06.12.12
Expose the US virus war machine (continued)
After 20 years of national leaders and various experts making hay and fortunes on warning about others gathering to attack the US with cyberwar, what’s the sound when the US is exposed as the now most famous virus-writing machine for attacking others? Crickets.
Well, that’s only a small bit of it.
There’s still no shortage of politicians and arms developers/national security company profiteers going before Congress to warn of the deadly cyberthreat to the nation.
You can smell the stench of their hypocrisy everywhere. It is impossible to shame them although Kaspersky’s public dissection of the Flame virus appears to have caused its US handlers to pull the plug on it. But for how long?
A sampling from the Cyberwarhawks tab at Cryptome:
“We are being attacked in cyberspace now and we need to respond now. Our enemies would enthusiastically welcome to further postpone this bill in favor of more ‘process.’ — Sens. Lieberman, Collins, Rockefeller and Feinstein.
“We have spoken a number of times in recent months on the cyberthreat … that it is imminent and represents one of the most serious challenges to our national security since the onset of the nuclear age sixty years ago … We carry the burden of knowing that 9/11 might have been averted with the intelligence that existed at the time. We do not want to be in the same position when cyber-9/11 hits — it is not a question of whether this will happen, it is a question of when … — Michael Chertoff, Michael McConnell, Paul Wolfowitz, Michael Hayden.
[Readers will note the presence of McConnell, well known for ginning up fear of cyberwar for the benefit of the cyberdefense business he fronts at Booz Allen Hamilton as well as Paul Wolfowitz, one of the famous architects of the Iraq War disaster.]
As a leading cybersecurity provider of the federal government we recognize that cyber attacks one of the greatest threats to our national and economic security … — Northrop Grumman, arms manufacturer
The U.S. military is placing too much emphasis on defense against cyber attacks when it should be developing offensive cyber capabilities, according to Sen. John McCain.
“???I am very concerned that our strategy is too reliant on defensive measures in cyber space, and believe we need to develop the capability to go on the offense as well,??? Sen. McCain wrote in remarks appended to the Senate Armed Services Committee report on the FY 2013 defense authorization bill.
“I believe that cyber warfare will be the key battlefield of the 21st century, and I am concerned about our ability to fight and win in this new domain.”
To describe the McCain statement as without clue in light of current events probably doesn’t quite do it enough justice.
Stuxnet has once again exposed American exceptionalism. Espionage and sabotage are presented as intolerable criminal transgressions, normally causing our elected officials and military leaders to erupt in fits of righteous indignation. That is, unless the United States is doing the spying and the sabotaging (in which case we’re seemingly rather proud of our status as leading rogue state). By crossing the Rubicon, our leaders have irrevocably lost the moral high ground. Not a wise decision for a country that, itself, depends heavily on the same buggy software that it regularly subverts.
For many years I have seen comment from F-Secure’s Mikko Hypponen in press articles and analyses on the worldwide virus problem.
Not at all prone to exaggeration, Hypponen has always tried to be scrupulously accurate.
For the New York Times, Hypponen had this to say about US virus war:
If somebody would have told me five years ago that by 2012 it would be commonplace for countries to launch cyberattacks against each other, I would not have believed it. If somebody would have told me that a Western government would be using cybersabotage to attack the nuclear program of another government, I would have thought that’s a Hollywood movie plot. Yet, that’s exactly what’s happening, for real.
Cyberattacks have several advantages over traditional espionage or sabotage. Cyber attacks are effective, cheap and deniable. This is why governments like them …
By launching Stuxnet, American officials opened Pandora’s box. They will most likely end up regretting this decision.
Hypponen notes the coincidence of American Stuxnet operation revealed by the Times just days ahead of the Kaspersky analysis linking Flame to it.
To reiterate, this shows the US national security structure has been devoting significant time to the development of cyberweapons while hypocritically warning about the the threat to this country from other cyber-attackers — often for its own benefit, part of what the insiders call “the self-licking ice cream cone.” It uses the arms contractors/war profiteers interested in expanding their cybersecurity business operations.
On the 4th the New York Times, in one of many pieces of Flame, focused on describing the Kaspersky Labs anti-virus business, mostly concerned with the fact that it is Russian and therefore allegedly untrusted by US companies and defense contractors. Left unsaid is that many US defense contractors want the dollars for cyberdefense all for themselves and that home users, for many many years, have had no doubts at all about Kaspersky Anti-virus.
Sean Sullivan, from F-Secure, said: “[Flame is] interesting and complex, but not sleek and stealthy. It could be the work of a military contractor — Northrop Grumman, Lockheed Martin, Raytheon and other contractors are developing programs like these for different intelligence services. To call it a cyberweapon says more about Kaspersky’s cold war mentality than anything else. It has to be taken with a grain of salt.”
[Another anti-virus vendor, the minor Webroot, commented it had isolated Flame virus in 2007 but considered it “unsophisticated.” This type of argument on the features of virus code — whether it’s technically spectacular or not — has been in the anti-virus industry since its inception. Which readers will eventually see as I continue to serialize The Virus Creation Labs online.]
“Antivirus companies are in a not easy situation,” Mr. Kaspersky said. “We have to protect our customers everywhere in the world. On the other hand, we understand there are quite serious powers behind these viruses.”
Even though finding viruses first is usually a boon for antivirus companies, cracking Flame, Mr. Kaspersky said, might hurt his business in one regard. “For the next five years, we can forget about government contracts in the United States.”
From me, GlobalSecurity.Org on June 1:
An anti-virus company may depend a great deal on government contracts. So what to do, what to do, when malware inevitably crawls into non-target computers in non-designated-enemy nations and your analysts and coders have a good idea of who’s behind it?
You develop an antidote and distribute it to everyone. But do you spill the beans? You have a conflict of interest, moral and ethical hazard. Doing the right thing might cost business.
Or if you’re a security company not in the US does it matter at all? You know who’s behind the attacks and you have a nice story to tell based on your pulling apart viruses. Lots of people might want to hear it.
While anti-virus software developers and others are still talking about the difficulty of attribution in virus attacks, there will come a time — just as there has in the past with regards to a handful of other famous virus writers — when they find out who, specifically, is behind the code from a national program. Everyone slips up sooner or later and someone in the international or domestic anti-virus business will have a name, or names. When they get them they should immediately publicize the information.
