The One Sided Cyber War 215
Curseyoukhan writes with a skeptical perspective on the U.S. Cyberwar posturing. From the article: "The first shot was probably the release of Stuxnet sometime during or before 2009. Even though no one has officially claimed responsibility everyone knows who was behind it. Stuxnet hit with a bang and did a whole lot of damage to Iran's uranium-enrichment capabilities. We followed up Stuxnet with Flame — the Ebola virus of spyware. What did the Iranians fire back with? A series of massive, on-going and ineffective DDoS attacks on American banks. This is a disproportionate response but not in the way military experts usually mean that phrase. It's the equivalent of someone stealing your car and you throwing an ever-increasing number of eggs at his house in response. It's fascinating that Iran continues to do nothing more despite the fact that U.S. critical infrastructure currently has the defensive posture of a dog waiting for a belly rub. Keep that in mind the next time you hear that a 'cyber Pearl Harbor' is imminent."
Our Foreign Policy (Score:2, Interesting)
...is the equivalent of the biggest kid on the block pushing everyone on the playground over in the mud, then claiming to be the victim if they throw a clod of mud back at him. Wait, that was in the summary...
I have a theory (Score:1, Interesting)
Totally misleading (Score:3, Interesting)
All the sources and analysis on Stuxnet said it entered through a weakness in Windows (written by Microsoft, an American company) and targeted specific elements of control software written by Siemens (a German company, and thus an American ally). Stuxnet was highly sophisticated and highly targeted, and likely because those writing it had access to the design flaws and knew what to target.
None of the US or Israeli infrastructure is on software written by Iran, so the access they would have to the design of software that runs things they can target is extremely limited. I would imagine in cyber-warfare it's much like normal warfare; intelligence is key when targeting your weapon. Iran likely does not have the intelligence (meaning information, not mental capability) to target us, so they're using DDoS attacks which are somewhat untargeted. So, to expand on the car analogy, this is like someone stealing your car, and since you don't know how to pick a lock, don't know how to break the alarm, and don't know how to hot wire the ignition, all you know is where they live, so you protest by throwing eggs at them.
Re:The reason a "cyber Pearl Harbor" isn't imminen (Score:5, Interesting)
Actually, depending on what kind of damage they can do to utilities and SCADA systems, people could very well die.
Re:not really (Score:5, Interesting)
That's my thoughts. It's like the schoolyard bully taunting the nerd just the nerd will take a swing at him. That way, he can pound the nerd into the ground and then claim "well, he started it!"
Holy shit... (Score:5, Interesting)
This is so incredibly wrong that it's astounding to me. A whole series of declarative statements that show a total lack of knowledge, and a total lack of understanding of the background material as well. Let's count them:
"The first shot was probably the release of Stuxnet sometime during or before 2009."
No. Cyber warfare did not start with Stuxnet...and common sense bears that out. Nobody can mount a successful and incredibly complex offensive the first time they field troops on the battlefield. Chinese thought leadership on cyber warfare goes back to the early 90s, when they seized upon it as an avenue to even the odds after witnessing our performance during Desert Storm...which, quite simply, made them wet themselves with shock at how effective we were at kinetic warfare.
"Even though no one has officially claimed responsibility everyone knows who was behind it."
Um, Obama took responsibility for it. At least read the headlines of what you're talking about? He was even called out for doing so, by others.
"Stuxnet hit with a bang and did a whole lot of damage to Iran's uranium-enrichment capabilities."
AWESOME! You FINALLY said something that was factually accurate! Too bad it took three sentences to get there.
"We followed up Stuxnet with Flame — the Ebola virus of spyware."
Uh, nope. Flame/Duqu, by all assessments, was actually a predecessor to Stuxnet, and I don't get the "Ebola" reference, since it's a data stealer and not designed to brick systems.
"What did the Iranians fire back with? A series of massive, on-going and ineffective DDoS attacks on American banks."
Okay, so first off, this is not the first thing...or the only thing...the Iranians have done. They've been in the cyber business a long, long time and are viewed as one of the big three actors in offensive cyber operations. Second of all, the attacks were not at all "ineffective"; ask any Bank of America customer who uses online banking. The site was down for weeks nonstop. And the banks have gone to the NSA asking for help in fending off the attacks as well.
"It's fascinating that Iran continues to do nothing more despite the fact that U.S. critical infrastructure currently has the defensive posture of a dog waiting for a belly rub."
See again, under Iranian cyber operations and how the banks fared during the DDoS attacks. Also keep in mind that the financial industry is at the top of industry sectors, when ranked in terms of cyber security maturity.
NOW, let me add the total way in which the OP ignores anything related to Russia or China, using only his incredibly faulty understanding of one country to justify his assessment of an entire form of warfare. Forget Red October (Russia, still in play but being shut down), forget Ghost Net (China), forget Aurora (also China), right? Forget what the Russians did in Georgia and Estonia. Forget North Korean actions against South Korea. Yeah...wow, good analysis dude. I bet Fox News would love you.
Re:The reason a "cyber Pearl Harbor" isn't imminen (Score:5, Interesting)
My brother works for a very large electricity plant and he says that the only computer controlled anything is the monitoring systems. The action of turing on/off turbines is manual. I know this isn't true of the whole electrical grid but I'm sure there are considerations made when hooking up computers to critical systems like those ones.
Re:Maybe (Score:2, Interesting)
Or maybe it is one-sided because they found ours but we can't find theirs?
I would guess the only way they (Iran) could produce something equivalent to Stuxnet is by contracting it out to Russia or China. Would they actually do that?
And if they DID, could they successfully deploy it?
And if they could deploy it, could the manage and control it properly?
I don't know, that's why I'm asking. I would GUESS the answer isn't "no" but rather "no probably not" to all three questions.
Re:So is /. a propoganda pulpit (Score:2, Interesting)
What are you talking about? What exactly are you imagining? A war on the scale of WW2? Total war? Please.
To quote von Clausewitz, "War is diplomacy by other means." By that definition, we're already at war. Iran and the US have different interests. Iran wants to become the regional hegemon of the Middle East, and the US does not want anyone being the regional hegemon. Iran has made it clear their intent to press ahead, and talking about it won't help either side come to a conclusion. So Iran has chosen to discuss the issue with the US through destablizing Iraq by supporting various factions, destabilizing the Levant by supporting Hezbollah and Hamas, developing a nuclear program which is a hair's breadth away from being a weapons program, and periodically threatening to mine the Strait of Hormuz and choke off half of the world's oil. The US has responded in kind with Stuxnet, the Green Revolution, an (likely) supporting a Mossad assassination campaign against key members of the Iranian Republican Guard. Sounds like a war to me.
Just because it's not declared does not make it a war; Vietnam was never declared as a war despite 10 years of fighting. War does not mean big armies rolling through the countryside destroying everything in their path, that's just one type of war, but there are many ways to fight a war.
Re:The reason a "cyber Pearl Harbor" isn't imminen (Score:3, Interesting)
So why do they continue to invoke this stuff? To scare people into putting their organization on the US DoD gravy train.
Or maybe because the professianls who do this for a living know something you don't. Imagine for a second that someone shuts down our power grid, something that is easy to do and has been demonstrated in Project Aurora. Without power, the internet is down. Without the internet, the economy grinds to a halt. No ships coming into port, no planes flying, no gasoline being delivered, no power in hospitals, no 911 calls, no critical infratructure working at all. This is the cyber 9/11 people like us (I work in the intelligence community) are worrying about.
Or maybe the professionals (security "consultants", sales, and everyone else in line to make a friggin buck) just wants to hammer home that the sky is falling to keep the good times rolling. And yes, that means you too, Mr I work in the intelligence community. Is the state of "cyber" security in the various critical infrastructures weak? Absolutely and they need to be improved upon. I too work "in the field" and am very familiar with the state of security for several organizations in a specific critical infrastructure. It's bad. Really bad. The risks are primarily sensitive data (commercial). The weaknesses in controls systems are organizational. That's right, organizational. When the resources are taxed to just maintain the status quo, things slip when you have to engage in new projects. Security improvements fall under new projects and completion/success is declared at some arbitrary implementation level so everyone can get their check mark and move on to the next issue. The core reason? Profits and specifically O&M numbers. Don't fool yourself, it's a business. And security doesn't show up on profit side, only the cost.
Re:not really (Score:5, Interesting)
Plus it's stupid to claim that Iran is doing nothing; it seems that way when you box yourself into just "cyber-warfare". IRan responds with what they have, which is a robust intelligence community based on personal relationships, used to destablize places like Iraq and the Levant. They use their ties in the Shia community to make Iraq difficult for the US, whcih is what they did for the past 10 years or so we were there. They also run advanced missiles to Hamas and let them fire them off, missiles with enough range to directly threaten Israeli population centers. They run training exercises in the Strait of Hormuz designed to make it known how they can mine the whole thing and close it off, and it sends oil prices through the roof.
Cyber-warfare is a meaningless term, because cyber-weapons are just one type of weapon, and one that Iran is not as sophisticated at. But they are sophisticated with other weapons, and they use them extensively.
Re:not really (Score:4, Interesting)
It's not like any script-kiddie can pick up the stuxnet script and modify it to attack their local cell-phone tower.
Umm.. actually that has already happened. Flame and Stuxnet are cousins of which Shamoon is a derivative.
"Specifically, Kaspersky believes it's the doing of script kiddies. Shamoon, like Flame, reportedly collects data on any machine it infects, then proceeds to erase the disk. "
http://gizmodo.com/5935647/is-a-script-kiddie-flame-copycat-out-to-destroy-the-worlds-power-plants [gizmodo.com]
Re:The reason a "cyber Pearl Harbor" isn't imminen (Score:5, Interesting)
Traffic light and elevators come to mind ...
No way. Both traffic lights and elevators have low level hardware interlocks that prevent them from going into an unsafe mode. Even if you have access to the control systems, the most you could do is stop the elevators, or put the lights into 4-way blinking red mode. To make the lights go into something dangerous, like 4-way green, you would need to conduct physical sabotage with a crowbar and a soldering iron. It would be easier to just buy a gun and shoot people as they drive by.
Re:The reason a "cyber Pearl Harbor" isn't imminen (Score:2, Interesting)
I've written a paper on this nearly a decade back. Let me tell you how to do it:
You attack the water system in rural regions. Twofold
1) you increase fluoride injector pumps to toxic levels. Most systems should have emergency shutdowns to prevent this, but you can. This is just gravy and not relevant, unless the shutdown actually stops water distribution. And even then it probably impacts the 'wrong' region.
2) You throttle some of the control points on and off as fast as possible to increase stress on the pipes, and open up remote irritation systems full throttle and locked on to deplete line pressure and start knocking. Infrastructure is old, this will almost certainly burst something important.
Now -- your goal is not to get people to die of dehydration. Your goal is to disrupt supply to natural gas compressor stations that use water for cooling. Depending on setup, the compressor may shut down. It may also burn itself entirely out. When the compressors can't run, the natural gas delivery system doesn't work. People can't heat. When people can't heat, water pipes freeze and burst. When there's not enough natural gas, certain types power stations can't produce electricity.
It's harder to disrupt coal or nuclear (although there's some great documentation of people breaking into nuclear plant SCADA systems over wifi) -- but water is your shortcut to heating and electricity for a growing number of regions.
While the gas network itself is nationally robust, it's often locally stressed. It's also susceptible to a variety of business pressures much like the old Enron electricy rate manipulations.
Re:The reason a "cyber Pearl Harbor" isn't imminen (Score:4, Interesting)
*This is a Mitsubishi article, but it does a good job of explaining. I am not affiliated with Mitsubishi.
Preemptive warfare... (Score:5, Interesting)
If the "nerd" wants to push the Jews into the sea, I'm fine with being the bully. We should bully such murderous assholes more.
Don't the Iranians have a right to the opinion that Israel shouldn't be a state?
I'm not saying we have to agree with them, I'm not saying the US shouldn't help out Israel, if attacked...
But this is preemptive warfare.
Where does it end?
These hacks only postpone their nuclear program, and cause a lot of animosity...
The only option for true peace in the region is negations, all out war could stop a nuclear program, but it certainly wouldn't bring peace.
Re:not really (Score:4, Interesting)
Most Gulf countries live in fear of Iran and its ambition of hegemony, and it drives large arms purchases.
Yeah, right. You are being played like a fiddle.
At the present time, Iran is no threat to anyone. Iran runs a very distant 5th in arms expenditures in the region, at less than 1/2 of Israel, Turkey, and the UAE, at less than 1/6th of Saudi Arabia (and a little over 1% of what the US spends). Iran is surrounded by nations armed to the teeth, a lot of it American weaponry.
When a 90-lb. weakling is subjected to such irrational fear-mongering by multiple 800 lb. gorillas and on 80,000 lb. godzilla monster at the same time, it is no wonder they are leaving the nuclear option open. How can they dare do otherwise?