2012/06/05

Cyberwar: Bush/O'Bama authorised Stuxnet

We've crossed a Internet Security Rubicon: the USA admits to combined cyber-attack operations with Israel against Iran's nuclear enrichment program.[NY Times]

The Washington Post's "Zero Day" series says a lot more.

It's a very important event when a government goes public with its most-secret security or intelligence programs: it took over 4-decades after WWII (and the 'Spycatcher' court case) for news of just part of the Allied SIGINT activities to become public.

The work of Bletchley Park, the home of Alan Turning's biggest contribution, was kept secret to the point of allowing mass casualties rather than give it away.

The only reason I can think of for O'Bama to publicise the USA's active, and successful, practice of cyber-attack is they think they've developed protections against it.


For competent, well-resourced and persistent/dogged attackers, like the Military or Intelligence Agencies, even the Gold Standard of Internet Security, Air Gaps, are not an effective barrier. With real-world agents, you can introduce your code into the most secure environments - and get information back.

What nobody is talking about is the role of Microsoft's products in this.

The central 'vector' or host for the worm was Microsoft Windows, with its many security flaws. What we cannot know is if any flaws/holes were introduced at the behest of Intelligence Agencies.

There are two important elements here:

  • The best place to hide something is in plain sight. Who would look for a slick, high-quality operation in a disorganised mess? The software mess that is Windows is a perfect hiding place for sophisticated intelligence tools.
  • Stuxnet inadvertently proved the Morris Worm Rule: even with  your best efforts and intentions, you cannot keep these virulent nasties contained. They will escape into the wild. They will have unintended consequences, to the point of collateral damage.
Like any offensive weapon, cyber-attack tools can be taken from you and used against you. The deadlier the weapon, the more danger you create for yourself. The widespread promulgation of stuxnet means its secrets are out: real blackhats can reverse engineering and modify it, setting it loose on its creators and the rest of us.

I cannot understand why any Government, including allies of the USA like Australia, continues to allow Microsoft Windows within its walls.

As this new age of Nation-state cyber-attack dawns, this stategy isn't just risky and unwise, it is a guarantee of massive future disruption. As we've seen already, a determined attacker won't just take your machines off-line and destroy you current data, they'll wipe your backups and archives beforehand.

This is no way back. With the whole of our machinery of Government and Administration, back-end and daily operations now completely dependent on I.C.T., this is a catastrophic ticking time-bomb.

No comments: