´Cyber attacks could mean end of world as we know it´ (HAŽARETZ NEWS) By Oded Yaron 06/07/12)
HA'ARETZ} NEWS SERVICE
HA'ARETZ} NEWS SERVICE Articles-Index-Top
Questions raised during press conference at Tel Aviv University cyber
warfare panel event concern ´Die Hard´ style disasters.
Eugene Kaspersky, the founder of the Russian Internet security firm
that alerted the world to the Flame virus, ignited a fire of his own
yesterday in Tel Aviv when he sketched out nightmare scenarios that
cyberwarfare could cause.
Speaking at a press conference at "The Cyber Warfare Conference:
Challenges in the Global, Political, and Technological Arenas,"
organized by Tel Aviv University´s Yuval Ne´eman Science, Technology,
and Security Workshop, Kaspersky said that Flame was "just the
beginning," adding, "I´m afraid that it will be the end of the world
as we know it."
In response to a question about what the world would look like after
the kind of cyberterror apocalypse that he feared, he referenced the
Hollywood-imagined dystopia of the 2007 film "Live Free or Die Hard,"
in which Bruce Willis, as cop John McClane, teams up with a young
computer hacker to stop a cyberterror attack that is shutting down
the United States.
"Before ´Die Hard 4.0,´ the word cyberterrorism was a taboo in my
company. It could not be uttered aloud or discussed with the media,"
Kaspersky said, adding that 15 minutes into the movie he fetched
himself a glass of whiskey and a cigarette, and that 10 or 15 minutes
later he refilled his glass and began shouting at the screen: "Why
are you telling them [how to do this]?"
Kaspersky is not the only dystopian prophet around. "If somebody
would have told me five years ago that by 2012 it would be
commonplace for countries to launch cyberattacks against each other,
I would not have believed it," Mikko Hypponen, chief research officer
at Finland´s F-Secure Corporation and an internationally recognized
authority on cybercrime, wrote in The New York Times this week. "If
somebody would have told me that a Western government would be using
cybersabotage to attack the nuclear program of another government, I
would have thought that´s a Hollywood movie plot. Yet, that´s exactly
what´s happening, for real."
Both Kaspersky and Hypponen have been accused of sowing panic and
fanning the flames around Flame. But some experts say that even if
Kaspersky´s colorful descriptions may be over the top, the fact is
that critical infrastructure in most of the world´s countries is
vulnerable to high-tech attacks. It happened in Iran, and it happened
in Estonia in 2007, when a dispute with Russia over a Soviet-era
statue triggered a massive distributed denial-of-service (DDoS )
attack that paralyzed the country for weeks.
When Guy Mizrahi, CEO of Israeli security firm Cyberia, was asked
whether Kaspersky´s apocalyptic scenarios were an exaggeration, he
said that after the Hollywood special effects were toned down the
dangers nevertheless remained. "It´s a question of will and of
capability, and today both exist," Mizrahi said, adding, "As soon as
they join together, [Kaspersky] is not exaggerating. Today it´s
pretty easy to create significant cyberattacks that will affect our
daily lives on every level," Mizrahi said.
But, he reminded his audience, "Just because you have the capability
doesn´t mean you will always use it." Mizrahi´s colleagues say that
most cyberweapons are developed for espionage purposes, as in the
cases of Flame and Duqu, a worm related to the Stuxnet virus used
against Iran´s uranium enrichment program. Intelligence agencies are
loath to give up their sources for the sake of sabotage.
Kaspersky said he believes that Flame cost less than $100 million to
develop and that Stuxnet cost less than $10 million. He also said it
is possible that Flame is still capable of sophisticated
transmission, explaining that because of the enormous size of the
virus there may still be undetected modules. He said that Flame
underlines the danger of cyber warfare.
"These ideas are spreading too fast," Kaspersky later said, "That
cyber boomerang may get back to you." He said governments must
cooperate to stop such attacks, as they have done with nuclear,
biological and chemical weapons.
Kaspersky used the example of an electricity-generating plant
targeted by a virus similar to Flame. He explained that similar power
plants anywhere in the world could end up being attacked by the virus.
"Flame is extremely complicated but I think many countries can do the
same or very similar, even countries that don´t have enough of the
expertise at the moment. They can employ engineers or kidnap them, or
employ ´hacktivists´," he said.
When Kaspersky speaks of these dangers, the main concern is
Supervisory Control and Data Acquisition systems, known as Scada. It
was Siemens´ Scada systems used in Iran´s nuclear program that was
targeted by Stuxnet.
It was not for nought that Evyatar Matanya, head of Israel´s new
National Cyber Defense Authority, part of the Prime Minister´s
Office, said yesterday at the conference that his unit, in
cooperation with the Ministry of Energy and Water Resources, has
developed a pilot program that involved mapping and carrying out a
risk assessment for all of the country´s critical national
infrastructure, with an eye to developing defense measures in the
The problem is the large number of different systems that were
developed, long before anyone even thought of computer viruses, or
for that matter of connecting these systems to the Internet. Mizrahi
said that he has come across Scada systems that are based on
Microsoft Windows 95 operating system, while Kaspersky topped him by
talking about systems based on DOS, which, contrary to popular
belief, is still out there somewhere.
Over the past several years many of these Scada systems have been
adapted for remote control over the Internet. The interface between
the old systems and the Internet can be a point of vulnerability,
partly thanks to various hacking tools, but also because of the ease
with which such systems can be found using search engines for
hackers, such as Shodan.
"By definition, Scada systems are old systems," Mizrahi said. "They
work, and they must continue to work, period. It´s not a problem in
some cases, because they aren´t connected to the Internet. In other
cases the systems are so old that the existing hacking tools don´t
work against them. But if somebody wanted to, he could pretty easily
develop the capability to hurt them. And even systems that are not
networked could be vulnerable," Mizrahi said. (© Copyright 2012
Return to Top
MATERIAL REPRODUCED FOR EDUCATIONAL PURPOSES ONLY