Absher 1

Bradford Absher Professor Malcolm Campbell English 1103 26 November 2012

Cyber Warfare Serves as Modern Battlefields For centuries, battlefields have determined who would have power and hegemony to rule, command, and influence. From catapults and cannons to guns and mustard gas, the battlefield prompts technological advancements as men wield their weapons of destruction. However, the advent of atomic weaponry has almost deracinated the concept of the battlefield; the need for armies and their respective hardware, in many cases, have been rendered obsolete by modern technologies. Drones and cyber weapons have come to replace man to man combat as a more desirable offensive. Due to our contemporary use and dependency on technology and its myriad capacities, cyber warfare presents countries with new ways to fight, whether through physical attacks or intelligence. Computer viruses are being created for hacking purposes, which are being used in modern day warfare and espionage. Discovered in June 2010, Stuxnet, a sophisticated computer worm, damaged the Iranian Nuclear Program by destroying approximately a thousand centrifuges, putting the program back years. The Iranian nuclear program has western powers concerned, including Israel. Publicly, Iran defends its pursuit of nuclear power, saying that its intention is purely peaceful. Due to the complexity of Stuxnet, it had to have been built by a government with various resources. The implementation of Stuxnet marks the first

Absher 2 use of a cyber attack on another country’s infrastructure. The United States considers a cyber attack an act of war, which is significant when considering the hypothetical consequences of an Iranian response to Stuxnet (Nakashima). Stuxnet, named for some of the key words discovered in its software, was developed by the Bush administration under the codename Operation Olympic Games. After the failure of US forces to find weapons of mass destruction in Iraq, the Bush administration had little leverage to get Europe or the UN to put tougher sanctions on Iran. They then came up with the idea of using a computer worm to infect the program. The virus was to result of collaboration between the NSA, CIA, and the Israel, with the CIA and Israel overseeing the logistics of getting the virus into the plant. The virus was able to infect a closed system, one cut off from the World Wide Web, probably through the use of a flash drive. “It turns out there is always an idiot around who doesn't think much about the thumb drive in their hand,” said one of the architects of Stuxnet. The testing of the virus spread out across several different national labs, so very few people would know what exactly was going on. Centrifuges from Mummar Gaddiffi’s scrapped nuclear program, which are similar to the ones used at the Natanz facility, were used in the testing process (Nakashima). Once it hit the facility, it was able to destroy one thousand of Iran’s six thousand nuclear centrifuges (cylinders that are vital in the enrichment of uranium), by making them rotate at fast speeds while sending signals that they were operating normally. It was designed to work slowly, sending signals to controllers that everything was working normally. This strategy was meant to make the Iranians believe there engineers were incompetent, as wholesale destruction would make sabotage obvious. The virus was able

Absher 3 to escape through the internet, probably when an engineer had his computer hooked up to one of the centrifuges. The virus, due to a programming error, infected his computer; thus, when the engineer took his computer home and connected to the internet, the virus was able to spread on the worldwide web. At this point, Iranian officials became aware of the virus (Mauer).

The President of Iran, Mahmoud Ahmdinejad, inspect centrifuges at the Natanz Nuclear Facility. Centrifuges like these were destroyed by Stuxnet.

Another cyber weapon is called Flame. Flame is a computer malware that infects computers and records information, and it is twenty times larger than Stuxnet although unlike Stuxnet, which was designed for sabotage, it is designed for spying, without causing physical destruction. Flame can record key strokes, take pictures on applications,

Absher 4 like IM programs, and record information about nearby Bluetooth devices, and then sends the information to one of the several command and control centers around the world. The international telecommunications union, which is part of the United Nations, asked for help identifying malware that was stealing data from personal computers in the Middle East. Flame has been operating since 2012, but it was discovered in May, 2012 by Kaspersky Lab, a Russian multi-national computer security company. According to the Washington Post, Flame was, once again, developed by the United States and Israeli governments. The early version of Stuxnet has code to spread via USB drives that is almost identical to the one found in Flame. The virus was noticed by Iranian officials after an attack on their oil industry. According to US officials who spoke anonymously, it was a unilateral attack by Israel. Although the virus is spread worldwide, the majority of infected computers are inside Iran. A suicide code ordered Flame to erase itself after it was discovered; the code was written in as a safeguard by the creators of the virus. One of the newest viruses to be discovered is the Gauss virus. Also discovered by Kaspersky Lab, it is named after the German mathematician, Johann Carl Friedrich Gauss, and has been running since September 2011. Several of the modules in the virus are named after famous mathematicians and philosophers including Kurt Godel and Joseph Louis-Lagrange. The most important module, the one that contained the data stealing capabilities, was named after Gauss (Finkle). There are over 2,500 known infections, although the true number could be over 10,000, with most of them being in Lebanon, Israel, and the Palestinian territories. Kaspersky Lab has said the origin is the same as Stuxnet and Flame, and refers to it as a “cyber-espionage toolkit.” The virus is currently in a dormant state, as its command

Absher 5 infrastructure was shut down in July 2012. Many of the targets were banks, including Citigroup’s Citibank, eBay’s Paypal, and Lebanon's BlomBank, and ByblosBank. The virus is like Flame in that it just steals data, and there has been no money moved as a result of the virus. The US government has monitored Lebanese’s banks for information about drug cartels and militant groups. Beirut is a hotpot for clandestine movement of money (Finkle). Leaders in the United States are fearful of future foreign cyber attacks threatening United States oil and gas industries. “At a time when entities in the Middle East are waking up to the prospect of cyberwarfare, America needs talented recruits capable of clandestinely breaking down another nation’s defenses” (Basulto). During his presidential candidacy in November 2011, Newt Gingrich voiced his belief that cyber attacks are one of the three major security threats in the U.S., and he also stated that he believed the U.S. is unprepared to deal with cyber attacks. Operation Aurora was a cyber attack in 2009 that was disclosed by Google, and this discovery led Google to pull out of China and redirect their China site to the Hong Kong location. This cyber attack targeted several U.S. companies, such as Adobe and Northrop Grumman, an American global aerospace and defense technology company. In the attack, intellectual property was stolen, and the Chinese hackers tried to access G-mail accounts of Chinese dissidents, including two accounts used by Ai Weiwei, a Chinese artist who is openly a critic of China’s government.

According to an article written by Dominic Basulto, the computer virus has become a desired strategy when dealing with sensitive but aggressive situations. Basulto writes, “The computer virus. It’s becoming the weapon of choice in the Middle East…It appears

Absher 6 the line between ‘covert action’ and ‘act of war’ is blurring like at no time in history in one of the world’s most volatile regions.” Basulto, a digital thinker at Bond Strategy and Influence, points out that the “cyber-soldiers” who stealthily infected Iran’s industrial computers with Stuxnet and Flame may never be known; however, it is vital that the United States must recruit and train the next generation of “coders and hackers” in order to be prepared for future assaults on American assets and infrastructures (Basulto). While the condition and technologies in war change, “the art of war does not.” The human factor, in relation to spies, and technologies, such as bombs, are being replaced by “pieces of malicious code that are activated and controlled thousands of miles away, leaving behind a lethal, digital payload that can be activated on-demand” (Basulto). Sun Tzu, a Chinese military general, strategist and tactician, wrote the ancient military book, The Art of War. Tzu’s book is considered cutting edge for its time, second century B.C. Tzu wrote that deception is the basis for all warfare, thus taking a passive aggressive strategic approach, “When able to attack, we must seem unable; when using our forces, we must seem inactive; when we are near, we must make the enemy believe we are far away; when far away, we must make him believe we are near” (Tzu). Basulto comments that due to the modern use of cyberweapons, Sun Tzu’s ideal for winning wars can become a formula for which contemporary military strategists may follow precisely. Furthermore, Basulto says that “a nation can attack when it seems unable to. When conducting cyber-attacks, a nation will seem inactive. When a nation is physically far away, the threat will appear very, very near” (Basulto). While the battlefield remains a place of strategy and destruction, it has been reshaped, on many fronts, into a place with omnipresence, a place wherein the soldiers create

Absher 7 viruses, tote usb drives, and other such technologies, and the course of action is driven by individuals and their gathered and reported intelligence, along with the impact of interior digital commands that cause exterior destruction.

Works Cited Basulto, Dominic. “Stuxnet, Flame and unfulfilling the dream of Sun Tzu.” Washington

Absher 8 Post. Washingtonpost.com. 02 June 2012. Web. 04 Nov. 2012. Denning, Dorothy E. “Sutxnet: What Has Changed?” Future Internet 4:3 (2012): 672687. Multidisciplinary Digital Publishing Institute. Web. 08 Oct. 2012. Finkle, Jim. “Virus found in Mideast can spy on bank transactions.” Reuters.com. 09 Aug. 2012. Web. 09 Aug. 2012.

Maurer, Tim, David Weinstein. “Flame Thrower.” Foreign Policy. Foreignpolicy.com. 29 May 2012. Web. 08 Oct. 2012. Nakashima, Ellen and Joby Warrick. “Stuxnet was work of U.S. and Israeli experts, officials say.” Washington Post. Washingtonpost.com. 02 June 2012. Web. 04 Nov. 2012. Newton-Small, Jay. “A War on Two Fronts.” Time 25 June 2012: 46-50. Print. Sanger, David E. and Eric Schmitt. “Rise Is Seen in Cyberattacks Targeting U.S. Infrastructure.” New York Times. Nytimes.com. 26 July 2012. Web. 03 Nov. 2012. Tzu, Sun. The Art of War. Chinese Text Project. ctext.org. Web. 2012. Web. 04 Nov. 2012.

Sign up to vote on this title
UsefulNot useful