Black Code: Inside the Battle for Cyberspace (37 page)
Read Black Code: Inside the Battle for Cyberspace Online
Authors: Ronald J. Deibert
Tags: #Social Science, #True Crime, #Computers, #Nonfiction, #Cybercrime, #Security, #Retail
4
the ITU is the world’s oldest international organization:
Milton Mueller has written on the politics of international Internet governance in
Networks and States: The Global Politics of Internet Governance
(Cambridge: The MIT Press, 2010).
5
proposed a “code of conduct”:
In 2011, Russia, China, Tajikistan, and Uzbekistan proposed a voluntary code of conduct for cyberspace at the United Nations. See letter dated 12 September 2011 from the Permanent Representatives of China, the Russian Federation, Tajikistan and Uzbekistan to the United Nations addressed to the Secretary-General, available at:
http://www.cs.brown.edu/courses/csc11800/sources/2012_UN_Russia_and_China_Code_o_Conduct.pdf
; and Nate Anderson, “Russia, China, Tajikistan propose UN ‘code of conduct’ for the ‘Net,”
Ars Technica
, September 20, 2011,
http://arstechnica.com/tech-policy/2011/09/russia-china-tajikistan-propose-un-code-of-conduct-for-the-net
.
6
connections between Flame and another devastating cyber weapon, Stuxnet:
The Kaspersky Flame FAQ is available at: “The Flame: Questions and Answers,”
Secure List
, May 28, 2012,
http://www.securelist.com/en/blog/208193522
. The connection between Flame and Stuxnet is discussed in Jim Finkle and Joseph Menn, “Some Flame Code Found in Stuxnet Virus: Experts,” Reuters, June 12, 2012,
http://www.reuters.com/article/2012/06/12/us-media-tech-summit-flame-idUS-BRE85A0TN20120612
; Greg Miller, Ellen Nakashima, and Julie Tate, “U.S., Israel Developed Flame Computer Virus to Slow Iranian Nuclear Efforts, Officials Say,”
Wall Street Journal
, June 19, 2011,
http://www.washingtonpost.com/world/national-security/us-israel-developed-com-puter-viras-to-slow-iranian-nuclear-efforts-officials-say/2012/06/19/
gJQA6xBPoV_story.html
; and Kenneth Rapoza, “Kaspersky Lab: Same Countries Behind Stuxnet and Flame Malware,”
Forbes
, June 11, 2012,
http://www.forbes.com/sites/kenrapoza/2012/06/11/kaspersky-lab-same-countries-behind-stuxnet-and-flame-malware/
.
1
a detailed “decoding” of the virus:
For Langner’s research on Stuxnet, visit his blog at
http://www.langner.com/en/blog/
. See also Ralph Langner, “Stuxnet: Dissecting a Cyberwarfare Weapon,”
Security & Privacy
, IEEE 9, no. 3 (2011): 49–51.
2
the planning and operational process behind the Stuxnet virus:
On June 1, 2012, the
New York Times
reported that anonymous current and former government officials of the U.S., Europe, and Israel had confirmed that Stuxnet was indeed the work of American and Israeli experts, under orders of President Obama, who wanted to slow Iran’s progress towards building an atomic bomb without launching a traditional attack. See David Sanger, “Obama Order Sped Up Wave of Cyberattacks Against Iran,”
http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html?pagewanted=all&_r=0
. Sanger’s article was adapted from his book,
Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power
(New York: Crown Publishers, 2012). See also William J. Broad, John Markoff and David E. Sanger, “Israeli Test on Worm Called Crucial in Iran Nuclear Delay,”
New York Times
, January 15, 2011,
http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html?pagewanted=2&_r=1&hp
; and William J. Broad and David E. Sanger, “Worm Was Perfect for Sabotaging Centrifuges,”
New York Times
, November 18, 2010,
http://www.nytimes.com/2010/11/19/world/middleeast/19stuxnet.html
.
3
the kinds of manoeuvres that could exploit holes:
The Siemens and Idaho National Lab 2008 presentation of the PCS7’S vulnerabilities to cyber attacks is available at Marty Edwards and Todd Stauffer, “Control System Security Assessments,” Presentation prepared for the 2008 Siemens Automation Summit,
http://graphics8.nytimes.com/packages/pdf/science/NSTB.pdf
.
4
code behind Stuxnet was far larger than a typical worm:
Symantec reversed engineered Stuxnet and documented its findings in Nicolas Falliere, Liam Ó Murchú, and Eric Chien, “W32. Stuxnet
Dossier Version 1.4,”
Symantec
, February 2011,
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_stuxnet_dossier.pdf
.
5
an obscure date in the worm’s code:
The clues of Israeli involvement in Stuxnet’s code have been reported by Michael Joseph Gross in “A Declaration of Cyberwar,”
Vanity Fair
, April 2011,
http://www.vanityfair.com/culture/features/2011/04/stuxnet-201104
, 4; Paul Roberts, “Stuxnet Analysis Supports Iran-Israel Connections,”
Threat Post
, September 30, 2010,
http://threatpost.com/en_us/blogs/stuxnet-analysis-supports-iran-israel-connections-093010
; John Markoff and David E. Sanger, “In a Computer Worm, a Possible Biblical Clue,”
New York Times
, September 29, 2010,
http://www.nytimes.com/2010/09/30/world/middleeast/30worm.html?pagewanted=all&_r=0
; and William J. Broad and David E. Sanger, “Worm Was Perfect for Sabotaging Centrifuges,”
New York Times
, November 18, 2010,
http://www.nytimes.com/2010/11/19/world/middleeast/19stuxnet.html
.
6
an Iranian double agent working for Israel:
Richard Sale reported on how Iranian control systems were infected by Stuxnet in, “Stuxnet Loaded by Iran Double Agents,”
Industrial Safety and Security Source
, April 11, 2012,
http://www.isssource.com/stuxnet-loaded-by-iran-double-agents
. See also Dorothy E. Denning, “Stuxnet: What Has Changed,”
Future Internet
4, no.3 (2012): 672–687.
7
high-tech means of fighting clean wars:
James Der Derian writes about “virtuous war” in
Virtuous War: Mapping the Military-Industrial-Media-Entertainment Network
(New York: Routledge, 2009). See also Jennifer Leonard, “James Der Derian on Imagining Peace,”
Renegade Media
,
http://www.renegademedia.info/books/james-derderian.html
.
8
Writing in the
Bulletin of the Atomic Scientists
:
R. Scott Kemp analyzes the implications of developing offensive cyber capabilities in “Cyberweapons: Bold Steps in a Digital Darkness?,”
Bulletin of the Atomic Scientists
, June 7, 2012,
http://www.thebulletin.org/web-edition/op-eds/cyberweapons-bold-steps-digital-darkness
.
9
thirty-three states included cyber warfare in their military planning:
James A. Lewis and Katrina Timlin review the policies and organizations of 133 states to determine how they are organized to deal
with cyber security in “Cybersecurity and Cyberwarfare,” Center for Strategic and International Studies, 2011; available at:
http://www.unidir.org/pdf/ouvrages/pdf-1-92–9045–011-J-en.pdf
10
Some, like India, boast about developing offensive cyber attack capabilities:
On June 11, 2012, the
Times of India
reported on India’s National Security Council’s plan to allow the Defence Intelligence Agency and National Technical Research Organization to carry out cyber offensives against other countries if necessary, in Josy Joseph, “India to Add Muscle to its Cyber Arsenal,”
http://articles.timesofindia.indiatimes.com/2012–06–11/india/32174336_1_cyber-attacks-offensive-cyber-government-networks
.
11
1,800 cases of fake electronic components:
The case of counterfeit chips in the flight computer of an F-15 fighter jet at Robins Air Force Base was reported on by Brian Burnsed, Cliff Edwards, Brian Grow, and Chi-Chu Tschang, in “Dangerous Fakes,”
Business Week
, October 2, 2008,
http://www.businessweek.com/magazine/content/08_41/b4103034193886.htm
.
12
via the SHODAN search tool anyone could discover MAC addresses:
According to its website, the SHODAN search engine (developed by John Matherly) is “a search engine that lets you find specific computers (routers, servers, etc.) using a variety of filters. Some have also described it as a public port scan directory or a search engine of banners.” In “Cyber Search Engine Shodan Exposes Industrial Control Systems to New Risks,”
Washington Post
, June 3, 2012,
http://www.washingtonpost.com/investigations/cyber-search-engine-exposes-vulnerabilities/2012/06/03/gJQAIK9KCV_story.html
, journalist Robert O’Harrow Jr. wrote: “Matherly and other Shodan users quickly realized they were revealing an astonishing fact: Uncounted numbers of industrial control computers, the systems that automate such things as water plants and power grids, were linked in, and in some cases they were wide open to exploitation by even moderately talented hackers.”
13
“I was walking down the street …”:
Kim Zetter reported on the RuggedCom vulnerability in “Equipment Maker Caught Installing Backdoor Account in Control System Code,”
Wired
, April 25, 2012,
http://www.wired.com/threatlevel/2012/04/ruggedcom-backdoor
.
14
we are building a digital edifice for the entire planet, which sits above us like a house of cards:
Supply-chain vulnerabilities have been documented in Committee on Armed Services United States Senate, “Inquiry into Counterfeit Electronic Parts in the Department of Defence Supply Chain, Report 112–167,” May 21, 2012, available at:
http://armed-services.senate.gov/Publications/Counterfeit%20Electronic%20Parts.pdf
; Marcus H. Sachs, “Can We Secure the Information Technology Supply Chain in the Age of Globalization?” Verizon,
http://crissp.poly.edu/media/sachs_slides.pdf
; and Dana Gardner, “Corporate Data, Supply Chains Remain Vulnerable to Cyber Crime Attacks, says Open Group Conference Speaker,”
ZDNet
, June 5, 2012,
http://www.zdnet.com/blog/gardner/corporate-data-supply-chains-remain-vulnerable-to-cyber-crime-attacks-says-open-group-conference-speaker/4644
.
The Russian vendor Positive Technologies found alarming statistics about SCADA system vulnerabilities based on an analysis of vulnerabilities in databases like ICS-CERT, Siemens’ Product CERT, exploit-db, and vendor advisories. They found “the number of security flaws found within ten months is far bigger than the number of flaws found during the whole previous period starting from 2005.” Positive Technologies documented its findings in Yury Goltsev et al., SCADA Safety in Numbers, Positive Technologies, 2012, available at:
www.ptsecurity.com/download/SCADA_analytics_english.pdf
.
15
“Cyberwar is very different from nuclear war …”:
Fred Kaplan, “Why the United States Can’t Win a Cyberwar,”
Slate
, June 8, 2012,
http://www.slate.com/articles/news_and_politics/war_stories/2012/06/obama_s_cyber_attacks_on_iran_were_carefully_considered_but_the_nuclear_arms_race_offers_important_lessons_.html
.
1
The June 2011 RSA breach hit the American security:
“Breachfest 2011” is documented in Matt Liebowitz, “2011 Set to Be Worst Year Ever for Security Breaches,”
Tech News Daily
, June 10, 2011,
http://www.technewsdaily.com/2710–2011-worst-year-ever-security-breaches.html
.
2
I first read about Narus’s technology:
Narus’s 2007 press release is available at “Narus Expands Traffic Intelligence Solution to Webmail Targeting,”
Narus
, December 10, 2007,
http://www.narus.com/index.php/overview/narus-press-releases/press-releases-2007/274-narus-expands-traffic-intelligence-solution-to-webmail-targeting
.
3
its sales to Telecom Egypt:
Timothy Karr discusses the use of Narus in Egypt in “One U.S. Corporation’s Role in Egypt’s Brutal Crackdown,”
Huffington Post
, January 28, 2011,
http://www.huffington-post.com/timothy-karr/one-us-corporations-role-_b_815281.html
.
4
After thirty-three years of active service:
In
The Shock Doctrine
, Naomi Klein argues that Kenneth Minihan is responsible for implementing the “disaster capitalism complex,” defined as “a fully fledged new economy in homeland security, privatised war and disaster reconstruction tasked with nothing less than building and running a privatised security state, both at home and abroad.” Similarly, in his book
Spies for Hire
, investigative journalist Tim Shorrock traces the subservience of public to private interests in the intelligence-contracting industry, an industry that specifically “serves the needs of government and its intelligence apparatus.” Shorrock writes, “In the past, Minihan said, contractors ‘used to support military operations; now we participate [in them]. We’re inextricably tied to the success of their operations.’ ” Naomi Klein,
The Shock Doctrine: The Rise of Disaster Capitalism
(New York: Henry Holt and Company, 2007); and Tim Shorrock,
Spies for Hire: The Secret World of Intelligence Outsourcing
(New York: Simon & Schuster, 2008).
1
In the aftermath of the 2011 revolution:
The chaos that followed the collapse of regimes in Egypt and Libya helped pry open secretive security apparatuses, revealing the extent of their international linkages. See Steve Ragan, “Report: U.K. Firm Offered IT Intrusion Tools to Egyptian Government,”
Tech Herald
, April 27, 2011,
http://www.thetechherald.com/articles/Report-U-K-firm-offered-IT-intrusion-tools-to-Egyptian-government
; Karen McVeigh, “British Firm Offered Spying Software to Egyptian Regime – Documents,”
Guardian
, April 28, 2011,
http://www.guardian.co.uk/technology/2011/apr/28/egypt-spying-software-gamma-finfisher
; Matt Bradley, Paul Sonne, and Steve Stecklow, “Mideast Uses Western Tools to Battle the Skype Rebellion,”
Wall Street Journal
, June 1, 2011,
http://online.wsj.com/article/SB10001424052702304520804576345970862420038.html
; and Mikko Hyppönen, “Egypt, FinFisher Intrusion Tools and Ethics,”
F-Secure
, March 8, 2011,
https://www.f-secure.com/weblog/archives/00002114.html
. See also John Scott-Railton,
Revolutionary Risks: Cyber Technology and Threats in the 2011 Libyan Revolution
, CIWAG Case Studies Series, forthcoming, 2013.
