Category Archives: Cyber-space

New battlelines drawn in cyber-space

By Victor Kotsev

What is the relationship between the self-imposed blackout of Wikipedia and the September 2007 Israeli air raid against an alleged Syrian nuclear reactor? The sophisticated worm Stuxnet, dubbed the first cyber-weapon in history? Or the “cyber-war” between Saudi and Israeli hackers? And while we are on it, might we add WikiLeaks and the debates on media freedom?

On Wednesday, a number of leading Internet media, including Wikipedia and Wired, launched a protest against two bills, ostensibly intended to combat Internet piracy, which are making rounds in the United States Congress – the Stop Online Piracy Act (SOPA) and the PIPA whose full name has undergone several transformations but which was originally called the Protect Intellectual Property Act.  In a recent editorial, Wired magazine calls the two “legislation

that threatens to usher in a chilling Internet censorship regime here in the US comparable in some ways to China’s ‘Great Firewall’.” The article expands, “They would create a terrible precedent that other regimes could use to justify their own censorship efforts, potentially fragmenting the Internet into so many islands.” [1]

Rumors of plans to firewall off parts of cyber-space and to impose tighter controls over what happens there have been circulating for some time now. Such a measure may seem grotesque and improbable (if not downright impossible), but even more bizarre things have happened. Let us recall, for example, how the regime of former Egyptian president Hosni Mubarak instantaneously “found an off switch for the Internet” last February. [2]

Fundamentally, other governments’ motivation to try to control cyber-space bears some similarity to Mubarak’s. Over the past 10 years or so, the Internet has grown so much in significance in most countries that it has become an inseparable part of daily life. Not only is it a powerful social medium, but key networks either depend on it or are connected to it in some way, and are thus vulnerable to disruption. For a state, a measure of control over cyber-space is increasingly becoming an important part of exercising sovereignty.

The most recent example of these patterns is this week’s “cyber-war” between Israeli and Saudi hackers. On Monday, a group led by a pro-Palestinian Saudi hacker who goes by the name 0xOmar brought down the websites of the Tel Aviv Stock Exchange and the El Al airline and published on the Internet thousands of Israeli credit card numbers. Days later, Israeli hackers brought down the sites of the Saudi Stock exchange and the Abu Dhabi Securities exchange in reprisal, and published personal information (including credit card numbers) of thousands of Arabs.

While this particular exchange seems to have created more noise than real damage, sophisticated hacking attacks on various institutions and systems have grown ever more frequent in the past years. Hacking, moreover, has become an important part of clandestine operations and intelligence gathering.

On the more extreme end of things, the cyber-weapons used against the Iranian nuclear program illustrate the potential of this type of “warfare”. According to some reports, Stuxnet was only the most discussed of several potent viruses unleashed against the Islamic Republic of Iran. [3] As studies of Stuxnet have shown, these viruses carry enormous destructive potential, and could cause staggering damage to key civilian systems if used imprudently.

Attesting to their effectiveness, Iran was forced to upgrade some of its uranium-enrichment centrifuges against such attacks, [4] and reportedly decided to invest $1 billion in its own cyber-warfare program. [5]

A clarification is due. While the romantic popular image of hackers as independent geniuses who occasionally act in teams for a cause has persisted, reality, for the most part, is different. Hacking today has increasingly become more of a technical matter; the most pure paradigms for this are military cyber capabilities. For many years, the leading world militaries have possessed sophisticated platforms which allow the remote hacking of radars, enemy communications, and other networks.

Eli Lake writing for the Daily Beast, for example, provides a fascinating account of the Israeli drone-based platforms allegedly used against Syria in 2007 and perhaps awaiting an even tougher test against Iran. [6] In turn, Iran also reportedly used a similar a system, purchased from Russia, to down a stealthy American drone last month.

Even the civilian arms of the US and other governments allegedly possess systems that allow anybody with a certain amount of basic training to execute a fairly sophisticated hacking attack against a remote computer.

For individuals, save for a select few true geniuses, hacking has become a matter of crowd-sourcing: not so different in concept from what WikiLeaks’ founder Julian Assange (a hacker himself) did. In fact, not only are the tools and methods for hacking usually acquired almost ready to use, so is in some cases also the data that hackers claim to have stolen.

Hacking attacks typically exploit technical flaws that are ubiquitous and have already been discovered. This is especially true about less sophisticated hackers, but even high-powered government cyber experts such as the alleged creators of Stuxnet have taken this path. [7]

Such methods, though fairly crude, are nevertheless quite effective. Even attacks that require a fairly low level of competence – for example, using an “army” of infected personal computers around the world to “flood” a server with connection requests – often succeed in bringing sites and systems down.

The danger is that practically anybody can be a hacker in this way, and this brings up the issue of enforcing discipline in cyber-space with even greater urgency. In some ways, cyber-war is a golden opportunity for states to pass restrictive legislation.

A similar pattern can be seen in debates about media freedom in the context of the WikiLeaks revelations, and indeed in several other types of social debates. Over the past decades, improved means of travel and communication have given rise to powerful decentralized human networks, which in turn have started to challenge the sovereignty and fixed borders of traditional states.

A backlash seems practically inevitable – and it seems that we are already starting to witness some of that defensive reaction of governments.

Notes
1. Why We’ve Censored Wired.com, Wired, January 18, 2011,
2. Egypt Leaders Found ‘Off’ Switch for Internet, The New York Times, February 15, 2011.
3. See 1. ‘Stuxnet virus used on Iran was 1 of 5 cyberbombs’, Ynet, December 29, 2011, and 2. Expert: Cyber attack on Iran began in 2008, Ynet, December 3, 2011.
4. IAEA: Iran reaches breakthrough in suspected nuclear weapons push, Ha’aretz, September 3, 2011.
5. Iran embarks on $1b. cyber-warfare program, Jerusalem Post, December 18, 2011.
6. Israel’s Secret Iran Attack Plan: Electronic Warfare, , The Daily Beast, November 16, 2011.
7. How Digital Detectives Deciphered Stuxnet, the Most Menacing Malware in History, Wired, July 11, 2011.

Victor Kotsev is a journalist and political analyst.

(Copyright 2012 Asia Times Online (Holdings) Ltd. All rights reserved. Please contact us about sales, syndication and republishing.)

http://www.atimes.com/atimes/Middle_East/NA21Ak02.html

Follow

Get every new post delivered to your Inbox.

Join 477 other followers

%d bloggers like this: