclear facility and connected to the network there, the worm hopped insidethe secure computer systems and began to wreak havoc. Centrifuges began to spin wildly out of control,causing massive destruction and bringing the Iranian nuclear program to its knees. In the end thousands of centrifuges were destroyed,all by the simple click of a button. A modern cyber war could have just as dire,and physical consequences. If infected, the computer systems of nuclearpower plants could be shut down, or hijacked completely- hackers could for instance orderthe release of all water in the plant's cooling system, which would lead to a nuclear meltdownof the overheated reactors and regional disasters all across the land. With hundreds of nuclear power plants aroundthe world, this could devastate major portions of most modern nations. Even conventional power systems could be affectedthough, with the physical infrastructure overloaded to the point of causing significant structuraldamage across a nation's power grid. Such a disaster would take weeks, or monthsto repair, and if it happened during winter could lead to the deaths of hundreds of thousandsof the most vulnerable segments of a population. Dams could be hijacked as well, and emergencysluices meant to help deal with rising water levels during heavy rains could be forcedto remain closed, leading to a collapse of the entire damn. This would bring untold devastation as hundredsof millions of gallons of water rushed downstream to overtake the communities living in theshadows of large dams such as the three gorges dam or the Hoover dam. Luckily for us, no nation has yet dared tolaunch any such attack against the other- save for some cases of tampering of Ukraine'senergy grid by Russia. Yet the reality is that in the case of anothermajor war, these types of attacks would be the first to be launched by a hostile power. The option is especially attractive for nationssuch as Russia and China, who find themselves at a considerable military disadvantage againstEurope and its American ally, and in the case of war, it's a certainty that some degreeof major attack against a nation's digital infrastructure would take place. The unknown question to many though is justhow severe an attack will take place, and how well could a nation weather such an attack. Even more troubling is the fact that manyof these attacks could result in the deaths of hundreds of thousands, if not millions,and yet these cyber weapons are not yet considered weapons of mass destruction. If caught unawares and the US is crippledby a cyber attack that leads to millions of incidental deaths, are the leaders of Russiaand China confident that American leadership won't consider this an attack by a weaponof mass destruction and retaliate with a nuclear attack? That is the question that haunts many of theworld's premier cyber experts, and sadly, one that we might just have to blunder intoin order to find the answer out. The Cyber War will and already is happeningand the people who are going to suffer the most are normal users like you. The military has whole teams fighting this,what do you have? You don’t need to have the resources ofan army to protect yourself.  is the one and only tool you needto keep you safe online, and their multi-country VPN lets you browse safely and privately nomatter where you are, across any device. Don’t leave yourself vulnerable to digitalsnooping or malicious hackers, give and its features-packed VPN a try today! We love using because not only doesit act as a best-in-class VPN, it will send you breach alerts for when one of your onlineaccounts is compromised by a hack! Be safe online while the rest of the internetis at war.Do you think cyber attacks, no matter howsmall, should always be considered an act of war? How would you respond to the constant cyberattacks against NATO nations

No comments:

Post a Comment





Blog Archive

SEO Score

Seo Score für