Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Blogs

War on Error

John E. Dunn

Flame is good, too good. Is Cyberwar now in the hands of Dr Strangelove?

Article comments

The design of Stuxnet, Duqu and Flame suggests an urgent need for adult supervision of cyber-programmes

The security experts and vendors will surely be delighted by the sudden and shocking outing of Stuxnet as part of a US Government malware programme. Long suspected of having been developed by a well-resourced state full of old-school Highway 101 programmers recent revelations now suggest that the commentators were, embarrassingly, spot on.  

Something was going on and then some, taking in, many now believe, several other pieces of odd-looking malware, including Duqu and almost certainly the recently-discovered and disturbing follow-up to Stuxnet called Flame.

Dr._Strangelovel_Mandrake.pngLet’s spell out the implications. If states such as the US have been developing and deploying sophisticated malware with omnipotent nonchalance, that realisation contains a threat. Security systems can’t stop this sort of stuff easily if at all and indeed took years to spot Stuxnet once it had escaped from its ostensible target, the Iranian Natanz nuclear enrichment plant.

The design of Flame in particular shows us how this sort of malware can call on unknown zero-day vulnerabilities at will, using forged certificates that undermine basic authentication systems, and even finessing the Windows Update system with fake servers and cryptographic brilliance.

This sort of stuff makes everyday cyber-criminals look like rank amateurs. Instinct alone should tell us this is scary because it sets a precedent that will be followed if indeed it that hasn’t already happened.

Far from feeling vindicated, the security community is feeling very uneasy. Flame initially divided opinion between those who thought it interesting but oversold and others who believed that, if anything, the implications were too large to take in.

As revelations of its inner workings trickle out, the sceptics are starting to melt. Whoever created it, Flame went to work on its targets with terrifying ease, ripping the heart out of some long-cherished pieces of the global security defence as if it was mere software bureaucracy.

This might suit the ends of short-term realpolitik, but it is misconceived madness to toss aside security protocols as if they were paper fences. The claim that successive US Presidents sanctioned cyber-warfare on this scale without any semblance of a contingency plan should it become public or spread beyond its intended targets is incredible.

This programme suggests that the policy-makers don’t understand that techies can’t simply be tasked to attack a target and left to get on with it. Programmers, even very clever ones, make mistakes, and adopt assumptions about acceptable parameters in ways that won’t be evident to their paymasters.

Presidents and chiefs-of-staff can guess at the effects of a drone strike in a hostile zone but can they do the same for a software strike? Can anyone? This is new territory and there are many unknowns.

There will be voices dismissing such concerns as the anxiety of naïve minds; the security services have in the past employed unsavoury and illegal acts, including killing, to further their aims in the name of a greater good.  This was seen as fine as long as the scale was small, the targets well chosen and plausible deniability maintained.

Stuxnet and Flame were simply this modus operandi by another name and if it disrupted Iran’s alleged nuclear weapons programme then its creation will have been vindicated.

Unfortunately, cyber-weapons aren’t casual creations. Just as they set out to operate in a hidden way so their effects and unintended consequences can remain out of sight too. Flame in particular looks like an exercise in software subversion that offers every state interested in cyber-warfare - not to mention criminals - a live laboratory of state-of-the-art thinking.

Flame’s command and control was disconnected on the very afternoon that security firms publicised its behaviour and has since attempted to erase the evidence of some of its activities. It’s too late, though; the world knows enough.

As respected and extremely sober security expert Mikko Hypponen of F-Secure said in a piece published this week in the New York Times:

“The cyber-arms race has now officially started. And nobody seems to know where it will take us. By launching Stuxnet, American officials opened Pandora's box. They will most likely end up regretting this decision.”


Share:

More from Techworld

More relevant IT news

Comments

Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *