
That's Rich!
what about Stuxnet then?
Hackers operating on behalf of the Iranian government have turned destructive, the US Department of Homeland Security has claimed. A statement issued over the weekend by Cybersecurity and Infrastructure Security Agency (CISA) director Christopher Krebs describes how Tehran-backed miscreants have gone from simply attempting to …
Except that, over Iran, the Reapers are promptly shot down. (And then carefully reverse engineered and copied - no doubt with improvements).
That's been a tradition in Iran. So pre-79 revolution, Iran was supplied with a lot of US kit. Then during the Iran-Iraq war in the '80s, got more US kit via (of all places) Israel. See the Iran-Contra affair for more details.
So ironically, the latest & greatest US drone was probably shot down by a Sayyad-2 missile that started life as a US SM-1, then modernised and updated with a pinch of Russian & Chinese technology to produce a political statement. And an expensive pile of scrap. But that's sanctions for you. Cut off international supply, and it creates a strong incentive to build up your own domestic industry, with help from nations who ignore the current sanctions.
Unfortunately for all of us, this sort of attacks against both military and civilian infrastructure has been effectively legitimized a while ago. If it is (il)legitimate [1] for the US to hit Iran's centrifuges or air-defence network with a destructive virus, it is equally (il)legitimate[1] for Iran to hit defence and government installations in the US. If it is (il)legimate [1] for the US to booby-trap Russian civilian energy infrastructure, it is equally (il)legitimate [1] for Russia to do the same to the US. And on and on it goes.
Unlike the convenventional warfare, it is the more technologically advanced opponent, which presents a bigger target, who ends up at a greater risk and a greater disadvantage. It is inconceivable to me that this point escapes american military and civilian leaders - and yet it is the US which continues to enthusiastically push "cyber warfare". I'd really love to understand what logic and what compulsion drive them.
[1] Feel free to choose the word according to taste.
It is inconceivable to me that this point escapes american military and civilian leaders...
Regrettably it would seem that them's wots in power live in their own bubble that has its own reality. It's been going on forever. General Curtis LeMay wanted Kennedy to start WWIII over the Cuban missile crisis. Let's hope cooler heads prevail.
Foreign policy by other means. In this case, violation of data sovereignty. Not sure if this counts as a causus belli or use of a weapon of mass deletion. But could be a handy way to clean data that's.. incovenient wrt Trump/Clinton investigations.
Bolton's been trying for decades to get someone else to die so he can clobber Iran on behalf of MEK. Never trust a man with an ego larger than his mustache, and an IQ smaller than his penis* The future's not looking too bright either, ie Joe Biden.. But hey, Iran has oil, so his son Hunter will do just fine..
*Measured in good fearing Imperial inches, of course.
"I'd really love to understand what logic and what compulsion drive them."
What choice do they have? Standing up in the UN and asking everyone just to be nice to each other (please)? They're playing a game that's been plainly inevitable for 30 plus years now. It didn't need any legitimising. It's the nature of cyber that direct risk for the aggressor is low, attribution is difficult, attacks can be relatively cheap, and impact relatively high. Therefore small and less technologically reliant states were always going to use it to go after more technologically states, even large ones, with impunity.
Surely the only response to this as a vulnerable state is to get your own capability, try to toughen up as much as possible, expose attacks against you, and reveal your own attacks as a deterrent. ie. If it seems like the US is most responsible for cyberwar right now it's only because it's most in their interest to publicise what's happening.
The worry should be that other Western states lack capability and so become reliant on the US, or are so asleep they're not even aware when they're under attack.
What choice do they have? Standing up in the UN and asking everyone just to be nice to each other (please)?
That would be a good start.
The next step would be to sit down with everybody else, and to try to really negotiate, at the very least listening to other nations' concerns and ideally doing something constructive to alleviate them. This is difficult, and it takes skill, and patience, and it takes a lot of time, and eventually one might have to concede a bit more than one would have been willing to give up at the beginning to get something one really needs. However, this is exactly how many key international treaties have been negotiated.
Since we are talking about Iran, the nuclear deal currently coming apart has been negotiated in exactly that way - with all sides very slowly and painfully coming to the point where they are ready to sacrifice something they value very highly to get something they really need.
Isn't this exactly how China was handled in the pre-Trump era? All kinds of constructive trade deals were reached giving them access to world markets. The Chinese economy benefited (along with the global economy). Dignitaries from liberal nations largely ignored human rights abuses. No official diplomatic relations with Taiwan. Hong Kong returned. No apology for the Opium Wars yet but it's bound to happen eventually.
They've still hacked the living crap out of America, and why wouldn't they? They've a lot to gain from it and very little to lose.
Meanwhile the various cyber attacks on Iran's enrichment facilities were part of the backdrop of pressure which brought about the Iran nuclear deal, or at the very last didn't seem to harm it. Indeed without all the various sticks, the sanctions, the assassination of scientists, the possibility of a pre-emptive conventional strike on their facilities, they wouldn't have had any reasons at all to agree to the deal.
Talking is great, essential even, but it doesn't get you everywhere and it can not possibly disarm anyone's covert cyber capabilities.
Talking is great, essential even, but it doesn't get you everywhere and it can not possibly disarm anyone's covert cyber capabilities.
1) Only those with an excessive sense of entitlement would go to 'other means' if they don't get everything they want. A key thing to remember is if you get something from the other side, they haven't had everything they want.
2) The issue is NOT to get the other side to disarm, the issue is to have them not use their weapons against you.
Talking works well, especially if you're willing to do a bit of give-and-take to help make every one as happy as possible - obviously some self-entlted types will never be happy even if they get the lions share with the least effort, but if every one else leaves the table smiling then talking has worked well. A lot better than anything involving any form of force.
This is the thing that worries me a bit. If you want to wreck havoc at an adversary, start by taking out electronic payment systems. There is not enough cash in circulation, and most European countries hardly do cheques any more.
If you then want to increase pressure, move on to telecom, power. Water is probably the most difficult.
If you then want to increase pressure, move on to telecom, power. Water is probably the most difficult.
Actually, attacks against physical transports are potentially the most damaging. So Stuxnet may have been intended to stop Iranian centrifuges, which are delicate, fast spinning beasts filled with very nasty uranium hexaflouride. Water and oil pipes contain a lot of energy, ie large amounts of water & oil moving fast. So messing with valves & pumps could result in burst pipes & damage that takes time to repair.
Except that the two cases are substantially different.
Stuxnet was launched against Iran when that nation was at peace with the world.
If Iran is currently attacking US systems (and it may not be), that is fully justified because the USA has committed overt acts of war against Iran. (Look no further than the sanctions, which kill people just as effectively as bombs - if more deniably).
> (Look no further than the sanctions, which kill people just as effectively as bombs - if more deniably).
I completely disagree with that claimed equivalence.
You are effectively claiming that doing anything to dissuade rogue nations is equivalent to war. Should we just go straight to a shooting war, or should we ignore everything that happens until it's our turn to be invaded?
Sanctions aren't as quick or effective as dropping bombs, and there certain a valid debate about how effective they are and how they are best implemented, but most people prefer them to a combat-focused conflict.
I'd really love to understand what logic and what compulsion drive them.
An influential part of US decision makers totally believe that Armageddon is a ritual to summon Jesus with and they will be rewarded by going straight to heaven on beams of light avoiding the Tribulations!
A significant part of the US electorate believes Armageddon is a Good Thing, It is Gods Will, and only Godless Heathens would stand in The Way of God's Will.
So great forces are aligned who out of the goodness of their unselfish hearts want to bring it on and Save Us All.
??
An influential part of US decision makers totally believe that Armageddon is a ritual to summon Jesus with and they will be rewarded by going straight to heaven on beams of light avoiding the Tribulations!
What would be really cool would be if they were to check their Bible's so see if they were right.
At which point, they'd see that only by the most insane twists of anything that could be called 'logic' could their current view even remotely be seen as correct. They might find their current view places them amongst those most deserving of the fictional 'hell'.
"Hacking critical infrastructure could lead to multiple loss-of-life events".
Which is why the USA has been doing it for decades. Not to mention other low-key attacks, such as imposing sanctions that - if you remember - were acknowledged to have killed at least 500,000 Iraqi children, and are certainly killing Iranian children as we speak.
Or carefully bombing hospitals, sewage processing plants, water supplies, the electricity supply system, and other essential social infrastructure - then imposing sanctions to prevent any medical supplies getting in, then sitting back with folded hands to watch thousands die of infectious diseases.
Very elegant (if you're a CIA or Pentagon psychopath).
Hacking critical infrastructure could lead to multiple loss-of-life events. If they manage to hack the control system for a dam, nuclear plant, chemical plant (etc)...
The key thing is to keep these controls as isolated as you can, and also have local staff with local abilities to over-ride the remote stuff, and also design safeguards around problems. Take a dam - emergency spillway that means the dam won't breach, a simple physical channel that cannot be opened or closed, it simply is. The tops of your spillway gates also allow water to safely overflow should a slip close the emergency spillway and for some reason you cannot open the normal gates. Turbines that can have the maximum imaginable flow of water directed to them and still be safe, not relying on brakes that may fail to keep things in control.
So what can I do? If I shut down all systems at the dam so no spillway gates work, all the turbines etc are closed, and I blow up a chunk of hillside blocking the emergency spillway, the damn still survives.
Also have physical and automatic cutouts on your switch gear. I start trying to pull too much power through them, the contacts get open. That silly Bruce Willis movie where someone remotely sends all the natural gas in a region towards one main hub to blow it up? That should never be able to happen; flow restrictors and cut-offs or vents should be able to make sure the pipes cannot be asked to carry more gas than the weakest link can survive.
Nuke plants are much the same. Have means to start shutting them down and open up emergency cooling systems in the event of a loss of normal coolant ability. Even extra control rods that can automatically drop into place without electricity if certain parameters are exceeded (assuming I have enough understanding of how nuclear reactions are controlled - there is a very good chance that I may not :) )
There should be no way to remotely mess with things and cause problems, and very little chance even directly, short of liberal applications of C4...
backups
have you heard of them?
Why yes!
Years back I found a special backup device thanks to a fellow countryman named Simon.
It holds massive amounts of capacity - I've been backing systems up to it for years and not yet run out of space. And it is extremely fast as well, always has been! As fast as you can throw data at it!
Yes. If you want a fast way to back up your data, simply point your backups to /dev/null.
And the biggest benefits - it's free, yet the restores are just as reliable as any of the larger 3rd-party systems where you might pay $hundreds of thousands!
The computers that Iran compromises and wipes will be forced to be rebuilt with better security policies and employees having learned the hard way to be more resistant to social engineering. That will better protect them in the future when China, Russia et al try to compromise them.
Wiping is incredibly disruptive, so it is obvious you've been compromised. If someone silently penetrates your network and steals secrets they might continue doing that for a long time before it becomes known.
"The computers that Iran compromises and wipes will be forced to be rebuilt with better security policies..."
I see that you are unfamiliar with the ways of government. Try reading Clifford Stoll's classic "The Cuckoo's Egg", for a start.
It was written about 30 years ago, admittedly. But that's the whole point: nothing important has changed since Stoll found many US Army VAXen with the "System" account password unchanged from "Manager". Not only did no one in charge see what was wrong about that, they didn't know what accounts and passwords were.
If all the VAX with SYSTEM/MANAGER were logged into and had all their files deleted, I'll bet when they were rebuilt they'd use a different password.
Having someone point out "hey, this is a bad idea" is the stuff that gets ignored. Not the stuff that causes major headaches for everyone involved and long hours of overtime for the IT guys. They will take security more seriously in the future, I guarantee it.
>The computers that Iran compromises and wipes will be forced to be rebuilt with better security policies and employees having learned the hard way to be more resistant to social engineering.
You're forgetting (as reported by El reg) the US government sends interdepartmental emails over the Internet using SMTP...
Also, as a number of UK teenagers have demonstrated over the years, old habits die hard, so expect the US government to continue to expose critical systems to the Internet and protect them using variants on System/Manager aka Admin/Admin as their admin credentials...
Remember the only reason Iran (if the events the US government claim, have really happened) has been able to wreck havoc is because the US government, across ALL branches does not understand basic security.
Remember the only reason Iran (if the events the US government claim, have really happened) has been able to wreck havoc is because the US government, across ALL branches does not understand basic security. .... Roland6
Another greater systemic vulnerability which can always be ruthlessly exploited are defenders of the indefensible, Roland6, for by natural default does it identify that particular and peculiar opposition and/or competition as being intellectually challenged/retarded/corrupted/perverse.
Wiping is incredibly disruptive, so it is obvious you've been compromised. If someone silently penetrates your network and steals secrets they might continue doing that for a long time before it becomes known.
This is what causes me to entertain the possibility of a 'false flag' operation. Far more value in sneaking in, planting cameras and microphones, and sneaking out than smashing your way in, tripping every alarm imaginable, and fleeing with only the trinkets they wanted you to see.
Oh, silly me: the NORKs were the last enemy, the current enemy is Iran: so of course it is the Iranians.Quick: where is the nearest Memory Hole into which I can put everything that I (thought that I) remembered about the NORKs.
To carry that on a bit further (scarily, for the easily startled), just consider how uch time and effort Trump put in to showing the world how great he was at negotiating with the NORKs and how the two nations would soon be on very good friendly terms...
Biting the hand that feeds IT © 1998–2022