Archive for category Cyber Security
FBI launches $1 billion nationwide facial recognition system
By Sebastian Anthony on September 7, 2012
The US Federal Bureau of Investigation has begun rolling out its new $1 billion biometric Next Generation Identification (NGI) system. In essence, NGI is a nationwide database of mugshots, iris scans, DNA records, voice samples, and other biometrics, that will help the FBI identify and catch criminals — but it is how this biometric data is captured, through a nationwide network of cameras and photo databases, that is raising the eyebrows of privacy advocates.
Until now, the FBI relied on IAFIS, a national fingerprint database that has long been due an overhaul. Over the last few months, the FBI has been pilot testing a facial recognition system — and soon, detectives will also be able to search the system for other biometrics such as DNA records and iris scans. In theory, this should result in much faster positive identifications of criminals and fewer unsolved cases.
According to New Scientist, facial recognition systems have reached the point where they can match a single face from a pool of 1.6 million mugshots/passport photos with 92% accuracy, in under 1.2 seconds [PDF]. In the case of automated, biometric border controls where your face and corresponding mugshot are well lit, the accuracy approaches 100%. Likewise, where DNA or iris records exist, it’s a very expedient way of accurately identifying suspects.
So far, so good — catching criminals faster and making less false arrests must be a good thing, right? Well, yes, but there are some important caveats that we must bear in mind. For a start, the pilot study has only used mugshots and driving license photos of known criminals — but the FBI hasn’t guaranteed that this will always be the case. There may come a time when the NGI is filled with as many photos as possible, from as many sources as possible, of as many people as possible — criminal or otherwise. This might be as overt as parsing CCTV footage and collating every single face into a database; or maybe you’re just unlucky and your face ends up in the system because you’re in the background of a photo starring a known criminal.
Imagine if the NGI had full access to every driving license and passport photo in the country — and DNA records kept by doctors, and iris scans kept by businesses. The FBI’s NGI, if the right checks and balances aren’t in place, could very easily become a tool that decimates civilian privacy and freedom. Time to invest in a hoodie, I think…
- Next Generation Identification (NGI) System: FBI Launches $1 Billion Nationwide Biometric Database (cryptogon.com)
- FBI plugs $1 billion into facial recognition tech to turn America into its own game of ‘Where’s Waldo?’ (bgr.com)
- FBI Launches $1 Billion Nationwide Face Recognition System (yro.slashdot.org)
- FBI launches $1 billion face recognition project (newscientist.com)
- FBI begins installation of $1 billion face recognition system across America (rt.com)
- FBI begins installation of $1 billion face recognition system across America (talesfromthelou.wordpress.com)
- FBI begins installation of $1 billion face recognition system across America (EndtheLie.com)
- FBI Launches $1Billion Face Recognition Project (eurasiareview.com)
- FBI to Share Facial Recognition Software with States (blacklistednews.com)
- Privacy hawks fret as FBI upgrades biometrics capacities (news.cnet.com)
FBI arrests dozens in credit card fraud sting
By Brendan Sasso - 06/26/12 04:20 PM ET
Police around the world arrested 24 people in a massive crackdown on online fraudsters, the Justice Department announced Tuesday.
The sting, codenamed “Operation Card Shop,” led the FBI to arrest 11 people in California, New York and five other states. Officials in seven foreign countries, including the United Kingdom and Bosnia, nabbed another 13 people in the operation.
The authorities accuse the defendants of stealing credit card numbers and other personal financial information.
According to court documents, the FBI set up an undercover website called “Carder Profit” in 2010, which pretended to be a forum for fraudsters to buy and sell financial information and exchange tips about hacking.
The site was designed to allow the FBI to monitor and record all of its discussion threads and private messages.
To make the site seem safe from police, new users could only access it if they were recommended by two existing users.
The FBI monitored the site and its users’ communications for two years.
The United States shared the evidence it collected with the foreign authorities for Tuesday’s coordinated crackdown.
The U.S. Attorney’s Office for the Southern District of New York said the operation was the “largest coordinated international law enforcement action in history aimed at ‘carding’ crimes” — offenses in which criminals traffic stolen credit cards on the Internet.
Officials claimed the sting protected more than 400,00 victims and prevented the theft of more than $205 million.
- FBI Announces 24 Arrests in Credit Card Fraud Probe Dubbed “Operation Card Shop” (creditcardprocessing.net)
- Dozens Said to Be Arrested in FBI Sting Operation Into Credit Card Fraud (forbes.com)
- Two Dozen Arrested in Global Credit Card Fraud Sting – Businessweek (businessweek.com)
- FBI Smashes Global Credit Card Fraud Ring (blogs.voanews.com)
- FBI hauls in 24 credit card hackers in online sting (arstechnica.com)
- FBI Nabs 24 in Credit Card Fraud Scheme (theepochtimes.com)
- F.B.I. Says 24 Are Arrested in Credit Card Theft (nytimes.com)
- FBI nabs 24 in credit card sting (guardian.co.uk)
- FBI cyber-crime sting snares 24 (bbc.co.uk)
- FBI busts 2 dozen in massive online fraud ring- Cyber bank robbers attempt billion-dollar heist (foxnews.com)
By Adam Segal
June 19, 2012
In diplomatic speak, the talks were candid and constructive. Both sides acknowledged the mistrust that characterizes the relationship. The Chinese felt their contributions to global cybersecurity, especially by the National Computer Network Emergency Response Technical Team/Coordination Center of China (), weren’t adequately acknowledged. Both sides believe their respective governments have a strong desire for cooperation.
But there was little clarity on what concretely the two sides could actually do to build trust (except for the obvious but seemingly unattainable: for the United States, China should stop stealing so much intellectual property; and for China, the U.S. should stop trying to maintain its hegemony in cyberspace, contain Beijing, and militarize cyberspace). Calls for greater transparency were met from the Chinese with the habitual protest that this was difficult for the weaker side. When pressed for areas where China and the United States might cooperate, Chinese analysts pointed to protecting critical infrastructure and fighting crime, but also noted that cyber cooperation was a work in progress and the conditions might not be right for moving forward.
To be sure, I’m not privy to what happens behind closed-door meetings, but the Chinese response to the , the norms of behavior in cyberspace that China – along with Russia, Tajikistan, and Uzbekistan – has circulated at the United Nations. Their basic line? “In your you said the United States would work collaboratively to develop norms. We suggested some, not insisting that they were for everyone, and since then silence. Isn’t there anything in the International Code that you like?”’ reporting about Stuxnet was more indirect than I expected. The Chinese seemed more direct and aggrieved in their critique of what they saw as the U.S. refusal to engage the
The mistrust has been worsened by both sides inability to signal intentions. This is of course difficult in cyberspace; governments can say that they have nothing to do with attacks, but the attribution problem makes it difficult to verify those statements. Moreover, the United States has repeatedly stated that the primary mission of is the defense of U.S. networks, not offensive operations. Not surprisingly, the Chinese are weighing capabilities as much as, if not more than, expressed intent.
The signaling problem has been exacerbated by what one Chinese academic called the “hype of the media” – breathless reporting about cyberwar and digital espionage. You could see the negative effects of this, as at least one Chinese analyst seemed to accept everything in U.S. newspapers as not only true, but also as the official U.S. government position. For example, the story of Secretary of State Hillary Clinton admitting that the State Department in Yemen, as the purchase of advertisements, was used as evidence of American attacks.
The big takeaway from the meeting was the need for more communication and the development of official points of contact and crisis communication procedures. There was some worrying confusion over how many hotlines exist between the two countries (at least two) and how effective they are (basically, from the U.S. perspective, not at all). It’s a cliché that cyber events can occur in hours, if not minutes, but the two sides need to prepare for the almost inevitable crisis. Summoning the other side’s ambassador for an explanation may have worked in the past, but it will be too slow today. People and procedures need to be prepositioned. Sino-U.S. cyber cooperation is a work in progress, but let’s hope this is one area where the conditions allow for progress.
- Chinese tech giant calls for cyber cooperation (msnbc.msn.com)
- Is India a U.S. Cyber Ally? (the-diplomat.com)
- Chinese tech giant Huawei calls for cyber cooperation (mercurynews.com)
- China bean-counters should open their books. (mbcalyn.com)
- Battle For The Internet – U.S. And China Engage In Cyber War Games (freeinternetpress.com)
- Cyber-Attack Cripples U.S. Website Covering China’s Bo Xilai Scandal (freeinternetpress.com)
- Look For China To Buy More U.S. Companies (forbes.com)
- Bhutan’s move reflects maturing Sino-Indian ties (thehindu.com)
- US, China to Cooperate on Cyber Security (blogs.voanews.com)
June 26, 2012
A series of revelations suggest that the U.S. and Israel are engaged in a cyber war with Iran. If true, any hope of progress in talks over Iran’s nuclear program could be jeopardized.
On June 21, Iran’s intelligence minister, Heydar Moslehi, that Iran had detected what he called a “massive cyber attack” against Iran’s nuclear facilities planned by “America and the Zionist regime (Israel) along with the [British spy agency] MI6.”
Moslehi may or may not have been making this up, but based on recent history and a striking series of revelations from U.S. national security officials in leaks to the and in a by David E. Sanger, the Iranian official has plausibility on his side.,
More importantly, the Iranian charges suggest that a long-running cyberwar campaign against Iran by the United States and Israel has the potential to fatally undermine the already difficult negotiations between Iran and the so-called P5+1 world powers over Iran’s nuclear research and uranium enrichment plans. “Obama [is] prepared to let half-baked schemes undermine any chance he might have had, at least in theory, to pursue serious diplomacy with Iran,” Flynt Leverett and Hilary Mann Leverett, both former officials at the National Security Council under George W. Bush, who’ve criticized Obama’s approach toward Iran.
In the worst case, in fact, the U.S.-led cyberwar effort – which, analysts in Washington say, is a form of offensive, undeclared warfare – could drastically heighten tensions between Iran and the United States even to the point of open conflict.
In ,” the code name for a major U.S. covert operation against Iran launched by the Bush administration, with Israel’s cooperation, in 2007-2008 and then vastly expanded by President Barack Obama. “,” Michael Hayden, former director of the CIA, told Sanger. “Somebody has crossed the Rubicon,” he said, likening the cyber sabotage of Iran’s plants in some senses to the August 1945 atomic bombing of Hiroshima., Sanger describes in detail the never-before-told story of “
Using information gleaned from Israeli on-the-ground spies with access to facilities such as Natanz, where Iran’s centrifuges spin, the U.S. team reportedly implanted a spyware “beacon,” likely by means of a small thumb drive, making use of insider knowledge from the German industrial giant Siemens. Apparently, reports Sanger, Israeli spies recruited or subverted engineers from Siemens to help out in the cause.
Obama is said to have overseen the entire operation closely, despite his concern that Iran might respond by launching attacks on American troops in Iraq, Afghanistan and the Persian Gulf, on Israel, and on the vast Saudi oil complex. He is alleged to have continued the program even after the virus, called Stuxnet by those who later analyzed it, escaped the confines of Iran’s nuclear program and spread around the globe, especially in India and Indonesia. According to media reports, discovery led to panic inside the White House. “Inside the Pentagon and the CIA, there were meetings about whether the United States would be accused of being among the first to use a cyberweapon against a sovereign state,” writes Sanger.
Indeed, the United States has spent billions of dollars developing a defense system against cyberwar attacks from abroad while, more quietly, developing its own offensive cyberwar capability at the Pentagon. More often than not, the United States is quick to of conducting cyberwarfare against the United States, though so far mostly limited, it says, to espionage and industrial secrets. To ring alarm bells about cyberwarfare against the United States, the threat has been compared with the 1941 Japanese attack on Hawaii. “There’s a strong likelihood that the next Pearl Harbor we confront could very well be a cyberattack that cripples our power systems, our grid, our security systems, our financial systems, our governmental system,” , the U.S. defense secretary.
In the case of Iran, it seems, it was the United States playing the role of 1941 Japan.
For years, there have been repeated reports of U.S. efforts to acquire and refine offensive cyberwarfare capabilities. The Pentagon, under a project , is using the Defense Advanced Research Projects Agency (DARPA) in a five-year, $110 million effort. They hope to hone the military’s ability to use cyber-warfare to “dominate the digital battlefield just like they do the traditional battlefield,” notes Herbert S. Lin, a cyber security expert with the National Research Council of the National Academies.
Besides , the United States and Israel also collaborated on developing a designed to penetrate Iran’s computer systems and send back massive amounts of data that could be used to target and disrupt its nuclear research and other industrial facilities in Iran, including oil production. : “Flame came to light last month after Iran detected a series of cyberattacks on its oil industry. The disruption was directed by Israel in a unilateral operation that apparently caught its American partners off guard, according to several U.S. and Western officials who spoke on the condition of anonymity.”
“The virus is among the most sophisticated and subversive pieces of malware to be exposed to date. Experts said the program was designed to replicate across even highly secure networks, then control everyday computer functions to send secrets back to its creators. The code could activate computer microphones and cameras, log keyboard strokes, take screen shots, extract geolocation data from images, and send and receive commands and data through Bluetooth wireless technology.”
So the charges from Moslehi last week don’t seem unlikely at all. What’s uncertain, now, is what Iran’s response might be.
- X Marks the Spot of the First Cyber War (bigthink.com)
- Why a Cyber War Would Be a Better Option (bigthink.com)
- US Unleashed Stuxnet Cyber War On Iran To Appease Israel – Report (eurasiareview.com)
- Our Cyber-War Defenses (andrewsullivan.thedailybeast.com)
- Iran: ‘Massive cyber attack’ detected on nuclear facilities – msnbc.com (msnbc.msn.com)
- IRAN: The Deathly Hollows (strategypage.com)
- X Marks the Spot of the First Cyber War (futurelab.net)
- INFORMATION WARFARE: Israel and U.S. Admit Joint Cyber War Effort (strategypage.com)
- Preparing for World Web War I (blacklistednews.com)
A Weapon We Can’t Control
By MISHA GLENNY
Published: June 24, 2012
THE decision by the United States and Israel to develop and then deploy the Stuxnet computer worm against an Iranian nuclear facility late in George W. Bush’s presidency marked a significant and dangerous turning point in the gradual militarization of the Internet. Washington has begun to cross the Rubicon. If it continues, contemporary warfare will change fundamentally as we move into hazardous and uncharted territory.
It is one thing to write viruses and lock them away safely for future use should circumstances dictate it. It is quite another to deploy them in peacetime. Stuxnet has effectively fired the starting gun in a new arms race that is very likely to lead to the spread of similar and still more powerful offensive cyberweaponry across the Internet. Unlike nuclear or chemical weapons, however, countries are developing cyberweapons outside any regulatory framework.
There is no international treaty or agreement restricting the use of cyberweapons, which can do anything from controlling an individual laptop to disrupting an entire country’s critical telecommunications or banking infrastructure. It is in the United States’ interest to push for one before the monster it has unleashed comes home to roost.
Stuxnet was originally deployed with the specific aim of infecting the Natanz uranium enrichment facility in Iran. This required sneaking a memory stick into the plant to introduce the virus to its private and secure “offline” network. But despite Natanz’s isolation, Stuxnet somehow escaped into the cyberwild, eventually affecting hundreds of thousands of systems worldwide.
This is one of the frightening dangers of an uncontrolled arms race in cyberspace; once released, virus developers generally lose control of their inventions, which will inevitably seek out and attack the networks of innocent parties. Moreover, all countries that possess an offensive cyber capability will be tempted to use it now that the first shot has been fired.
Until recent revelations by The New York Times’s David E. Sanger, there was no definitive proof that America was behind Stuxnet. Now computer security experts have found a clear link between its creators and a newly discovered virus called Flame, which transforms infected computers into multipurpose espionage tools and has infected machines across the Middle East.
The United States has long been a commendable leader in combating the spread of malicious computer code, known as malware, that pranksters, criminals, intelligence services and terrorist organizations have been using to further their own ends. But by introducing such pernicious viruses as Stuxnet and Flame, America has severely undermined its moral and political credibility.
Flame circulated on the Web for at least four years and evaded detection by the big antivirus operators like McAfee, Symantec, Kaspersky Labs and F-Secure — companies that are vital to ensuring that law-abiding consumers can go about their business on the Web unmolested by the army of malware writers, who release nasty computer code onto the Internet to steal our money, data, intellectual property or identities. But senior industry figures have now expressed deep worries about the state-sponsored release of the most potent malware ever seen.
During the cold war, countries’ chief assets were missiles with nuclear warheads. Generally their number and location was common knowledge, as was the damage they could inflict and how long it would take them to inflict it.
Advanced cyberwar is different: a country’s assets lie as much in the weaknesses of enemy computer defenses as in the power of the weapons it possesses. So in order to assess one’s own capability, there is a strong temptation to penetrate the enemy’s systems before a conflict erupts. It is no good trying to hit them once hostilities have broken out; they will be prepared and there’s a risk that they already will have infected your systems. Once the logic of cyberwarfare takes hold, it is worryingly pre-emptive and can lead to the uncontrolled spread of malware.
Until now, America has been reluctant to discuss regulation of the Internet with Russia and China. Washington believes any moves toward a treaty might undermine its presumed superiority in the field of cyberweaponry and robotics. And it fears that Moscow and Beijing would exploit a global regulation of military activity on the Web, in order to justify and further strengthen the powerful tools they already use to restrict their citizens’ freedom on the Net. The United States must now consider entering into discussions, anathema though they may be, with the world’s major powers about the rules governing the Internet as a military domain.
Any agreement should regulate only military uses of the Internet and should specifically avoid any clauses that might affect private or commercial use of the Web. Nobody can halt the worldwide rush to create cyberweapons, but a treaty could prevent their deployment in peacetime and allow for a collective response to countries or organizations that violate it.
Technical superiority is not written in stone, and the United States is arguably more dependent on networked computer systems than any other country in the world. Washington must halt the spiral toward an arms race, which, in the long term, it is not guaranteed to win.
- Op-Ed Contributor: Stuxnet Will Come Back to Haunt Us (nytimes.com)
- Stuxnet cyberattack by US a ‘destabilizing and dangerous’ course of action, security expert Bruce Schneier says (mbcalyn.com)
- Stuxnet Cyberweapon Operation Comes to Halt (bigthink.com)
- Stuxnet cyberweapon set to stop operating (csmonitor.com)
- U.S., Israel developed Flame computer virus to slow Iranian nuclear efforts, officials say – The Washington Post (mbcalyn.com)
- Confirmed: US and Israel created Stuxnet, lost control of it (arstechnica.com)
- Flame pieces found in Stuxnet virus, expert says (mercurynews.com)
- Cybersleuths see link between Flame, Stuxnet virus (cbsnews.com)
- Flame Steals Data Even When Computers Are Not Connected to the Internet (blacklistednews.com)
- Confirmed: US and Israel created Stuxnet, lost control of it (weeklyintercept.blogspot.com)
U.S., Israel developed Flame computer virus to slow Iranian nuclear efforts, officials say – The Washington Post
U.S., Israel developed Flame computer virus to slow Iranian nuclear efforts, officials say
The massive piece of malware secretly mapped and monitored Iran’s computer networks, sending back a steady stream of intelligence to prepare for a cyberwarfare campaign, according to the officials.
The effort, involving the National Security Agency, the CIA and Israel’s military, has included the use of destructive software such as the Stuxnet virus to cause malfunctions in Iran’s nuclear-enrichment equipment.
The emerging details about Flame provide new clues to what is thought to be the first sustained campaign of cyber-sabotage against an adversary of the United States.
“This is about preparing the battlefield for another type of covert action,” said one former high-ranking U.S. intelligence official, who added that Flame and Stuxnet were elements of a broader assault that continues today. “Cyber-collection against the Iranian program is way further down the road than this.”
Flame came to light last month after Iran detected a series of cyberattacks on its oil industry. The disruption was directed by Israel in a unilateral operation that apparently caught its American partners off guard, according to several U.S. and Western officials, speaking on the condition of anonymity.
There has been speculation that the United States had a role in developing Flame, but the collaboration on the virus between Washington and Israel has not been previously confirmed. Commercial security researchers last week reported that Flame contained some of the same code as Stuxnet. Experts described the overlap as DNA-like evidence that the two sets of malware were parallel projects run by the same entity.
Spokesmen for the CIA, the NSA and the Office of the Director of National Intelligence, as well as the Israeli Embassy in Washington, declined to comment.
The virus is among the most sophisticated and subversive pieces of malware to be exposed to date. Experts said the program was designed to replicate across even highly secure networks, then control everyday computer functions to send secrets back to its creators. The code could activate computer microphones and cameras, log keyboard strokes, take screen shots, extract geolocation data from images, and send and receive commands and data through Bluetooth wireless technology.
Flame was designed to do all this while masquerading as a routine Microsoft software update; it evaded detection for several years by using a sophisticated program to crack an encryption algorithm.
“This is not something that most security researchers have the skills or resources to do,” said Tom Parker, chief technology officer for FusionX, a security firm that specializes in simulating state-sponsored cyberattacks. He said he does not know who was behind the virus. “You’d expect that of only the most advanced cryptomathematicians, such as those working at NSA.”
Flame was developed at least five years ago as part of a classified effort code-named Olympic Games, according to officials familiar with U.S. cyber-operations and experts who have scrutinized its code. The U.S.-Israeli collaboration was intended to slow Iran’s nuclear program, reduce the pressure for a conventional military attack and extend the timetable for diplomacy and sanctions.
The cyberattacks augmented conventional sabotage efforts by both countries, including inserting flawed centrifuge parts and other components into Iran’s nuclear supply chain.
The best-known cyberweapon let loose on Iran was Stuxnet, a name coined by researchers in the antivirus industry who discovered it two years ago. It infected a specific type of industrial controller at Iran’s uranium-enrichment plant in Natanz, causing almost 1,000 centrifuges to spin out of control. The damage occurred gradually, over months, and Iranian officials initially thought it was the result of incompetence.
The scale of the espionage and sabotage effort “is proportionate to the problem that’s trying to be resolved,” the former intelligence official said, referring to the Iranian nuclear program. Although Stuxnet and Flame infections can be countered, “it doesn’t mean that other tools aren’t in play or performing effectively,” he said.
To develop these tools, the United States relies on two of its elite spy agencies. The NSA, known mainly for its electronic eavesdropping and code-breaking capabilities, has extensive expertise in developing malicious code that can be aimed at U.S. adversaries, including Iran. The CIA lacks the NSA’s sophistication in building malware but is deeply involved in the cyber-campaign.
The CIA’s Information Operations Center is second only to the agency’s Counterterrorism Center in size. The IOC, as it is known, performs an array of espionage functions, including extracting data from laptops seized in counterterrorism raids. But the center specializes in computer penetrations that require closer contact with the target, such as using spies or unwitting contractors to spread a contagion via a thumb drive.
Both agencies analyze the intelligence obtained through malware such as Flame and have continued to develop new weapons even as recent attacks have been exposed.
Flame’s discovery shows the importance of mapping networks and collecting intelligence on targets as the prelude to an attack, especially in closed computer networks. Officials say gaining and keeping access to a network is 99 percent of the challenge.
“It is far more difficult to penetrate a network, learn about it, reside on it forever and extract information from it without being detected than it is to go in and stomp around inside the network causing damage,” said Michael V. Hayden, a former NSA director and CIA director who left office in 2009. He declined to discuss any operations he was involved with during his time in government.
Years in the making
The effort to delay Iran’s nuclear program using cyber-techniques began in the mid-2000s, during President George W. Bush’s second term. At that point it consisted mainly of gathering intelligence to identify potential targets and create tools to disrupt them. In 2008, the program went operational and shifted from military to CIA control, former officials said.
Despite their collaboration on developing the malicious code, the United States and Israel have not always coordinated their attacks. Israel’s April assaults on Iran’s Oil Ministry and oil-export facilities caused only minor disruptions. The episode led Iran to investigate and ultimately discover Flame.
“The virus penetrated some fields — one of them was the oil sector,” Gholam Reza Jalali, an Iranian military cyber-official, told Iranian state radio in May. “Fortunately, we detected and controlled this single incident.”
Some U.S. intelligence officials were dismayed that Israel’s unilateral incursion led to the discovery of the virus, prompting countermeasures.
The disruptions led Iran to ask a Russian security firm and a Hungarian cyber-lab for help, according to U.S. and international officials familiar with the incident.
Last week, researchers with Kaspersky Lab, the Russian security firm, reported their conclusion that Flame — a name they came up with — was created by the same group or groups that built Stuxnet. Kaspersky declined to comment on whether it was approached by Iran.
“We are now 100 percent sure that the Stuxnet and Flame groups worked together,” said Roel Schouwenberg, a Boston-based senior researcher with Kaspersky Lab.
The firm also determined that the Flame malware predates Stuxnet. “It looks like the Flame platform was used as a kick-starter of sorts to get the Stuxnet project going,” Schouwenberg said.
- Flame malware developed by US, Israel to slow Iranian nuclear efforts (slashgear.com)
- U.S., Israel developed computer virus to slow Iranian nuclear efforts, officials say (lesliebrodie.wordpress.com)
- U.S., Israel developed Flame computer virus, The Washington Post reports (haaretz.com)
- U.S., Israel developed Flame computer virus to slow Iranian nuclear efforts, officials say (blacklistednews.com)
- Iran acknowledges that Flame virus has infected computers nationwide – The Washington Post (mbcalyn.com)
- Yup, Flame Probably Was Part of U.S. Efforts to Stop Iran’s Nuclear Program (betabeat.com)
- New report ties U.S., Israel to Flame via Stuxnet code comparison (shortformblog.com)
- Administration Being Investigated For Disclosing Tip-Top Secret Details of Cyberwarfare Op For Political Purposes… Continues Leaking Details of Tip-Top Secret Cyberwarfare Op For Political Purposes (minx.cc)
- Was flame virus that invaded Iran’s computer networks made in USA? (openchannel.msnbc.msn.com)
- You: Flame virus linked to Stuxnet (nation.com.pk)
Stuxnet cyberattack by US a ‘destabilizing and dangerous’ course of action, security expert Bruce Schneier says
Stuxnet cyberattack by USA ‘destabilizing and dangerous’ course of action, security expert Bruce Schneier says
Schneier calls Stuxnet ‘mistake’ for US, argues world needs to tackle cyber-arms control
By Ellen Messmer, Network World
June 18, 2012
Revelations by The New York Times that President Barack Obama in his role as commander in chief ordered the Stuxnet cyberattack against Iran’s uranium-enrichment facility two years ago in cahoots with Israel is generating controversy, with Washington in an uproar over national-security leaks. But the important question is whether this covert action of sabotage against Iran, the first known major cyberattack authorized by a U.S. president, is the right course for the country to take. Are secret cyberattacks helping the U.S. solve geopolitical problems or actually making things worse?
Bruce Schneier, noted security expert and author, whose most recent book is “Liars and Outliers,” argues the U.S. made a mistake with Stuxnet, and he discusses why it’s important for the world to tackle cyber-arms control now in an interview with Network World senior editor Ellen Messmer.
SLIDESHOW: Worst data breaches of 2012 — so far
The question is going to be debated whether Stuxnet was a good tactic to stop Iran from developing a nuclear weapon by sabotaging its facility through a malware attack in a covert action that was ultimately discovered. In an interview with Chris Wallace on Fox News last night, former National Security Agency director, retired Gen. Michael Hayden, said he thought it amounted to “taunting Iran.” Based on the mix of military leadership, governmental leadership and ethical questions it raises, is Stuxnet a suitable approach?
There are two parts to this analysis. The first is tactical: Is a cyber-weapon more or less suitable than a conventional weapon? In 2007 Israel attacked a Syrian nuclear facility; it was a conventional attack with warplanes and bombs. Comparing the two, Stuxnet seems far more humane — even though it damaged networks outside of Iran. The other part to the analysis is more strategic. Stuxnet didn’t just damage the Natanz nuclear facility; it damaged the U.S.’s credibility as a fair arbiter and force for peace in cyberspace. Its effects will be felt as other countries ramp up their offensive cyberspace capabilities in response. For that reason, Stuxnet was a destabilizing and dangerous course of action.
David Sanger’s NY Times article of June 1, headlined “Obama order sped up wave of cyberattacks against Iran,” offers a vivid account of how President Obama decided cyberattacks against Iran should proceed through cooperation with Israel through use of the Stuxnet malware. However effective this might have been in stopping Iran from developing a nuclear weapon, it’s now widely thought that the Stuxnet malware got out of control, spreading in the wild. What’s your view on this, assuming the Times article is fully accurate?
It seems to be correct.
Sanger’s article was very interesting, and it is worth reading, but it basically confirmed everything we all knew. We knew that Stuxnet was the work of Israel and the United States. We knew that it was intended as a pinpoint attack, and spread beyond its intended target. Other investigative journalists uncovered these truths already. What Sanger’s article added to the discussion was detail about the program from inside both the Obama and the Bush administrations.
Richard Clarke’s book “Cyber War” draws the distinction between cyber-espionage and cyberattacks. He argues cyber-espionage should basically be considered a routine, acceptable practice of any country as part of government intelligence operations. But he argues other state-sponsored operations, such as putting malware secretly into a power grid for example, or launching an actual attack, is distinctly different, and has to be considered in the realm of offensive weapons. Clarke suggests cyberweapons should be subject to arms control agreements of various sorts much as other types of weapons that can be used in war are today. Do you draw the distinction between cyber-espionage and cyberweapons along these lines? And should there be an effort by the U.S. and others to craft treaties related to cyber-arms?
Of course there’s a difference between intelligence gathering and offensive military actions. Throughout history, there has been a bright line between the two. And what’s true in the geopolitics of the physical world is no different in cyberspace. This same distinction also exists in computer security more generally. There is a fundamental difference between passive eavesdropping attacks and more active attacks that delete or overwrite data. As to arms control agreements, I think it is vital for both society and cyberspace that we begin these discussions now. We’re in the early years of a cyberwar arms race, an arms race that will be expensive, destabilizing, and dangerously damaging. It will lead to the militarization of cyberspace, and the transformation of the Internet into something much less free and open. Perhaps it’s too late to reverse this trend — certainly you can argue that military grade cyberweapons like Stuxnet and Flame have already destroyed the U.S.’s credibility as a leader for a free and open Internet — but the only chance we have are cyberweapons treaties.
If so, how do you think that should proceed?
I’m not an idealist. I know that cyberwar treaties will be difficult to negotiate and even more difficult to enforce. Given how easy it is for a country to hide a chemical weapons plant, I know that it will be even easier to hide a cyberweapons plant. I also know that there is a lot of money and power trying to sow cyberwar fears.
But even with all of this, I think there is enormous value in the treaty process — and in the treaties themselves. I think we need to proceed by starting the dialogue. We made a mistake with Stuxnet: We traded a small short-term gain for a large longer-term loss. We can’t undo that, but we can do better in the future.
- Schneier Calls US Stuxnet Cyberattack a ‘Destabilizing and Dangerous’ Action (politics.slashdot.org)
- Stuxnet cyberattack by US a ‘destabilising and dangerous’ course of action, security expert Bruce Schneier says (computerworld.co.nz)
- An International Cyberwar Treaty Is the Only Way to Stem the Threat (usnews.com)
- Bruce Schneier: Liars and outliers @ Infosec 2012 (blog.bt.com)
- Stuxnet on the Loose (counterpunch.org)
- Flame Steals Data Even When Computers Are Not Connected to the Internet (blacklistednews.com)
- Bruce Schneier explains security to a neurologist who believes in profiling Muslims at airports (boingboing.net)
- Barack Obama ‘ordered Stuxnet cyber attack on Iran’ (telegraph.co.uk)
- FBI Investigating Stuxnet Leak (dailywireless.org)
- Stuxnet: Anatomy of a Computer Virus (brasschecktv.com)