By Ameen Izzadeen
(This article first appeared in the Daily Mirror, Sri Lanka on October 1, 2010)
Future wars will be fought from a desk in a closed-up room. No missiles will be fired, no drone attacks will be launched on civilians and no soldiers will die. Nuclear weapons will be of no use. Yet nations will be brought to their knees by the press of a button. Yes, it is all but official that the era of cyber warfare has begun.
A virus called Stuxnet has hit 60,000 computers in Iran, including those at the Bushehr nuclear plant. Experts say the attack bore all the hallmarks of a “nation-state”.
Kevin Hogan, senior director at computer security giant Symantec, said 60 percent of computers worldwide infected by the Stuxnet worm were in Iran, suggesting its industry was the target.
According to the European digital security company, Kaspersky Labs, Stuxnet is a working and fearsome prototype of a cyber-weapon that will lead to the creation of a new arms race in the world.
Hackers damaging computers is no big news. Even computers at the Pentagon have come under attack from worms or malicious computer software (malware) introduced by hackers via email, internet, USB drives and other means. Such attacks have prompted states, companies and institutions to install sophisticated anti-virus guards to protect their computerized systems. But, the hackers are often one step ahead of the anti-virus software suppliers. The sophistication of the Stuxnet virus is such that experts believe it cannot have been created by one hacker. It is the work of a group with vast resources or a nation state. The worm they created tells an industrial equipment to behave in a manner contrary to its programming.
For instance, if a nuclear missile of country A is programmed to hit country B, Stuxnet could either neutralize the command or reverse the path of the projectile to hit the country A itself. The day is not far away when thousands of computer experts will have the knowledge to hack computers that control nuclear weapons. The nuclear holocaust is at the fingertip of a hacker. The world is on the brink of an apocalypse. When a cyber-attack happens, it is difficult to know from where the attack originated. It could be from an enemy country, or from a ship in international waters, or from atop the Himalayas, or from within one’s country itself.
What if a terrorist hacker masters the knowledge to cause havoc in a target country? The LTTE had resorted to cyber terrorism and had limited success. A paper presented by Sri Lanka’s European Union Ambassador Ravinatha Aryasinha at the EU-US international seminar on the LTTE in 2008 said: “The Patterns of Global Terrorism Report 1997 identified the LTTE as being responsible for the first known attack by a ‘terrorist group’ on a target country’s computer system, when in August 1997 a group calling itself ‘Internet Black Tigers’ claimed responsibility for ‘suicide e-mail bombings’ aimed at disrupting the electronic information network/communications systems used by Sri Lanka’s missions abroad. This brazen act of ‘information warfare’ paralysed the communication systems of most of Sri Lanka’s overseas missions. At the time the US said the incident ‘did cause us to sit up and take notice’ because it was the first of its kind involving a group branded as a terrorist organization by Washington, and was a possible ‘portent of worse things to come’.”
Cyber terrorism that could cause catastrophic consequences is a reality. But sadly, it is the states that show the way for terrorists to move into the theatre of cyber war. Who could it be? The suspicion naturally falls on Israel, which has said that sabotage is one way of slowing Iran’s nuclear programme.
Major-general Amos Yadlin, Israel’s chief of military intelligence, last year said his country’s armed forces had the means to provide network security and launch cyber attacks of its own.
The United States is another country capable of carrying out such sabotage or cyber wars. In fact, the United States has an ongoing cyber war programme.
An article published in the New York Times on April 28, 2009 exposed the existence of such a programme and specifically mentioned Iran as a target.
The article by David E. Sanger, John Markoff and Thom Shanker said that just as the invention of the atomic bomb changed warfare and deterrence 64 years ago, a new international race has begun to develop cyber-weapons and systems to protect against them.
The authors also revealed that President George W. Bush had ordered new ways to slow Iran’s progress toward a nuclear bomb and approved a plan for an experimental covert programme to bore into Iran’s computers and undermine the project.
The programme, which has also won the approval of the Barack Obama administration, is not only aimed at sabotage but also defending the United State’s vital installations from possible attacks, especially from China and Russia.
The authors of the New York Times article said: “The most exotic innovations under consideration would enable a Pentagon programmer to surreptitiously enter a computer server in Russia or China, for example, and destroy a ‘botnet’ — a potentially destructive program that commandeers infected machines into a vast network that can be clandestinely controlled — before it could be unleashed in the United States.
“Or American intelligence agencies could activate malicious code that is secretly embedded on computer chips when they are manufactured, enabling the United States to take command of an enemy’s computers by remote control over the Internet. That, of course, is exactly the kind of attack officials fear could be launched on American targets, often through Chinese-made chips or computer servers.”
It is not so much Iran’s nuclear ambitions but rather worries about China’s growing power that prompted Washington to put its cyber-war programme on a fast track. The United States maintains friendly relations with China – also with Russia. But mutual suspicion and cold-war type rivalry remain a powerful undercurrent.
In November 2008, the US congressional panel — the US-China Economic and Security Review Commission –warned that China had developed such a sophisticated and active cyber warfare programme that the US “may be unable to counteract or even detect” an attack. The panel charged that networks owned by the US government, defence contractors and US businesses were the focus of Chinese cyber attacks.
It said China was aggressively pursuing cyber warfare capabilities that could provide it with an asymmetric advantage against the United States. “In a conflict situation, this advantage would reduce current US conventional military dominance,” the panel warned.
It is naïve not to assume that China and Russia are taking counter-measures to protect their vital installations from US cyber-attacks. It is also naïve not to think that Iran is also adopting counter-measures. Iran has said the virus has not affected the operation at the Bushehr nuclear plant. Probably, it is not revealing the full extent of the damage.
To protect itself from cyber attacks, however, Iran will not only take counter measures but also develop its own cyber-weapons to target Israel and the United States.
Cyber-attacks and counter-cyber attacks have the potential to cripple countries. True they won’t kill people directly. But they can cause severe hardships by shutting down power grids, banking networks, traffic lights system. The more hi-tech a country is the more vulnerable it is to cyber attacks. When the possibility of nuclear weapons being manipulated by a hacker or terrorist with a remote control looms large, isn’t it time to go for the total nuclear disarmament? The less hi-tech one is, the safer it is.
(The writer could be contacted on email@example.com)