December 1, 2012 at 14:43Cyberwarfare - features of the national war
The theme of cyberwarfare (conducting "military" operations in cyberspace, of which the Internet is a part, but not only it) has been discussed for quite some time in various publications and departments of countries around the world, becoming as much a favorite topic as the concept of network-centric wars (network-centric warfare). As an educational program, we can mention that the events held as part of Cyberwarfare can be conditionally divided into information and technical. Technical, in turn, can be divided into “offensive” (sabotage), intelligence (cyber espionage) and “defensive” (building an information security system). We leave the topic of informational events aside, recalling only that their essence lies in the fact that a certain circle of people (the country's population, for example) received a large amount of information (usually falsified or “slightly corrected”), beneficial to the interested party, and did not receive truly objective information. Holding such events has long been on a grand scale - look at least at your TV or news videos on youtube, and then think about who forms this information and how it affects you.
Over the past few years, articles on the topic “Found another example of cyber weapons” have not left the pages of news resources in the field of information security. The impetus for this state of affairs was given by the discovery of the well-known Stuxnet malware in 2010. Cyber weapons usually mean malicious software endowed with the functionality of sabotage and cyber espionage. Sabotage is aimed at disrupting the normal operation of automated production control systems and banking systems (critical infrastructure facilities), which ultimately leads to certain negative consequences in the economy and social mood of the masses. Cyber espionage involves obtaining confidential information that is used for political, economic and military purposes.
What is a good cyber weapon? It is impossible to identify who is behind its creation - this is its main property. Accordingly, there is no one to make a complaint.
On the other hand, amateurs speculating about cyber weapons constantly repeat as a mantra that any state that does not have military power comparable to its political opponents (countries) is able to defeat in a cyber war. For example, Iran took and disrupted the work of most factories and banks in the United States, and the United States, take it and be low. This all reminds one of discussions about the free trade in arms - say, give me a gun and I will no longer be beaten by the gopniks from the neighboring region. Unfortunately, this is not the case.
Firstly, any state has certain military capabilities, both defensive and offensive. For example, recent news - US President Barack Obama issued a secret directive allowing the Pentagon to conduct preventive cyber attacks. The directive was signed in mid-October and gives the Pentagon the right to determine the tactics for protecting US information networks from external cyber threats. In accordance with the directive, in order to protect the country's information networks, the Pentagon received the right to conduct preventive and retaliatory attacks on information systems located on the territory of any country in the world, if these systems were used to carry out actions that pose a threat to US information networks. In such circumstances, many countries will not risk being the first to inflict cyber blow,
Secondly, any state has certain financial capabilities. And if structures like the CIA and the NSA can afford to hire hackers for any money and buy any information about new zero-day vulnerabilities, Iran is unlikely to have such opportunities (despite the proceeds from the sale of oil).
So cyberwarfare cannot act as a great equalizer of chances (like a Colt revolver).
In the wake of interest in cyber warfare, news sites were filled with catchy headlines about terrible cyber attacks, not forgetting to mention examples such as a cyber attack on Estonia in 2007 and Georgia in 2008. What are the consequences of these attacks, while for some reason being silent. But everyone remembers the bad country of Russia, where evil hackers are sitting with earflaps in the snowy snows of Siberia and using the MK-54 microcalculator conduct cyber attacks on the Pentagon in the intervals between drinking vodka with glasses. This is another example of a successful information operation, only the victims here are not Estonia and Georgia.
Experts in the field of information security note that, basically, all content related to information security is taken from foreign sources. That is, we have sensible writers once or twice and miscalculated. After reading a month or two of news and comparing them with the original sources in English (which, as a rule, are not indicated), you can see how distorted the general background of the news is due to minor changes in favor of “sensationalism”. Well, of course, journalists love catchy headlines and the words cyber war, cyber threat and cyber weapons. Antivirus companies are not far behind journalists. This is especially true of Kaspersky Lab, whose articles on securelist.com often suspiciously flash the words Iran and the Middle East.
An example of manipulation - we take four sources of the number of Stuxnet infections:
When you search on Google, it’s clear that some Internet resources contain the original versions of an article from Eset, where Iran is listed as the main affected country. The same picture in the Eset report “Stuxnet Under the Microscope” , the link to which for some reason disappeared from the site esetnod32.ru. Symantec is not far behind Eset, the W32.Stuxnet Dossier report shows the following numbers: Iran (58.31%), Indonesia (17.83%), India (9.96%). By analyzing figure 5 from this report, we can determine that the approximate number of infected computers is also equal to 180 thousand, like Kaspersky Lab, only the distribution is different.
Do you know what it's called? Order! Eset publishes data that is beneficial to it. USA they show one thing, and the Middle East - another. Naturally, such revelations arouse suspicion - well, as well as in other trifles, they also lie? Kaspesky Lab is also great, everywhere they see a cyber war - you look, and the market in the Middle East expands.
Russia, by the way, has a special position. There are doubts that Russia is taking part in the events taking place in the Middle East theater of military cyber action. According to Trend Micro analysis , cybercriminals of the countries of the former USSR create fairly high-tech malware samples, for example, Salityand Zeus. But what is interesting, having such great opportunities, they do not "get involved" in politics, they just make money on ordinary Internet users. What is this - the lack of a spirit of patriotism or the “fear” of a serious investigation in case of encroachment on the secrets of a single state? Or maybe Russia has long been keeping the entire Internet under control? I would like to believe.
Over the past few years, articles on the topic “Found another example of cyber weapons” have not left the pages of news resources in the field of information security. The impetus for this state of affairs was given by the discovery of the well-known Stuxnet malware in 2010. Cyber weapons usually mean malicious software endowed with the functionality of sabotage and cyber espionage. Sabotage is aimed at disrupting the normal operation of automated production control systems and banking systems (critical infrastructure facilities), which ultimately leads to certain negative consequences in the economy and social mood of the masses. Cyber espionage involves obtaining confidential information that is used for political, economic and military purposes.
What is a good cyber weapon? It is impossible to identify who is behind its creation - this is its main property. Accordingly, there is no one to make a complaint.
On the other hand, amateurs speculating about cyber weapons constantly repeat as a mantra that any state that does not have military power comparable to its political opponents (countries) is able to defeat in a cyber war. For example, Iran took and disrupted the work of most factories and banks in the United States, and the United States, take it and be low. This all reminds one of discussions about the free trade in arms - say, give me a gun and I will no longer be beaten by the gopniks from the neighboring region. Unfortunately, this is not the case.
Firstly, any state has certain military capabilities, both defensive and offensive. For example, recent news - US President Barack Obama issued a secret directive allowing the Pentagon to conduct preventive cyber attacks. The directive was signed in mid-October and gives the Pentagon the right to determine the tactics for protecting US information networks from external cyber threats. In accordance with the directive, in order to protect the country's information networks, the Pentagon received the right to conduct preventive and retaliatory attacks on information systems located on the territory of any country in the world, if these systems were used to carry out actions that pose a threat to US information networks. In such circumstances, many countries will not risk being the first to inflict cyber blow,
Secondly, any state has certain financial capabilities. And if structures like the CIA and the NSA can afford to hire hackers for any money and buy any information about new zero-day vulnerabilities, Iran is unlikely to have such opportunities (despite the proceeds from the sale of oil).
So cyberwarfare cannot act as a great equalizer of chances (like a Colt revolver).
In the wake of interest in cyber warfare, news sites were filled with catchy headlines about terrible cyber attacks, not forgetting to mention examples such as a cyber attack on Estonia in 2007 and Georgia in 2008. What are the consequences of these attacks, while for some reason being silent. But everyone remembers the bad country of Russia, where evil hackers are sitting with earflaps in the snowy snows of Siberia and using the MK-54 microcalculator conduct cyber attacks on the Pentagon in the intervals between drinking vodka with glasses. This is another example of a successful information operation, only the victims here are not Estonia and Georgia.
Experts in the field of information security note that, basically, all content related to information security is taken from foreign sources. That is, we have sensible writers once or twice and miscalculated. After reading a month or two of news and comparing them with the original sources in English (which, as a rule, are not indicated), you can see how distorted the general background of the news is due to minor changes in favor of “sensationalism”. Well, of course, journalists love catchy headlines and the words cyber war, cyber threat and cyber weapons. Antivirus companies are not far behind journalists. This is especially true of Kaspersky Lab, whose articles on securelist.com often suspiciously flash the words Iran and the Middle East.
An example of manipulation - we take four sources of the number of Stuxnet infections:
- Eset, July 2010 , USA (57.71%), Iran (30.00%), Russia (4.09%);
- Kaspersky, July 2010 , India (18307), Indonesia (34138), Iran (14171), Russia (773);
- Kaspersky, September 2010 , India (86258), Indonesia (14010), Iran (11952), Russia (7904), in total about 180 thousand;
- Eset (Indonesia), September 2010 , Iran (52.2%), Indonesia (17.4%), India (11.3%), Russia (2.1%).
When you search on Google, it’s clear that some Internet resources contain the original versions of an article from Eset, where Iran is listed as the main affected country. The same picture in the Eset report “Stuxnet Under the Microscope” , the link to which for some reason disappeared from the site esetnod32.ru. Symantec is not far behind Eset, the W32.Stuxnet Dossier report shows the following numbers: Iran (58.31%), Indonesia (17.83%), India (9.96%). By analyzing figure 5 from this report, we can determine that the approximate number of infected computers is also equal to 180 thousand, like Kaspersky Lab, only the distribution is different.
Do you know what it's called? Order! Eset publishes data that is beneficial to it. USA they show one thing, and the Middle East - another. Naturally, such revelations arouse suspicion - well, as well as in other trifles, they also lie? Kaspesky Lab is also great, everywhere they see a cyber war - you look, and the market in the Middle East expands.
Russia, by the way, has a special position. There are doubts that Russia is taking part in the events taking place in the Middle East theater of military cyber action. According to Trend Micro analysis , cybercriminals of the countries of the former USSR create fairly high-tech malware samples, for example, Salityand Zeus. But what is interesting, having such great opportunities, they do not "get involved" in politics, they just make money on ordinary Internet users. What is this - the lack of a spirit of patriotism or the “fear” of a serious investigation in case of encroachment on the secrets of a single state? Or maybe Russia has long been keeping the entire Internet under control? I would like to believe.