There are two obvious strategies available for the use of so called
cyber war. The first is to infiltrate a hidden tool that actually
causes direct damage, Stuxnet is possibly the best example of that
and the damage caused was serious and similar to a direct hit with a
real bomb. In the end, the target loses time and that is as good as
it might get.
The second strategy is to fill the environment with live threats
causing internal security to become a straitjacket. This is what the
Flame appears to be doing. Now your computer is watching you and
sending the data back to your enemies.
All this consumes scarce personnel and naturally interferes with
other priorities. On top of that the publicity induces societal
resources to be spent in hunting down these threats and their clones.
There will be other ones out there right now that have yet to be
identified.
In the meantime it is pretty clear that the USA and Israel and
possibly others are fully engaged in an effort to change the
government of Iran somewhat short of a full shooting war. However,
it is also clear that the gloves are off and a major effort is under
way. Expect more curious stories out of here.
Iran Threatens U.S.
as New Cyber Super-Weapon Strikes
Posted by Ryan Mauro
Bio ↓ on May 30th, 2012
Iran is threatening to
attack U.S. bases in the region with its missiles if it is attacked,
but the reality is that the regime is already under attack. The
latest all-but-certain covert operation is the deployment of
sophisticated malware that is being called “The Flame.” Its
purpose appears to be the mass cultivation of intelligence and it is
assessed to be 20 times more complex than Stuxnet, the original
“cyber super-weapon” that ravaged Iran’s nuclear program.
The Flame has been
discovered in seven Middle Eastern countries, though the number of
infections found in Iran is more than the rest combined with 189
instances. There have been 98 infections detected in Israel and the
Palestinian territories. Sudan was hit with 32 infections, a country
whose regime is increasingly Islamist and friendly towards Hamas.
There have been 30 infections found in Syria, 18 in Lebanon, 10 in
Saudi Arabia and 5 in Egypt.
It is not believed at
this time that the Flame targeted a specific industry or program like
Stuxnet did. Instead, it is meant to act as the “the ultimate spy,”
copying hard drive data, logging instant messages and other online
communications, recording keystrokes, taking screenshots and even
secretly turning on computer microphones to record nearby
conversations. There is also the potential for sabotage because it
can potentially delete information and change settings on computer
systems, opening up doors for attack.
Some cyber experts
think it was deployed in February or March 2010, while others think
it has been active as far back as five years ago. It is unknown who
authored the Flame, but suspicion immediately fell on Israel,
possibly with U.S. assistance. Israeli Minister of Strategic Affairs
encouraged such suspicion during an interview, saying, “Whoever
sees the Iranian threat as a serious threat would be likely to take
different steps, including these, in order to hurt them.” He hinted
at his country’s involvement, saying, “Israel is blessed to be a
nation possessing superior technology. These achievements of ours
open up all kinds of possibilities for us.”
The latest known cyber
attack on Iran happened in late April. Iran announced that its oil
industry was being targeted by foreign hackers, specifically its Oil
Ministry and its Kharg Island terminal where the majority of Iran’s
oil is exported from. “Data related to some of the users have been
compromised,” the Iranian regime said, though it denied that there
was any serious damage.
In October 2011,
“Duqu,” also called “Son of Stuxnet,” was found in Iran and
it is believed to have been infecting computers since late 2010. The
powerful weapon is similar to Flame in that it records keystrokes and
could potentially hijack a computer and allow an outside country to
operate it. Duqu, however, was not used for that purpose. It opened
up back doors in systems for 36 days and then left. Symantec
determined, “The attackers are looking for information such as
design documents that could help them mount a future attack on an
industrial control facility.” Amazingly, those behind Duqu
continued to improve it, enabling future infections even though it
was already discovered.
Meanwhile, the Iranian
regime is reacting to the failure to reach an agreement over its
nuclear program during the meetings in Iraq on May 23 with bravado
and threats. A Revolutionary Guards website said it would fire
missiles at all “enemy bases” in the region if the country is
attacked.
This isn’t a new
threat. Iran has long threatened to respond to any military strike
against it, by Israel or the U.S., with missile and “martyrdom”
attacks on American military bases. In December, a regime-controlled
website wrote a detailed assessment of U.S. bases in the Middle East
and how they could be struck with missiles. The article specifically
mentioned bases in Turkey, Saudi Arabia, Qatar, Kuwait, Afghanistan,
the United Arab Emirates, Oman, Pakistan, Kyrgyzstan and Bahrain,
where the U.S. Fifth Fleet is stationed. The author argued that the
base in Bahrain is an extremely vulnerable target because Iran’s
anti-ship missiles can hit American vessels shortly after they leave
the base.
On November 15, a
Basiji commander said at a convention that Iran could use proxies to
attack U.S. forces in Bahrain, Qatar and Kuwait. The bases “are
entirely surrounded by holy fighters of the Islamic ummah who are
counting the minutes in anticipation of the command to wipe out the
U.S.”
The next month, a
regime-tied website carried an article that said that Hezbollah has
determined targets for retaliation in the event of an attack and
would launch “martyrdom operations” in each of the 112 countries
where U.S. forces are based. The author used anti-war sentiment in
the U.S. as proof of America’s weakness. “America needs to know
that while American youth shout the slogan, ‘Stop the War,’ for
fear of dying, the children of Ruhollah [Khomeini] never flee from
war and always pray, ‘Allah, give us martyrdom for your sake.’”
The European Union’s
oil embargo becomes officially enacted on July 1. Iran can ill-afford
further losses to its economy and has threatened Saudi Arabia and
other Arab countries that are encouraging the embargo by increasing
their oil output. On January 27, a member of Iran’s Assembly of
Experts warned that Iran could intercept tankers departing Saudi
Arabia and the United Arab Emirates for Europe.
The dispute with Iran
is coming to a head. The West must hope for the success of the
sanctions and covert operations like “The Flame.” Should they
fail to halt Iran’s nuclear program, Israel will be left with the
decision to strike or accept a nuclear-armed Iran. By all
indications, Israel believes that final decision will have to be made
this year.
No comments:
Post a Comment