[section_title title=Introduction]
Stuxnet, Duqu and Flame are the new weapons of warfare. These are the new munitions that attack those systems that have very specific ingredients. The key ingredient of such systems is – well – computer programs. Those little sets of instructions that people call code – not any secret military code – but working instructions for various machines to pass on various flags, messages, symbols, or data to other machines so that certain sequence of operation is started or stopped in a particular deterministic, predictable and pre-defined manner. This is called software, supposedly differentiating these from the machines that typically in military mind are the hardware.
Software is the Achilles Heel of Software based Systems
The ability to enable functioning of various hardware elements of a military system (or any system or system-of-systems or ultra large scale systems) to respond and actuate destructive – reactive as well as proactive – actions against specific changes in and around the immediate environment in time and space – just by pre-coding a mesh of carefully written set of instructions stored on various forms of electronic organization called “media” or “memory” – has given the military and to the world at large unprecedented capabilities. The act of “programming” the machines through a set of rules – called protocols to talk to each other and also “process” inputs in the form of data and facts and represent by symbols – has come about not by manufacturing the “steel” bullets but by writing software into machines that talk to each other in a deterministic (more or less) manner to act against potential threats.
Yet, software is the Achilles heel of the current systems. For starters, the reliability of software is a perennial problem – unsolved so far. Software has this amazing ability to remain “buggy” despite been checked by multiple human eyes and brains of species called programmers, testers and also their automated code checking tools. Further, to the great horror of any military commander, a perfectly normal and working software system – which was working absolutely without any trouble for many years – can fail and lead to a catastrophe just because a particular path/condition that the environment never gave trouble to the system suddenly gets activated in the light of a unique input – which most crisis situations will create. Further, since the software based systems use open source, openly available, commercially available underlying software components – operating systems, communication protocol stacks, network routers, applications, GUIs, compression algorithms, security protocols, database management systems, etc, the field of cyber weapons – which exploit the inherent weaknesses of these known software systems – is the potential course of the underdog in the fight against technologically superior forces.
These “black swans” that software based systems are much more prone to, are the “soft belly” (pun not intended) of the new world. This vulnerability is much more pronounced in mission critical systems such as military systems, space vehicles, satellites and nuclear power plants or nuclear reactors that may produce fissile material.
Please subscribe to our daily mailing lists
Continued on Page 2..
Related News:
- Self Styled Pakistan Cyber Army hacks CBI website
- Cyber Warfare is the New Gen Security Threat says Indian defence Minister
- IBM to Design and Demonstrate Mission-Oriented Cloud Architecture for USAF Cyber Security
- Half of India’s Critical Infra Providers experienced Politically Motivated Cyber Attacks
Last week news emerged that another cyber-attack, the most complex of all known, named Flame and directed against computers in the Middle East, was discovered. This is at least the third known case of the massive cyberattack. Politicians and experts reacted to the news pointing to a new global threat – that of cyber insecurity.Speaking to BBC, Dr Hamadoun Toure, General Secretary of the UN International Telecommunications Union said it was important for UN member states to work closely to defend themselves against the emerging cyberthreat.”There is a risk of cyberwar – but it’s not necessary. That’s what we’re trying to do: prevent. We’re saying the best way to win a war is to avoid it in the first place.”"It’s not cyber war, it’s cyber terrorism and I’m afraid it’s just the beginning of the game … I’m afraid it will be the end of the world as we know it,” Eugene Kaspersky, whose lab discovered the Flame, said Wednesday, speaking at a cyber security conference in Tel Aviv. We decided to take a closer look at the issue with our guest speakers Oleg Demidov, cybersecurity expert at the PIR Center, the Russian Center for Policy Studies, and Vitaly Kamluk, Chief Malware Expert with the Russian Global Research & Analysis Team at Kaspersky Lab. : Voice of Russia
Flame And Stuxnet Share Certain Portions of Same Code
Security experts have linked some of the software code in the powerful Flame virus, which has been raging in the Middle East, to the Stuxnet cyber weapon, which reportedly was used by the United States and Israel to attack Iran s nuclear programme.
Kaspersky, the Russian computer security firm credited with discovering Flame last month, said its research shows the two programs share certain portions of code, suggesting some ties between two separate groups of programmers,reported Gulf News
“Our first examination made it appear that the two programmes were unrelated, but our research unearthed some unknown facts that completely transform the current view of how Stuxnet was created and its link with Flame,” said Vitaly Kamluk, Chief Malware Expert, Global Research & Analysis Team, Kaspersky Lab.
Flame, even though it was discovered just recently, appears to predate Stuxnet, which was created in 2009.
Iran enriching uranium at fast pace despite stuxnet: Experts
Iran’s uranium enrichment effort has picked up speed in the past three years and has not been crippled by cyber sabotage from the Stuxnet virus, experts told US lawmakers on Wednesday.
As a result, Iran could produce enough fissile material needed for a nuclear weapon within four months, if the leadership decided to go ahead, the experts told the House Armed Services Committee.
According to The New York Times, President Barack Obama, and his predecessor in the White House, George W. Bush, approved the use of the Stuxnet virus to disrupt Iran’s nuclear program, in the first known sustained US cyber attack.
Stuxnet — a complex virus developed jointly with Israel — sowed confusion at Iran’s Natanz nuclear plant, the Times reported, but the virus later accidentally spread outside of Iran, appearing in computer systems in other countries.
Some analysts and former US military officers have touted cyber attacks as a more effective weapon against Iran’s nuclear ambitions than bombing raids, which they say would carry big risks without causing permanent damage to the program