Stuxnet: A new weapon for cyber insurgents?

Al-Qaeda scares airlines with parcel bombs worth $4 000. War with the Taliban costs the West billions of dollars a week. North Korea shells disputed land, winning instant fresh attention in a standoff with major powers.

Weaker combatants have always used unconventional or inexpensive means to defy stronger foes, including guerrilla warfare and suicide attacks that depend on a greater willingness to sacrifice life.

This approach can be decisive. Of all “asymmetric” wars since 1800 in which one side had far more armed power than the other, the weaker side won in 28% of cases, according to a 2001 study by US political scientist Ivan Arreguin-Toft.

The ratio may now be set to shift further in favour of the underdog.

The revelation this year of a novel way to use computers to sabotage an enemy’s lifeline infrastructure suggests a powerful new kind of weapon is moving within reach of weak states, militant groups and criminals, some analysts say.

That weapon is likely to be a variant of Stuxnet, a highly destructive internet worm discovered by a Belarus company in June and described by European security company Kaspersky Labs as “a fearsome prototype of a cyber-weapon”, analysts say.

‘A great danger’
“Stuxnet is like the arrival of an F-35 fighter jet on a World War I battlefield,” blogged German industrial control systems expert Ralph Langner.

Whoever created the bug, believed by many to have targeted an Iranian uranium enrichment facility, the job likely required many man-hours of work and millions of dollars in investment.

But now that its code has been publicly analysed, hackers will need only a few months to develop a version of the customised malware for black market sale, some experts say.

Ali Jahangiri, an information security expert who tracks Trojan codes, harmful pieces of software that look legitimate, describes that prospect as “a great danger”.

“The professional Trojan codemakers have got the idea from Stuxnet that they could make something similar which can be used by governments, criminals or terrorists,” he told Reuters.

Stuxnet’s menace is that it reprograms a control system used in many industrial facilities to inflict physical damage.

At risk is automation equipment common to the networks on which modern societies depend — power plants, refineries, chemical plants, pipelines and transport control systems.

Analysts say they suspect hackers are rushing to build a version of the worm and sell it to the highest bidder before experts can instal countermeasures plants across the globe.

“My greatest fear is that we are running out of time to learn our lessons,” US information security expert Michael Assante told a Congressional hearing on Stuxnet this month.

“Stuxnet … may very well serve as a blueprint for similar but new attacks on control system technology,” said Assante, president of the US National Board of Information Security Examiners, which sets standards for security professionals.

Langner says multinational efforts against malware inspired by Stuxnet won’t work since “treaties won’t be countersigned by rogue nation states, terrorists, organised crime, and hackers”.

“All of these will be able to possess and use such weapons soon,” he said. If the next Stuxnet cost less than $1-million on the black market, then “some not-so-well equipped nation states and well-funded terrorists will grab their cheque books.”

As well as favouring small states, cyber appears to be a tool of special value for Russia and China, since it allows them to become equals to the United States in a sphere where US conventional military dominance counts for nothing.

Stuxnet is a powerful example of the fastest-growing sort of computer bug — customised malware written specifically to attack a precise target. What is new is its power, and the publicity it has attracted through a presumed link to Iran.

Cyber advantage
That publicity will have drawn attention in small nations such as North Korea, which can be expected to take an interest in acquiring a Stuxnet-like capability to balance an inferiority in conventional arms with its US-backed southern foe.

Like some impoverished countries in Africa, North Korea has a cyber advantage — it has so few systems dependent on digital networks that a big cyber attack on it would cause almost no damage, writes former U.S National Security Coordinator Richard Clarke in his book Cyber War.

A state contemplating use of such a devastating weapon in a speculative attack could not guarantee it would not be found out, and might prudently restrict its use for all-out conflict.

However many terrorist groups, particularly those with a tradition of glorifying martyrdom, would have no concerns about launching cyber attacks.

“It can only be a matter of time before terrorists begin to use cyber space more systematically, not just as a tool for their own organisation, but as a method of attack,” British Armed Forces Minister Nick Harvey said in a speech this month.

A report on cyber warfare by Britain’s Chatham House think tank said there was no evidence to show terrorist groups had a cyber warfare capability but they were increasingly web-literate, using chat rooms to propagate their message and everyday items such as smartphones, online mapping and internet infrastructure as operational supports in attacks.

What is not in doubt is al-Qaeda’s willingness to use such a weapon to inflict economic damage on the West if it ever had the opportunity, experts say. Few doubt it would be able to get funds from rich donors to buy the malware on the black market.

Al-Qaeda’s Yemen wing said it cost just $4 200 to mail two parcel bombs from Yemen to America last month. Intercepted in Britain and Dubai, the bombs sparked a global security alert.

“This strategy of attacking the enemy with smaller but more frequent operations is what some may refer to as the strategy of a thousand cuts,” it said. “The aim is to bleed the enemy to death.” – Reuters

These are unprecedented times, and the role of media to tell and record the story of South Africa as it develops is more important than ever. But it comes at a cost. Advertisers are cancelling campaigns, and our live events have come to an abrupt halt. Our income has been slashed.

The Mail & Guardian is a proud news publisher with roots stretching back 35 years. We’ve survived thanks to the support of our readers, we will need you to help us get through this.

To help us ensure another 35 future years of fiercely independent journalism, please subscribe.


READ IT IN FULL: Ramaphosa’s address on the extension of...

This is the full address given by President Cyril Ramaphosa on April 9

Meet the doctor leading Africa’s fight to contain the coronavirus...

Dr Matshidiso Moeti’s father helped to eliminate smallpox. Now she’s leading Africa’s efforts against the coronavirus

Stella set to retain her perks

Communication minister will keep Cabinet perks during her two months of special leave

Covid-19 grounds Nigeria’s medical tourists

The country’s elites, including the president, travelled abroad for treatment but now they must use the country’s neglected health system

Press Releases

Rahima Moosa Hospital nursing college introduces no-touch facial recognition access system

The new system allows the hospital to enrol people’s faces immediately, using artificial intelligence, and integrates easily with existing access control infrastructure, including card readers and biometrics

Everyone’s talking about it. Even Kentucky

Earlier this year South African fried chicken fast-food chain, Chicken Licken®, launched a campaign for their wallet-friendly EasyBucks® meals, based on the idea of ‘Everyone’s talking about it.’

New energy mix on the cards

REI4P already has and will continue to yield thousands of employment opportunities

The online value of executive education in a Covid-19 world

Executive education courses further develop the skills of leaders in the workplace

Sisa Ntshona urges everyone to stay home, and consider travelling later

Sisa Ntshona has urged everyone to limit their movements in line with government’s request

SAB Zenzele’s special AGM postponed until further notice

An arrangement has been announced for shareholders and retailers to receive a 77.5% cash payout

20th Edition of the National Teaching Awards

Teachers are seldom recognised but they are indispensable to the country's education system

Awards affirm the vital work that teachers do

Government is committed to empowering South Africa’s teachers with skills, knowledge and techniques for a changing world