CYBER WAR - THE NEXT LEVEL

STUXNET - It is one side of the cyber war coin. The other side which is right now the world is facing is something un-imaginable. When Stuxnet is almost a government-run operation, the next phenomenon is exact opposite to that.

Very recently you might have come across two phrases. The first is "OPERATION: PAYBACK" and the next one is "OPERATION: LEAKSPIN". While the Stuxnet Warfare is definitely intended for sabotaging certain economic and strategic interests, the other form of cyber warfare is of highly ideological one. It is a war that reads a tagline "Right of Expression Vs Official Secrets".

At least for the time being, Stuxnet is a form of asymmetric warfare. But Operation Payback is not so. Here the battle lines are clearly drawn and both sides use almost same weapons to counter each other.

Probably for the first time in history of the war between the Rulers and the Ruled ones, the latter uses the same weapon as the former in an otherwise asymmetric war for centuries.

Operation Payback is the cyber attacks undertaken by a group of Anonymous Hactivists against the websites of Govt. of Sweden, Paypal, Visa and Amazon. They even attacked the websites of certain US Senators.

What is special and ideological in some group of hackers attacking certain money spinning websites like Paypal, Amazon and Visa? In fact is this what the hackers always do as a routine?

The difference between normal hackings and Op- Payback is that the attacks are not aimed at data theft or financial profits. Before that we will see the cause and modus operandi of Op Payback.

When a non-commercial website named www.wikileaks.org spilled some beans about certain high places, initially no one even gave a glance. Things changed when the whistle blowing website revealed some documents on the Church of Scientology. Web-world slowly showed some respect towards the site and soon recognized as a prime whistle-blowing website.

It was the Afghan and Iraq War Logs of the US Army that made wikileaks as the centre point of global attention. The treasure of information revealed the appalling state of affairs of the war-ravaged Afghan and Iraq. Particularly the revelations that there were exponentially high civilian casualties inflicted by US and its coalition partners in Iraq and Afghan made the superpowers worried and they decided to neutralize the wiki-threat.

Wikileaks also took the battle call seriously and its next step is much daring. It informed that it will release the diplomatic cables sent by various US embassies all around the earth in nearly four decades. The US instead of heeding to a redacting call of the documents by wikileaks, stepped to stop the leaks.

The breath-taking events occurred then were now history. Wikileaks slowly released diplomatic cables and named it as Cablegate. US, which is well known for its strong-arm tactics just like any other modern democracy retaliated by unleashing the massive DDoS attack the world has ever seen. For almost two days the data of wikileaks could not be accessed. Not satisfied with the DDoS, the US went further by “advising” Amazon to drop Wikileaks from its server. Amazon heeded the call along with EveryDNS dutifully.

The Domain Name Server company and the Cloud Computing company carrying the data of Wikileaks were cowed down by advice or threat whatever you call. So the data will not emerge. What’s next? US officials brainstormed and decided to cut-off the money supply to Wikileaks. As wikileaks is a non-commercial entity, it is survived by money and efforts of volunteers. US struck there by advising and Paypal and Visa to drop wikileaks.

Now funding is cut off. And getting orphaned in cyber space by losing the cloud space and domain name servers. So far it is an asymmetric warfare in cyber space by US.

Wikileaks took the bull by the horns.

It resurfaced from another set of servers in Europe with around thirty mirror sites. To make things worse it has floated in cyber space a Thermonuclear Device named insurance.aes256. The 1.3 GB file, allegedly contains all the documents of Cable Gate with other financial scandals and was downloaded immediately by around 10,000 net users around the globe. So Master Weapon deployed. It is believed that if wikileaks is to be taken down by the affected governments, this file will act as an insurance and reveal the truths to the world which every government is dying hard to hide especially US.

Almost lost in the cyber war, which is getting even by the actions of wikileaks, a rape case was registered against the founder of wikileaks. But this is not a very novel technique to arrest somebody you don’t like. But this is yet practiced in every democracy. In certain democracies, we put narco-drugs in the house of the person we don’t like and we will arrest him. Then we will kill him in encounter saying that he was trying to escape and in the process, he tried to kill the policemen. In self defence, the police shot back and the accused died due to gun shot wounds.

Anticipating arrest, the founder sneaked into London and got arrested there. Precisely, this is the time, the dimension of the war was completely changed. So far it is between Wikileaks Vs Western Democracies. Now started Op Payback. A group of anonymous hacker-activists paid back to US in its own coin. A massive DDoS attack was unleashed on the websites of certain US Senators, Paypal, Visa, Amazon and Government of Sweden.

In one way, it can be seen as the manifestation of the inner aversion of global citizens towards their governments which will not tolerate expression of citizens in whatever form, that are adverse to its interests.

So Operation Payback is a brief Cyber War waged by the citizens against their own governments in support of a just cause, with the same weapons used by the governments themselves.

It is high time, governments shall change the way they are running their diplomacy by making it more transparent. It is important for governments to respect the Right of Expression of its people. Or else……Op Payback 2.0 may happen

STUXNET - THE NEW CYBER WMD?

Today evening, again I was browsing my TV channels. As usual every news channels, English or regional were showing some sort of scandals, scams, CBI raids, revelations etc. and etc. They were seriously discussing what they call as "Mother of all Scams - The Spectrum Scandal" along with certain "Step mother scams like ADHARSH Housing scandal; Commonwealth Games Scandal" and other "Brother and Sister scams like TNHB allocation scam and so on...".

Nowadays I am too fed up with these scams as they are creeping at an alarming rate of 2 SPD (2 scams per day). No!! I should not think like this!!!. It is un-patriotic. So I decided to do what every other law-abiding citizens do... 1. Check for new sensational news or 2. watch cricket or 3. watch your favorite or unfavorite actress showing her vital components!!!! And we have sufficient channels catering our above cited national duties.

I decided to do the national duty no.3 to ascertain my patriotism. When Deepika Padukone was likely to bend in front of me, the TV channel got off due to rain (which is a rare phenomenon in TN). I switched ON my old Laptop to browse the Internet.

The hot topics in the net-world struck me and made me to wonder – THE WAR HAS JUST BEGUN……. So what sort of war I am mentioning here? Conventional Warfare between armies of states? Or the Unconventional Warfare between armies of state and non-state actors? No, It is a different war altogether. The war was taken to the new level.

We will analyze two events which slowly evolved into phenomenon themselves.

One is the Stuxnet style warfare. What is Stuxnet? It is a mega (bit) size worm developed to attack the critical infrastructures of a country like Power Station (Thermal and Nuclear Power Plants), Process Industries (Enrichment Facility) or any facilities that use a Variable Frequency Drives.

For those who are thinking that Stuxnet is just another VIRUS or WORM or some malicious code that aimed at data theft, denial of services, gathering zombies etc., it is a shocker altogether. In a broader perspective, Stuxnet symbolizes the BEGINNING of the Utra-Modern Cyber Warfare.

Imagine you are a Military Officer entrusted the task of decimating a secret facility in a so-called rogue-state which enriches Uranium for a N-Bomb. To execute your mission, first you have to train your Special Forces. Then Deploy them by air-dropping amid enemy fire, or Using aerial bombing as a support you can breach their perimeter. Then overwhelm your enemy with your fire power; Capture the facility or destroy it. In the process you have to arrange for medical evacuation, take care of friendly fires and so on… Really hell of a job isn’t it?

But to your surprise, With codes like Stuxnet at your disposal, you need not deploy your Special Forces and other tedious tasks mentioned above for the mission. All you have to ensure is your Stuxnet style code reaches the countless numbers of computers that are controlling the various drives and equipments operating in the Bomb manufacturing plant.

Once infected with the Worm, the built in programmes inside the Stuxnet will make the drives (motors, pumps, centrifuges, turbines etc) to malfunction like variation of speed, or even stoppage of the drives which can hamper the process of manufacturing.

A post mortem analysis of Stuxnet which attacked the Busehr Nuclear Power Plant of Iran, reveals that it was not scripted by a single hacker or a hacking community. Instead of a handful of hackers, it can be created only by a group of well trained professionals. The sheer size of the worm (app. 2 MB), can reveal you what the Stuxnet is made of and capable of. There is a speculation that Stuxnet can be created and tested only by a government organization and most probably by an intelligence agency. It is a well known fact that commercial hackers will not gain anything by damaging a drive control of a Centrifuge in a remote place in Iran. It lacks motivation.

Only two agencies in the entire globe like to see the centrifuge in the Iranian Nuclear Power Plant to malfunction – the CIA and the MOSSAD. There are reports that Stuxnet has infected not only Iran, but also the INSAT 4-B of ISRO too. Imagine a world where you require just a 2 MB sized code to malfunction satellites, launch vehicles, submarines, nuclear reactors, fighter jets, chemical plants, oil refineries, gas terminals and other critical infrastructures.

Whatever you have seen in the Bruce Willis starrer DIE HARD 4.0 is becoming real.

In fact the situation is much graver than what was depicted in the movie. Stuxnet and its would-be successors are not just malicious codes. They are cyber weapons of mass destructions (CYBER – WMDs). Though Stuxnet used the vulnerabilities in the Operating System of one particular PLC (Programmable Logic Controller) – the WIN CC/PCS7 of Simens, it will pave the way for other intelligence organizations to exploit the vulnerabilities in other PLCs used to.

In fact, around 6000 computers are infected by Stuxnet in India itself. It is right time for the nation states to devise policy initiatives and standards for securing the Control System of a critical facility. There shall be adequately trained people for Control System Security. Also the SCADA / PLC manufacturers hitherto least bothered about the security aspects have to re-think their strategy to add teeth to the Security related features of the Control System. By unleashing Stuxnet, a dangerous precedence was created and the world has to live, survive and fight the Stuxnet way of mass destructions.

About the next cyber war we will meet in our next blog.