Onward, Botnet Soldiers!

2012-03-22
Those of you who have been following the story of Stuxnet have probably been mesmerized by its Hollywood spy thriller intrigue. A worm designed to target and disable industrial systems found in nuclear enrichment facilities in Iran. Rumors that the virus was, in fact, the love child of Israel and the United States, and designed to be a silent soldier in a new type of warfare: cyber warfare. If you doubted the speculation about Stuxnet’s origins (perhaps because you didn’t want to admit that a nation would knowingly unleash a vicious worm that would spread beyond its intended targets), then you’d best take a reality check.

Back in January, it was predicted here that 2012 would see the creator – or creators – of Stuxnet unmasked, and yet no one was more surprised by the news last week that Hollywood has nothing on President Obama, who at the beginning of his administration in 2009 gave the order to attack Iran with cyber weapons, reports The New York Times. A program that began with the Bush administration, Stuxnet – which has a mysterious and disturbing link to Conficker – was designed to target and damage Siemens industrial control systems, specifically the  the kind found in industrial plants. The worm wreaked havoc on the Iranian nuclear program, particularly at Iran’s uranium enrichment facility at Natanz, where centrifuge operational capacity dropped in a year by 30 percent.

But the story doesn’t end there, no, not by a long shot. In what could be argued is the strangest coincidence of the year, the week that news leaked about the U.S. and Israeli involvement in Stuxnet, news also broke of the Flame virus, spread across the globe. According to the Times of India, “The [U.S.] Homeland Security Department’s warning about the new virus, known as “Flame,” assured US companies that no infections had been discovered so far inside the US. It described Flame as an espionage tool that was sophisticated in design, using encryption and other techniques to help break into computers and move through corporate or private networks. The virus can eavesdrop on data traffic, take screenshots and record audio and keystrokes. The department said the origin is a mystery.”

A ‘mystery,’ huh? You mean like the mystery of Stuxnet? Dubbed ‘Olympic Games,’ the U.S. attempt at getting their geek on has some scary implications, of which Flame is only the beginning. According to The NYT report, the first method of infection was through double agents and lackeys: “Getting the worm into Natanz, however, was no easy trick. The United States and Israel would have to rely on engineers, maintenance workers and others — both spies and unwitting accomplices — with physical access to the plant. “That was our holy grail,” one of the architects of the plan said. “It turns out there is always an idiot around who doesn’t think much about the thumb drive in their hand.””

Too good to be true

The problem you see, is that we may never have heard of Stuxnet at all, if it weren’t for the fact that the little bugger was – like all good worms – designed to spread itself. And that’s exactly what Stuxnet did, The NYT reports. “In the summer of 2010, shortly after a new variant of the worm had been sent into Natanz, it became clear that the worm, which was never supposed to leave the Natanz machines, had broken free, like a zoo animal that found the keys to the cage.” Surprise, surprise, the malware got away from them.

A spam in every pot

Let’s take a look at another piece of news that became public recently, of a training video created by al Qaeda, one which calls for an ‘electronic jihad’ on the U.S. In it, the video draws comparisons between the state of U.S. aviation security prior to 9/11 and the state of computer security today. The video calls for attacks on vital U.S. systems, including the power grid. Now, analysts will tell you that there’s nothing to fear and it would take a coordinated effort to launch and be successful in such attacks, and they would be partially right.

But let’s not forget that some of the most effective botnets in history weren’t created with multimillion dollar computers and hosts of MIT graduates. In fact, the success of worms, viruses, and Trojans has always relied on e-mail as an effective, broad-based delivery system. Does anyone really believe the U.S. would stop at such a tactic? It’s a safe bet that al Qaeda won’t.

How do we know that we aren’t being recruited, little spam soldiers unwittingly marching off to war?

Leave a Reply