Tuesday, July 24, 2012

Future of Cyberwars- War of the Worlds

The author provides an analysis of the striking similarities between the 19th century H G Wells narrative- War of the Worlds and the CyberWar scenarios now looming a hundred years later between nations on Earth.

The War of the Worlds - a science fiction novel written by H G Wells in 1895-97, tells of the invasion of Earth by an alien race of Martians. It is one of the earliest stories that forecasts a major conflict between humans and a species of technologically advanced aliens.

The storyline can be interpreted in a number of ways – but generally it provides a glimpse of a dystopian future in which forces of evil threaten to destroy human civilisation through the use of superior technology without regard to the planet’s inhabitants.

In terms of today’s cyber advances the storyline now seems rather na├»ve, but its influence over a hundred years ago was immense; combining the shock of new technology with rampant terrorism and the threat of annihilation. It spawned half a dozen feature films, radio dramas, comic book adaptations and a television series. But its main impact remains the terror that can be inflicted on a population by unknown forces outside human control.

Today humankind finds itself on the cusp of another War of the Worlds. But this time it’s far more terrifying and real. Instead of an alien species wielding weapons of mass destruction, the main protagonists are superpowers wielding equally destructive cyber weapons, with the forces of good and evil becoming increasingly blurred.  

Now with the leaked admission that the Obama administration authorised development and implementation of the Stuxnet virus in conjunction with Israel, and probably the subsequent development of a much more dangerous virus- Flame,  the War of Worlds scenario may be beginning all over again.

Stuxnet was designed to covertly sabotage the operation of Iran’s nuclear enrichment centrifuges- around a fifth of the total used for the separation of radioactive isotopes, slowing down the Iranian nuclear program. But the virus inadvertently leaked to the wider Internet allowing cyber security agencies to disembowel its modus operandi.

Flame is apparently a much more ambitious and dangerous worm, which has been stalking super sensitive information on the net for several years, primed to spy on and steal information from computers, initially across the Middle East.  In the process it performs extensive data mining- copying, transmitting and deleting files for espionage purposes at will. The code’s malicious actions went undetected by 43 antivirus programs before finally being outed.

This massive computer worm- around 20Mb of code, has been designed more as a complete malware ecosystem than a single virus, even rumoured to contain its own App store which can be customised and mutated to attack different applications and achieve different goals.

Most significantly Flame appears to be part of a continuing State sponsored hit campaign against Iran and other perceived enemies of the free world, using a different team of programmers and platform from Stuxnet, but commissioned by the same covert agency- likely the NSA in the US, It shares several hallmark features of its predecessors- Stuxnet and Duqu and was probably  tested at Dimona – the HQ of Israel’s atomic weapons development site.

Like Duqu , Flame is primarily a reconnaissance weapon, able to copy screen images , websites, emails and network traffic and according to the Russian based Kaspersky Security Lab currently dissecting the virus, it has infected around 1000 computers. Iran confirmed that computers belonging to several high ranking officials appear to have also been penetrated by Flame.

One of its best tricks was to initiate a so-called Collision attack on the Microsoft Terminal Services encryption algorithm. This allows it to spoof the Microsoft Digital Certificate signing service by simulating a legitimate security update from Microsoft, using a cheat code to install entire copies of malicious code automatically.

But Flame’s real significance lies not just in its potential to perform spy missions and cripple specialised target machines such as centrifuges, but its capacity to destroy national infrastructure and engineering/manufacturing systems in general. This is what differentiates it from a less potent weapon of espionage and escalates it to an all-out agent of war. Its sheer breadth of functionality sets it apart.

Flame is therefore a precursor of the next-gen virtual machines of destruction in a world which is already primed for conflict!

Whoever is controlling Flame has now ordered it to self-destruct and erase all traces of its existence to avoid risk of its escape into cyberspace like Stuxnet, as well as prevent duplication of its code by outsiders. 

According to experts, a self-immolation or "suicide" module can locates every Flame file on disk, removing it and then overwriting the disk with random characters to prevent anyone obtaining information about the original infection.

But too late. It is already in the hands of numerous security experts and probably criminal and Black Hat groups as well. So it is only a matter of time before a new improved mutant version of Flame appears.

And this process of enhancement will continue with ever-escalating frequency.

Pandora’s cyber box has now been prized open, with the Obama administration being accused of human rights failures on two fronts. First the use of drones to arbitrarily assassinate state enemies and now its use of covert cyber actions to disable enemy infrastructure.

This failure of US moral standing has immense consequences for the world as a whole.

Now all bets are off and an era of global Cyberwars has been unleashed – unstoppable even if wiser heads realise the immensity of the risk it presents to future world peace and  stability.

The strategists at the Pentagon and NSA have broken a cardinal rule.

They have assumed that information and knowledge can be contained and controlled in the same way as warships, jet fighters and high tech weaponry. But information is not like guns. It inevitably leaks- particularly in the new digital age, regardless of how many Top Secret stamps and digital certificates are placed on it.  Any covert virus no matter how well camouflaged will inevitably reveal itself as it spreads via the Internet and the Planet’s networks, acting as a template for future incursions .

Criminal cartels, terrorist groups and rogue states- in fact any group that can harness the talents of gifted software specialists can now play with the same toys as the big boys. Size doesn’t matter anymore!!

This is simple physics and is why the US’s obsessive paranoia relating to the Bradley Manning and Wikileaks prosecutions is also doomed to rebound in the longer term. If anyone is to blame for massive leaks such as CableGate, it’s the US government and its incredibly sloppy information containment and access protocols; allowing a low level administrative clerk access to data which supposedly is inimical to national security- able to be routinely copied to a lady Gaga CD.

Now it’s happened all over again with the release of the Stuxnet and Flame viruses.

But apart from the blatant hypocrisy and buck passing involved in this otherwise theatre of the absurd, the information would have eventually leaked regardless.  And the argument that it is in the national interest for citizens not to know how their governments are spoofing the other side- aka diplomacy- is also a remnant of medieval times.

With the admission that the use of cyber technology against a State enemy was approved from the President’s Office down, blow-back has begun. Every nation, friendly or otherwise will now develop a similar capability and use it if necessary for its own strategic purposes.

This is not an overly difficult or expensive exercise. Every country such as- Israel, Estonia, Nigeria, Syria, Yemen, North Korea, Democratic Republic of the Congo, Venezuela and Somalia already has access to the same equally creative and intelligent minds as the US and often more so. Any State or organisation for that matter can establish a group of twenty or so elite software engineers and replicate Flame or a more potent version of it in the same timeframe. In the recent global CyberOlympics the Netherlands came first, while in the Cyber Defence University challenge 2011, Russian and Chinese teams from St Petersburg and Zhejianc trounced the elite US colleges. 

The roadmap to full blown Cyberwars is now clear to see.

Cybercrime is the precursor of Cyberwar. It is a relatively new phenomenon but because of its recent scale and game-changing implications for both government and industry it has rapidly become the dominant risk theme of the 21st century.

The opportunity for cyber attacks grows daily as corporations and governments continue to amass information about individuals in complex networks across the Web and at the same time new generations of cyber activists, some motivated purely by money and others by the desire to expose and destabilise corporations and governments, continue to hack into organisational secrets.

In a recent Norton Cybercrime Report, it was reported that breaches of various types claimed 431 million adult victims last year, with 73% of adults in the US alone incurring estimated financial losses of $US140 billion. As a criminal activity, cyber incursion is now almost as lucrative as the illegal drug trade. The total cost last year, including lost productivity and direct cash losses resulting from cyber intrusions associated with viruses, malware and identity theft is estimated at $US 388 billion.

The security firm McAfee also in a recent report, listed a range of cybercrime technologies deployed including- denial of service attacks, malware, spam, phishing, social site engineering, mobile phone viruses, botnets and phone sms Trojan messages. Also more recently, hacking drones- small remote controlled unmanned aerial vehicles- UAVs, which can automatically detect and compromise wireless networks, by locating a weak spot in a corporate internet connection, have been used. To make matters worse, the first flaws in the advanced encryption standard used for Internet banking and financial transactions as well as Government secure transmission, have been discovered.

But most worrying, security experts from McAfee have confirmed the biggest series of cyber attacks to date, involving infiltration of the networks of 72 organisations around the world including- the UN, the governments of the US, Taiwan, India, South Korea, Vietnam and Canada, ASEAN, the International Olympic committee and an array of companies from defence contractors to high-tech enterprises including Google- with most of the victims unaware until recently of the breaches.

This represents a massive loss of economic advantage- possibly the biggest transfer of IP wealth in history. Currently every company in every industry of significant size, with valuable IP, contracts or trade secrets is potentially under attack and this will inevitably extend to smaller organisations such as strategic hitech start-ups in the future. At the national level it involves exposure of sensitive state secrets including policy intentions and decisions covering all levels and functions of Government- trade, defence and industry policy.

The stakes are huge; a challenge to economies and global markets from both an enterprise and State perspective. This is an intolerable situation. But because it has exploded at such speed, the response to date has largely been fragmented and ineffective.

But an even more ominous threat has now emerged- the Mafia State. Mafia states include criminal groupings such as the Russian, Bulgarian and Eurasian cartels, now using cyber technology, to achieve global reach. Their mission is not just to hack credit cards and phish identities, but to infiltrate Governments at the highest level- the networks of power including senior politicians and bureaucrats, security and police department heads and major corporate executives.

Mafia dominated States include- Russia, Bulgaria, Venezuela, Kosovo, the Ukraine, Afghanistan and Guinea.  Because of the global economic crisis they have been able to acquire valuable companies and assets at bargain prices and because of record unemployment levels have been able to hire experts in every field relevant to their operations- lawyers, accountants and now software engineers. This is about much more than pillaging credit cards and trade data or bringing down unpopular sites. It’s about creating a criminal ecosystem that challenges democracy.

On a global scale, therefore cybercrime is already morphing into full blown Cyberwar!

The world's superpowers have already begun to introduce new cyber-policies to desperately protect their intellectual property, infrastructure and financial assets, as well control the flow of information within their populations. Despite their tenuous cooperation to eliminate the threat of cyber intrusion, each is also covertly preparing for the new era of Cyber Espionage.

The US is working feverishly on Plan X devised by the Defence Advanced Research Agency - turning to the private sector, universities and even computer game companies as part of a grand effort to fast track its cyber warfare capabilities. Plan X’s goal is to dominate the new digital playing field, just as it has in the past- the traditional physical battlefield; wishful thinking at best and at worst living in a dangerous delusional bubble.

The earlier US Cyber Manifesto has also been stymied. This policy aimed at supporting open access to the Internet while at the same time pursuing a policy of aggressive physical deterrence against any foreign powers such as China and Iran or organisations like WikiLeaks, which attempt to penetrate US computer systems. But even this policy is meeting resistance from vested interests on issues of regulatory control and government surveillance of business system security.

The European Convention on Cybercrime is currently bogged down because EU governments are reluctant to share sovereign IT information with other powers, even if friendly. But this may change in the future as the pressure on the Eurozone to become a United States of Europe intensifies.

China on the other hand is going for the jugular, establishing The State Internet Information Office with the express purpose of regulating and controlling its vast internet population. It has even considered building an alternative Internet to sidestep the US controlled ICAAN if a plan for an alternative UN-ITU managed forum cannot be agreed. Other dictatorial regimes across the world, from Syria to Saudi Arabia have also introduced extreme punitive measures to monitor and control access to the Web by dissidents, particularly now with democratic unrest sweeping the world, catalysed by the Arab Spring.

But the US, with the release of Stuxnet and Flame have taken this War of the Worlds to another level. They have attacked the infrastructure of an enemy nation- the very heart and soul of its social and technological integrity. In doing so they have unleashed a hydra-headed cyber-monster which could destroy the fabric of society and humanity with it.

Cybercrime  and Cyberwars go hand in hand. One is just the flip side of the other. Breaking into confidential files – whether war plans or credit cards is espionage combined with fraud, while breaking into and disabling a nation’s industrial and infrastructure assets is an act of war.

From now on Cyberspace will be the new battleground and each group will be racing, not to cooperate, but to seize the opportunity and control the process for their own ends. For many Governments, businesses and criminal groups the glittering prize of domination will be too hard to resist.

The world had turned upside down in the blink of an eye.

All parties now understand that the nature of conflict and balance of world power is shifting with lightning speed, obsoleting overnight the nature of traditional war and economic dominance in a globalised cyber-world. Future conflicts will not be about destroying an enemy armed with billion dollar hi-tech armaments such as tanks, jets and warships, but will be primarily played out on a digital chessboard in future cyberspace.

Oversize superpower military budgets are no longer necessary or prudent when an equally lethal attack can be waged with virtual weapons at a tiny fraction of the cost. 

What value a sophisticated weapons system if it can be disabled by an elite group of cyber hackers with a Stuxnet or Flame type virus?

What value armies of highly trained soldiers if their command and control centres can be disabled with a few keyboard strokes and a swarm of smart software agents?

What value the trillions of dollars spent on containing Al-Qaeda if the economic and logistical systems supporting the attack can be thrown into disarray by a powerful artificial intelligence algorithm?

But the military establishments of the major powers are still coming to terms with the mind-blowing ramifications of Cyberwar. Not only will their weapons soon be obsolete but they will be too.

And as in the War of The Worlds, this can include control of robotic devices such as today’s drones as well as Satellite systems- not just used for surveillance, but for tracking the world’s ecosystems and helping preserve the planet. But today’s smart sensory devices are also coming in micro packages- smart satellites the size of milk cartons that can be launched by groups such as the White Hats. UAV swarms and mini drones, such as currently being manufactured by Venezuela for Iran, that can carry lethal payloads, not in the form of bombs, but chemical agents.

With the new Internet protocol Ipv6 about to be launched, with the capacity to link the Internet to any electronically embedded physical artefact, such micro devices can be controlled and disabled exactly as the Iranian centrifuges.

Any physical object or service that can be linked to sensors and a wireless antenna including- manufacturing and production machinery, vehicle and transport networks, communication hubs, security systems, medical devices, electricity grids, bridges and roads, as well as billions of consumer and industrial devices, have now been drawn into this digital vortex. 

These scenarios are rapidly becoming the stuff of nightmares - and why? Because the US Administration, the Pentagon and its acolytes, couldn’t resist displaying their Alpha prowess- taking the morally low road to retribution, when negotiations faltered; using the same flawed self-serving logic that allowed a million civilians to be incinerated at Hiroshima.

Dominance in tomorrow’s world is now about nimble minds, artificial intelligence and super smart algorithms. Any country on the planet will be able to afford to train an endless stream of talented young agile minds to code complex cyber warfare algorithms, especially when the latest efforts by the major powers, such as Stuxnet and Flame and the dozens of other worms and malware are already available as templates on the black market.

Anything that a superpower such as the US or China throws at this problem in the future will rebound on them the next day or the next hour.

And recruiting the best young hackers and software engineers and stashing them in a modern day Bletchley Park like the code breakers working on the Nazi Enigma machine, isn’t going to work either. The competitive advantage of MIT, Harvard or University of Pennsylvania trained software engineers is about to evaporate as the STEM – Science Technology Engineering and Maths faculties of these elite educational establishments begin to churn out free courseware,  enrolling hundreds of thousands of eager students free of charge online around the world.

Under the new mantra of free education, the next generation will be able to study courses in software engineering, artificial intelligence and Web science at the same rigorous level as their fee paying contemporaries from these world class institutions. With the venture capital already provided for massive online startups such as Coursera and Udacity, courses are being designed by the leading US professors and specialists in these domains, eventually creating a base pool of millions from which to draw the best coders from any country.

This is an immensely good thing, allowing poorer nations to bootstrap to the same educational and technical levels as the developed world in a very short time; providing essential skills for tomorrow’s society and increasing global productivity and innovation in a time of desperate need.  

But it’s a nightmare when it coincides with an Alpha superpower’s naked ambition to dominate tomorrow’s Cyber killing fields. 

But for the major protagonists of the neo War of the Worlds, the main goal is to control the ultimate prize of civilisation –the Internet/Web- humanity’s knowledge hub. Alarm bell are already ringing in the US Congress where desperate warnings are being issued of the chaos that will occur if control is ceded via the International Telecommunications Union-ITU, to the 160 nations of the UN that currently have no say in managing a system that increasingly controls their destiny. This is the US displaying its most arrogant behaviour – arguing in autocratic terms that it’s far better to have a wise benevolent dictator superpower than a ragbag democracy which includes India, China, Europe and Africa to oversee such an essential asset.  

So the race is on to co-opt the most advanced cyber technology to gain a global edge. Present day cybercrime technologies however will appear largely primitive within the next few years. The emphasis will shift to the application of much more sophisticated Cyberagent software technology.

The first generation of software agents appeared in the nineties and was used to trawl the Web, applying basic search procedures to locate information resources such as online shopping or travel sites and locating the best prices.

The second generation emerged around five years later. These programs were smarter, incorporating artificial intelligence that enabled them to make decisions more autonomously to meet their operational goals. They were deployed mainly in simulations of interactive population and component behaviour in a variety of environments- shopping malls, supply chains as well as disaster and conflict areas. In addition, they possessed superior negotiation and decision logic skills, using Game theory and semantic inferencing techniques.

But the third generation agents will be something else again. These will be based on complementary combinations of advanced AI techniques such as- ‘evolutionary algorithms’, that allow them to constantly improve their skills; 'neural networks' for superior pattern recognition and learning; ‘bayesian logic’ for powerful inferencing capabililty; ‘ant foraging' to help find the most efficient paths through complex network environments and ‘swarm' technology, allowing individual agent intelligence to be amplified by working cooperatively in large groups.

They will increasingly also be capable of tapping into the enormous computational intelligence of the Web, including the public databases of mathematical and scientific algorithms, eventually allowing their intelligence to be amplified by a factor of a hundredfold over previous agent capabilities.

Such agent swarms will also be equipped behaviourally and cognitively to focus on their missions with laser or Zen-like concentration, to the exclusion of everything else, until they have chased down their quarry; whether corporate strategic plans, government covert secrets or nuclear missile blueprints.

This Uber-level of intelligence will transform Agent swarms into formidable cyber strike forces, which could operate under deep cover or in sleeper mode, transforming into harmless chunks of code until a cell and attack is activated and can also replicate rapidly if additional forces are required.

Although this might sound like science fiction, the AI techniques involved, such as evolutionary algorithms, neural networks and swarm architectures have been in common use in business and industry for over ten years. The ability to harness them in cyber strike force mode is only a matter of time.

But all parties are now beginning to understand that the nature of conflict and the balance of world power is shifting with lightning speed, obsoleting overnight the nature of war and traditional economic dominance in a globalised cyber-world. As outlined, future conflicts will not be about destroying an enemy armed with billion dollar hi-tech armaments but will be played out largely in future cyberspace.

But the option of a full blown Cyberwar eventuating has just received an enormous boost from the latest risk assessment of global warming.  Now we are informed, prior to the next global warming conference in Rio +20, that the earth is very close to a tipping point, with a maximum of ten years to reset the parameters of carbon consumption and overuse of the planet’s finite natural resources. Otherwise Armageddon is irreversible. This will dominate major policy discussions in all political forums from now on.

Cyberwars are far more likely to flourish in chaotic times of critical food and water shortages, with countries desperate to secure access to critical resources. That time is not far off, with estimates of major food shortages and rising prices as early as 2013, with a follow-on spike in global conflict highly likely.  

The threat of all out Cyberwar is now an urgent issue that transcends lines between individual enterprises or governments. Unless a global cyber security framework, binding both the private and public sectors can be engineered, a world of disorder will rapidly emerge - a turbulent world, where evolutionary change in shorter and shorter timeframes will cease to be adaptive and become ultimately destructive.

The second War of The Worlds will emerge with no happy ending.

3 comments:

  1. An informative post...!!! I am so excited to get this post article. It is really so helpful topic for us. I was looking forward to get such an informative post. Thanks mate for sharing this post. mobile security system

    ReplyDelete
  2. Of course there is always the possibility, that there are people too stupid to give up. And just like other historical epochs that confounded civilization and seemed to be a surefire road to hell, life confounded doom and found some way to survive in the niche, hidden pockets of the environment until spawning the new generations that would try again. It may be hubris to think that we are so advanced, when the height of our technological prowess holds the seeds of its own destruction. At least with cyberwar, there is relatively little pollution. Also, aren't you just a bit concerned that as in the more modern allegory, The Terminator, that the machines themselves will run amok?

    ReplyDelete
  3. Brilliant analysis. I agree that cyberwar and cyberespionage will be increasingly significant. In my novel Fifty55Five, I write about just such a scenario, involving a future war between America and Sino-India. Apropos to your utopian/dystopian article, Fifty55Five favors the latter scenario.

    You can pre-order a copy of Fifty55Five here: http://www.amazon.com/dp/B00QIUEQUG

    ReplyDelete