Skip to content

Going Viral: Cyberspace’s subtle fevers

November 2, 2010


Over the last few weeks, I have been reading a fair bit on and around the whole idea of cyber-security, the ‘militarization of the internet’, the idea of military viruses and other William Gibson-esque stuff.

For those of us who read (and loved) Neuromancer – Gibson’s cyber punk novel set in a futuristic Chiba City, Japan – recent developments of the outer-fringes of the internet seem eerily like the world that Henry Dorset Case inhabits.

This post is primarily intended to serve no higher purpose than share a bunch of articles that I think are brilliant and should be read by everyone.  If you are looking for themes – I would suggest contemplating the idea of disruptive technology in an increasingly networked world.

Last week, I had posted a link to a story on how the Predator drones used by the CIA might be running on “hack” versions of their aiming software. It reminded of a WSJ article I had read about drones, more than a year ago.

Militants in Iraq have used $26 off-the-shelf software to intercept live video feeds from U.S. Predator drones, potentially providing them with information they need to evade or monitor U.S. military operations.

Senior defense and intelligence officials said Iranian-backed insurgents intercepted the video feeds by taking advantage of an unprotected communications link in some of the remotely flown planes’ systems. Shiite fighters in Iraq used software programs such as SkyGrabber — available for as little as $25.95 on the Internet — to regularly capture drone video feeds, according to a person familiar with reports on the matter…

… In July, the U.S. military found pirated drone video feeds on other militant laptops, leading some officials to conclude that militant groups trained and funded by Iran were regularly intercepting feeds.

The article notes that insurgents were simply skimming off the Predator’s video feed and that there was no evidence to suggest that they could jam or modify the data streams, and quoted US officials saying they were now encrypting the video feed to prevent this from happening again.

Here’s a link to a BBC article on the same thing, in case you are blocked by the WSJ pay-wall.

This week’s New Yorker has an excellent article on the whole Cybersecurity – cyber war issue and offers a comprehensive understanding of how an increasingly networked world is terrifying and scary from the point of view of surveillance, big brother etc – but I also found it curiously liberating to live in a world where disruptive technologies are available for as little as $26 (to quote the WSJ excerpt).

Recently, the cybersecurity world has been grappling with a new, and extremely sophisticated virus called Stuxnet – that some speculated was targeted at Iran’s nuclear programme. Bruce Schneier has an great op-ed (with interesting links) on the whole Stuxnet issue . Of trivia-type interest: a tiny piece of code in the virus references ‘Myrtus’, a suggestion that Israel may have designed the virus and targeted Iran.  From the NYT article:

Deep inside the computer worm that some specialists suspect is aimed at slowing Iran’s race for a nuclear weapon lies what could be a fleeting reference to the Book of Esther, the Old Testament tale in which the Jews pre-empt a Persian plot to destroy them.

That use of the word “Myrtus” — which can be read as an allusion to Esther — to name a file inside the code is one of several murky clues that have emerged as computer experts try to trace the origin and purpose of the rogue Stuxnet program, which seeks out a specific kind of command module for industrial equipment.

But as Schneier warns:

Stuxnet also sets a registry value of “19790509” to alert new copies of Stuxnet that the computer has already been infected. It’s rather obviously a date, but instead of looking at the gazillion things–large and small–that happened on that the date, the story insists it refers to the date Persian Jew Habib Elghanain was executed in Tehran for spying for Israel.

Sure, these markers could point to Israel as the author. On the other hand, Stuxnet’s authors were uncommonly thorough about not leaving clues in their code; the markers could have been deliberately planted by someone who wanted to frame Israel. Or they could have been deliberately planted by Israel, who wanted us to think they were planted by someone who wanted to frame Israel. Once you start walking down this road, it’s impossible to know when to stop.

Elsewhere in his text (follow the links) he name-checks a theory that Stuxnet could in fact have been responsible for the failure of Indian satellite INSATB.

Perhaps the most awesome article I have recently read (hat-tip to Seher Shah for sending me the link) on viruses and the existence of a shadowy world that most of us can barely comprehend is Mark Bowden’s Atlantic piece on the Conficker virus that infected millions of computers around the world for no apparent reason. To quote from the breathless teaser:

When the Conficker computer “worm” was unleashed on the world in November 2008, cyber-security experts didn’t know what to make of it. It infiltrated millions of computers around the globe. It constantly checks in with its unknown creators. It uses an encryption code so sophisticated that only a very few people could have deployed it. For the first time ever, the cyber-security elites of the world have joined forces in a high-tech game of cops and robbers, trying to find Conficker’s creators and defeat them. The cops are failing. And now the worm lies there, waiting …

The anarchic nature of  the internet has confounded governments and driven many, in the security sector, to push for a policing of the net. Of late, there has been a lot of talk about the idea of a more “authenticated internet”.

A recent story from The Guardian:

Virus-infected computers should be blocked from the internet and kept in quarantine until they are given a “health certificate”, a top Microsoft security researcher suggested on Thursday.
Under the proposed security regime, put forward by the technology giant’s trustworthy computing team, an individual’s internet connection would be “throttled” to prevent the virus spreading to other computers. But security experts today warned that cutting people off from the internet could be a drastic step too far – and that the question of who would issue and verify the “health certificate” was troubling.

In her blog post on the militarization of the internet, Susan Crawford says:

A “more authenticated Internet” would obviously include using the leverage provided by network operators to permit only fully-authorized, identified machines to connect.  The ability to remotely disconnect machines or devices until they are cleansed is now within reach for federal networks – this same capability will inevitably spread to private connections.

A “more authenticated Internet” would also include more-easily tappable applications as well as machines…

The Internet is not the same thing as a telephone network.  It’s a decentralized agreement to route packets of information to particular addresses.  It has made possible unparalleled innovation, free speech, and improvements to human lives around the world.  Retrofitting it to make it fit law enforcement’s (or national security’s) “authentication” needs would be an enormous, retrograde step.

I love that Crawford refers to the internet as an “decentralized agreement”  – almost sounds like a solution to the Kashmir Crisis .



No comments yet

We look forward to your comments. Comments are subject to moderation as per our comments policy. They may take some time to appear.

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


Get every new post delivered to your Inbox.

Join 71,910 other followers

%d bloggers like this: