Friday, 22 January 2010

Logic Bombs

In November last year the BBC news site ran an article detailing a new arena in global conflict. (Age of cyber warfare is 'dawning') According to a report published by McAfee, the world’s largest internet security company, we should be preparing ourselves for “cyber warfare.”

The language used in the piece is bristling with militaristic references. Many countries are “arming to defend themselves in a cyber war and readying forces to conduct their own attacks.” Apparently, there is evidence that recent instances of hacking were carried out as "reconnaissance" for “future conflict.”
Greg Day, primary analyst for security at McAfee Europe, is quoted as saying, "There are at least five countries known to be arming themselves for this kind of conflict."

Oh? Such as? The UK, Germany, and France. OK. And China. Worrying. Also mentioned is North Korea. Cue the alarm bells. What is cyber-speak for Def Con One?

But this is nothing new. The US employed “hack attacks alongside ground operations during the Iraq war.” There is even an operating manual “governing the rules and procedures of how it can use cyber warfare tactics.” Which prompts the question, what is out of bounds in cyberspace?

Interestingly, we are told many of the recent instances of hacking “were mounted with a explicitly political aim.” One expert goes on to say “most people can easily find the resources that could be used in these kind of attacks.” Yet the word terrorist does not appear once in the article.

The piece goes on to quote Chris Wysopal, chief technology officer at Veracode, a company that advises many governments on security: "In physical warfare it's pretty clear who has which weapon and how they are using them." - Is this man suffering from short-term memory loss?

A weapon of choice we can expect to see become more prevalent in this brave new world war is the logic bomb. A logic bomb is a hidden code designed to execute (explode) when a specific piece of program logic is activated. A virtual sleeper cell. The name, like the previous decade’s “smart bomb,” is an oxymoron. Whatever uses it is put to, logic itself is a benign thing – the idea of logic exploding serves to undermine the supposed certainties of the digital age.

A search for examples of logic bombs throws up a number of failed attempts, one of which, in 2008, was targeted at the, now infamous, mortgage corporation Fannie Mae by a disgruntled IT employee. A celebrated case of a suspected logic bomb takes us all the way back to 1982 and the Trans-Siberian Pipeline incident. The story goes that the KGB stole the computerised control system for the gas pipeline from a Canadian company. To avenge this theft, the CIA planted a logic bomb in the system that caused the pipeline to explode, resulting in the largest non-nuclear blast and fire ever seen from space. It later emerged that the whole thing was an April Fool’s Day hoax.

Forward now to 14th January, 2010, and another BBC article. (Google 'may pull out of China after Gmail cyber attack') “Internet giant Google has said it may end its operations in China following a ‘sophisticated and targeted’ cyber attack originating from the country.”

It is good to see that Google are reconsidering their decision to censor the services they provide in China, but, coming hot on the heels of the earlier warning, one must question the timing of this action. Firstly we are warned that China are “arming themselves” for cyber warfare, then, a few months later, we are informed of cyber attacks coming from China.

Today, 22nd Jan, two news items stand out. The first is China’s response to the support the US government has shown Google, and the warning that it may harm ties between the two countries. China, showing they fully understand the Newspeak of the digital age, has accused America of "information imperialism.” The second news item relates the fact that China is about to overtake Japan as the world’s second biggest economy. Second only to America.


On the same day the cyber warfare article appeared, another item was posted on the BBC news site. (Pakistan 'captures Taliban bases') In a video report by Orla Guerin, we are shown weapons seized by Pakistani troops fighting the Taliban in southern Waziristan. Amongst the usual ordnance, bullets, machine guns, shells, etc, are examples of improvised devices, the IEDs so familiar to American and British soldiers. One in particular stood out. A computer tower had been rigged with an anti-personal mine packed with three hundred ball bearings. The device was designed to explode when the computer was touched, triggered by a pressure mechanism underneath. A very real, and very lethal logic bomb.

1 comment:

Sulci Collective said...

Fascinating stuff Si. The puerile anarchist in me says bring it all on. The Luddite in me says bring it on...

marc nash