The notorious US spy agencies invented this monster, first with the Stuxnet virus against Iran—but then they lost control over it.
ndy Greenberg’s cover story in the July issue of Wired magazine could not have been more timely. This week the mysterious cyber pirates struck again, shutting down computer networks at businesses and banks and government agencies from Eastern Europe to the United States.
Greenberg’s article describes the nightmare of cyber attacks the Ukraine has suffered over the past three years—recurring blackouts of industrial sectors, which corporate watchdogs suspect were orchestrated by Russia’s sophisticated hackers (if not by freelance bandits demanding ransom).
Some industry insiders assumed Russia was using Ukraine as a test market for industrial chaos. Might Moscow be preparing to make the United States its ultimate target? It’s a scary thought. Greenberg found some experts who are taking it seriously.
“I think it’s the brazenness of Russia’s activities in the 2016 election that has scared people the most,” Greenberg told Fresh Air interviewer Terry Gross on NPR. “The fact that Russia is willing to insert itself into our electoral process has made the political community, but also the cyber-security community, wonder how far Russia will go. Russia has tried to mess with or infect or lay the groundwork for attacking American infrastructure.”
Many Americans are naturally indignant—how dare those nasty Russians tamper with the sanctity of our free elections!—and express injured innocence. Congress has launched high-minded investigations.
But American self-righteousness is misplaced. This malignant technology disrupting the global industrial system was pioneered in the USA, by our very own government. The broad public (myself included) didn’t realize this, because with rare exceptions like The New York Times, the mass media do not discuss the true origins of this disease. It’s easier to blame disruptions on familiar bad guys.
In this matter, however, the notorious US spy agencies—the NSA and CIA—are in the role of Dr. Frankenstein. They invented this monster, but then they lost control over it. Their first intended target was Iran and its nuclear ambitions. But now every unprotected Microsoft computer in the world is theoretically vulnerable to manipulated shut down if it doesn’t get corrective action.
“The US has certainly done the same thing to other countries,” Greenberg said. “It probably has tried to lay the groundwork for attacking the Russian grid as well.… To be clear, you know, the US was the first country to develop a real cyberweapon. This piece of malware called Stuxnet was designed and effectively did destroy nuclear enrichment centrifuges in Iran.”
Stuxnet was the first digital weapon devised by the NSA in collaboration with Israeli experts. The invention of destructive code was first authorized in 2006 by George W. Bush and continued by Barack Obama. The strategy assumed Iran would abandon its nuclear development if its engineers couldn’t control their own centrifuges (the same sabotage was originally intended for North Korea but never applied).
The malware worked—crashing hundreds of Iran’s 6,000 centrifuges—but it failed to dissuade Iranian leaders. They figured the unexplained malfunctions were the result of US sabotage.
espite US government secrecy, knowledge of the deadly technology has spread around the world. The NSA developed tools to neutralize or patch over the infected software, but those tools have either been stolen or leaked. According to the Times, the NSA still refuses to share its remedial tools with private industries or foreign governments or even acknowledge that the agency has cures for the pain their technology has caused.
The technical complexities intimidate Luddites like myself, but the core meaning of these events is political, not technological. When Washington officially confirmed its failed Stuxnet strategy back in 2012, a Canadian defense consultant told The Washington Post: “Effectively, the United States has gone to war with Iran and has chosen to do so in this manner because the effects can justify the means…. This officially signals the beginning of the cyber arms race in practice and not just in theory.”
The pirates are currently free to demand ransom, and every government is at a disadvantage. Greenberg pointed out that Russia’s intentions could also be defensive. “It’s possible that Russia is pulling off these attacks on Ukraine to show what it can do, to signal to the US and the rest of the world, Don’t mess with us. Don’t launch your own cyber attacks on our infrastructure, we have the ability to retaliate.”
Americans, it seems, still want to have it both ways. We are the peacekeeper that upholds the world’s higher values, but we are also the self-interested tough guy willing to bully others. But our overwhelming military power doesn’t help much in these new circumstances. The wondrous technology has created a new kind of libertarian anarchy, in which the pirates have power and are destroying equity and amity. That dangerous condition cannot endure.
What the global economy really needs at this point is a new industrial version of the Geneva Conventions—an agreement that creates new rules of industrial behavior and commerce that every nation must follow if it wants to participate in the global trading system. Such a noble objective will require years of political persuasion, maybe decades. But it is the sort of great achievement the United States has led in its past.
The question must be asked. Can the world trust present-day Americans to do the right thing?
No comments:
Post a Comment