Home > Uncategorized > Cyberterrorism and cyberstatecraft

Cyberterrorism and cyberstatecraft

Let’s start with a review: StuxNet was a virus created to specifically infiltrate Iranian nuclear enrichment facilities and physically and irreparably damage the centrifuges used to weaponize nuclear material. It was transmitted over USB flash drives to be able to get in to computer networks that weren’t connected to the internet. It was extremely specifically targeted to only activate when it detected the exact type of industrial machinery used to run the centrifuges, and stealthily attack those. Otherwise, it sat dormant and simply spread.

Once the payload was activated, it would cause the centrifuge to subtly run outside parameters in order to permanently damage it. To do this, the people who created the virus (an estimated 8 to 10 people over a period of six months) had to have access to the exact centrifuges in use by the Iranians, which points very heavily to the assistance of a national government.

Given the target, reasoning backwards points to either Israel or the United States (or both). This is very likely a piece of electronic statecraft, an attack to limit the Iranian nuclear capability in the same way that the Israelis bombed a nuclear reactor under construction in Iraq in 1981.

Why is this important? The United States is saying that a “cyber attack” (nee hacking) can constitute an act of war and be grounds for retaliation.

LulzSec, a hacking group that has just recently started popping up in the news, has taken issue with that. They have hacked a website associated with the FBI for a few reasons. One, they believe the good guys are just as bad as the bad guys. That link talks about one of the supposed “white hats” offering to pay LulzSec to hack his competitors. Two, to expose what they consider to be hipocrisy: the US is engaging in cyberattacks while saying that it is an act of war. Three, to prove that dismantling a decentralized organization is even harder on the internet than it is in the Middle East.

They close by saying “Now we are all sons of bitches”, a famous quote after the Trinity nuclear test pointing out that nukes (like cyberwarfare) are a terrible weapon with incredible power, but they can never be un-discovered. In short, they are saying “This is how the game is played. Still want to play?”

Categories: Uncategorized
  1. Bartholomew Xerxes Ogilvie, Jr.
    June 14, 2011 at 11:49 am

    What exactly is their point? That we should not make use of every available tool to protect our national security? Sounds like unilateral disarmament to me, and that’s never a good idea.

    Besides, it seems to me that these guys are missing a rather important semantic distinction: to say that cyberattacks *can* be acts of war is not the same as saying that all cyberattacks *are* acts of war. But of course it’s much easier, and more fun, to make sweeping generalizations.

  2. Hober Short
    June 14, 2011 at 1:21 pm

    I’m… not even sure how to respond. You make sweeping generalizations yourself and then sarcastically indict them by saying that it’s “more fun” to do so.

    Without broadly interpreting the views of their press release and probably patterning some of my own on there, I will say simply that disarmament is not only their goal, but patently and obviously impossible. Removing information from the internet can’t be done, and the “tools” of a hacker are a web browser and a terminal session.

    Also, the distinction you draw in your second paragraph is also pretty patently obvious. The point is asking who gets to decide which hacks are and are not an act of war? When we hack Libya, that isn’t, but if Iran hacks us, that is?

    • Bartholomew Xerxes Ogilvie, Jr.
      June 14, 2011 at 3:04 pm

      I’ll admit that I didn’t read the press release; the URL was sufficiently juvenile to turn me off. I’m just reacting (maybe overreacting) to the moral equivalence of “the good guys are as bad as the bad guys,” which is nonsense. It’s like the protesters who labeled George Bush a terrorist, refusing to see any distinction between the war in Iraq and the 9/11 attack.

      In this case, we have the U.S. government merely deciding that a hypothetical future cyber-attack *could* constitute an act of war. Maybe it’s obvious to you and me that this isn’t saying all cyber-attacks *are* acts of war, but the LulzSec group seems to have missed that nuance. I don’t know how else to interpret their accusation of hypocrisy.

      As for the question of who gets to decide what is an act of war, the answer is we do. So does Iran. So does any other country. To call something an act of war is simply the diplomatic equivalent of saying “pistols at dawn,” and each country gets to decide where that threshold lies. If Iran wants to call StuxNet an act of war, they’re free to do so; frankly, it seems irrelevant, because as far as I’m concerned, we’ve been at war with Iran since at least 1980.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: