Wednesday, 6 June 2012

Cyberwars: New Weapons, New Dangers

Aware of the cost and ultimate futility of military wars, our governments are increasingly engaged in a series of engagements with the enemies of our respective countries. Targets include economies and technologies and the weapons they are using are just as destructive.

Comparing the internet and the way our governments are treating it as a world war is apt when you consider that the array of weapons being deployed range from penny-any malware to complex trojans in addition to the controls and intellectual property rights (IPR) assertions being used to bend whole nations to the will of the giant corporations, many of whom might claim a nationality for public relations purposes but really owe no loyalty to anyone but themselves. As our economies struggle in the teeth of a worldwide recession, it's time to assess these threats and work out how to deal with them. There are three main weapons being used in cyberspace, all of which have real life consequences: malware, IPR, and control mechanisms.


I like to wait until a story develops before I report on it, and the Flame one is pretty juicy. As more details emerge, light is being shed on the plans by our respective governments to take over the internet: they want to see what their malware is doing. The two trojans making the news at the moment are Stuxnet and Flame.


Do you remember the big kerfuffle over CISPA, the surveillance bill that is currently mouldering away on a shelf in Congress? When I saw the part about intellectual property I was alarmed and was convinced it was an attempt to sneak SOPA back in. After a massive outcry they got rid of the intellectual property clause only to sneak the word "property" back into the latest version. A surveillance bill masquerading as a cybersecurity bill, the idea was to remove all impediments to internet companies sharing our data with the government or each other.

Recent revelations in the tech blogs have described a campaign of malware development and deployment against Iran in order to derail the ongoing nuclear program. It started during the Bush administration and the current incumbent has continued it. The worm Stuxnet is the result, and although it worked as intended, it got out into the internet and spread like wildfire. When the head of NSA claimed that Anonymous could possibly knock out critical US infrastructure services, the idea was to make them the scapegoat in case they were either hoist by their own petard or the Iranians hit back. Apparently, the Israeli security agencies are involved.


Flame is a backdoor and a Trojan with worm-like features and is so complex that anti-spyware specialists Kasperski have said it could take years to fully understand it. It's designed to pick up data from infected computers, including encrypted passwords. It can also take screenshots and collect information via  microphones, and can link to nearby Bluetooth devices, then send all this to particular servers to be collated and processed.

Computers in Iran, Lebanon, Syria, Sudan, the Israeli Occupied Territories and other countries in the Middle East and North Africa have been affected for at least two years. Again, the Americans and Israelis are behind it, and once again, the target is Iran, because they had defeated Stuxnet. Again, there's a risk of it being turned on us as well as its creators because the malware, which has an array of plugins, has some elements that have successfully spoofed the Microsoft Update certificate. While the short term gain has been to cause more mayhem for the Iranian nuclear plant at Natanz, the collateral damage is to Microsoft's reputation as a trusted software service provider. They've taken steps to resolve it. I now presume that CISPA was about the US government being able to inform campaign donors every time they planned to do something like that, particularly when "something like that" is aimed at the donor's clients.

"That said, our investigation has discovered some techniques used by this malware that could also be leveraged by less sophisticated attackers to launch more widespread attacks. Therefore, to help protect both targeted customers and those that may be at risk in the future, we are sharing our discoveries and taking steps to mitigate the risk to customers." - Jonathan Ness, TechNet

Meanwhile, Iran claims to have got it under control. Mind you, Microsoft says that a decent anti-spyware program would get it off, so why have those Middle Eastern countries got their knickers in a twist over something that's so easy to detect and remove? What's going on there?

Facebook and Google have promised to let us know if we should ever become the targets of a state-sponsored attack.

Today, we’re taking that a step further for a subset of our users, who we believe may be the target of state-sponsored attacks. You can see what this new warning looks like here:

If you see this warning it does not necessarily mean that your account has been hijacked. It just means that we believe you may be a target, of phishing or malware for example, and that you should take immediate steps to secure your account.

It sounds good until you realise the help you're being offered consists of changing the password, enabling 2-step verification, and updating your browser and all the stuff on your PC. Oh, and beware of the usual phishing suspects, including redirects to fake sign-in pages. Always use https:// when signing in.

If standard anti-spyware programs and changing passwords, etc., is the solution, is all this cyber-spying really such a big deal? It's imperative to keep all your software up-to-date and use complex passwords, that goes without saying, but if existing anti-spyware is enough to keep trojans, etc. out, at what point should we worry that one day they won't?

Meanwhile, as I said in an earlier post, it's the failure of US companies and assets to maintain proper security on their computer systems that is the real problem, not the over-hyped spyware.

Internet arms race

This ain't no game. With the proliferation of increasingly complex malware as governments work to undermine each other, how long will it be until significant damage is done? Microsoft's global reach could actually be more of a hindrance than a help if systems based on their software are vulnerable to malware — which might simply be a case of a hijacked trojan being sent back home. Meanwhile, hackers are highly prized as assets for internet warfare and while they mostly check for vulnerabilities in commercial software, they are also being deployed in attacks on enemy computer systems. They must. Failure to prepare for cyberattacks could have devastating consequences. In any case, both the White House and the Pentagon consider cyberattacks an act of war. It's just as well Iran didn't fire first or they would be at war in real life in a third theatre.


Intellectual property rights are increasingly being used as a weapon in order to allow the most powerful nations to remain dominant in technology. The idea is to use the rents to make money by licensing foreign countries to make the products, then export them to our respective countries. Emotive statements comparing IPR to human rights and conflating intellectual property with real property help the multinational corporations to plunder the wealth of our nations by characterizing unauthorized use of "their" ideas as theft. The fact that patents are now considered to be products in and of themselves are only making this worse. As I said earlier, though, campaign finance from these companies to compliant politicians is blinding our representatives to the fact that they are loyal only to themselves and their own bottom line, even though they have co-opted our representatives to make our law enforcement agencies fight their battles for them on an international level.

The dangers

I'm not exaggerating the danger of continuing on this course: the United States is stomping all over the sovereignty and jurisdiction of other nations, e.g. New Zealand and the United Kingdom in the Kim Dotcom/MegaUpload and Richard O'Dwyer cases. The treaties I've been helping to fight off, the TPP (Trans Pacific Partnership) and ACTA (Anti-Counterfeiting Trade Agreement), are all about making such cases more commonplace. Half-hearted efforts to bring a form of transparency to a secretive process don't help to get the public on board. This can only mean that it's against our interests to let our governments sign them. Since our representatives are convinced by claims of job protection and economic expansion to accept these treaties, they don't realise that the ultimate enemies of the corporations isn't the other nations, it's us. That's why they want to get surveillance laws passed to control us and measure what content we're enjoying (it's not consumption if it's still there when we've finished watching it!) so they can eventually bill us for each time we view it.

Make no mistake, IPR is just as bad a weapon as malware: the multinationals of all nations are assembling an armoury of patents, trademarks, and copyrights to use in courts of law to either license or shut down innovation.

 Reform is a matter of urgency

Apathy in the face of the evidence is the biggest problem here, although there have been gains for the Pirate Parties in European countries' regional and national parliaments and some of the Liberals and all of the Greens are on side. On the bright side, the UK government has been looking into Open Access and some prominent politicians have come out against surveillance. I hope that if Francis Maude MP adopts Open Access software he will realise how destructive patents on software are and work towards reform. Meanwhile, the Pirate Party has been fighting against ACTA, with Amelia Andersdotter and  Christian Engström leading the charge at the EU Parliamentary committees. The Pirate Party believes that IPR reform will take the brakes off innovation and free the markets from the shackles of IPR, and I agree. Ending vendor lock-in and evergreening can only benefit us all. Even the multinationals would benefit from being made to compete with market forces instead of stagnating in a government-sponsored monopoly.

Internet control

The internet began as a military project that has since expanded beyond the wildest dreams of its founders. As I type, a battle is raging over who will control it: the USA or the UN. Both plans are a horrible idea; a multi-stakeholder approach would be better for everyone. The trouble is, our governments can't see beyond the profit implications, and that's what keeps them at it.

Ultimately, it seems that sanity will prevail because self-interest will herd them towards a solution that prevents them from breaking the internet into online gated communities. Persuading them to stop using our own ISPs to spy on us or raise service charges to "compensate" the legacy content industries for real or imagined piracy is the next step and IPR reform is the best way to approach this. I'm waiting for the go-ahead to post my email to the MEPs on the INTA committee, in which I will appeal to their desire to keep their constituents in jobs in order to keep tax monies flowing in. This is because, if we hit them too soon, they might forget the message. The angle of attack must appeal to the same sentiments the pro-ACTA camp is appealing to in order to be effective. It's a battle we can't afford to lose.


There can be no winners in the cyberwars except those who profit from exploiting the fear, uncertainty, and doubt used to keep them going. Even the most enthusiastic corporations are shooting themselves in the feet by pushing to squeeze us for more licensing revenue because they're losing our hearts and minds. I don't see any foreign national power as a threat to myself or my business; it's the legacy content and data industries that are the problem because they're willing to lock down the internet to get what they want, aided and abetted by my own representatives. My Labour MP no doubt agrees with her party on the efficacy of IPR to create jobs and grow the economy, so she probably sides with them, not me, on this. That's why I'd vote Pirate if I could, and Green because I can't. The Big Three won't represent me properly.

It's too easy to say that geek politics isn't relevant to the rest of us. Actually, IPR pertains to absolutely everything you use every day unless you're a hermit who lives in the woods and are currently looking over someone else's shoulder as you read this. We can't afford to lose the cyberwars, so get ready to protest on 9th June if you're in London. If not, email your MEP and let him or her know how destructive IPR can be to jobs and the economy where you live.

No comments:

Post a Comment