Pierluigi Paganini
April 03, 2012
Article Published on The Hacker New Magazine – April Edition “Cyber_Warfare”
First let’s try to provide a definition of cyber-weapon, to do this I get inspiration from an article written by experts Thomas Rid and Peter McBurney. Correctly define cyber weapon has significant legal and political consequences as well as the security itself. The line between what is a cyber-weapon and what is not a cyber-weapon is subtle.
But drawing this line is important. For one, it has security consequences: if a tool has no potential to be used as a weapon and to do harm to one or many, it is simply less dangerous.
Secondly, drawing this line has political consequences: an unarmed intrusion is politically less explosive than an armed one. Thirdly, the line has legal consequences: identifying something as a weapon means, at least in principle, that it may be outlawed and its development, possession, or use may be punishable.
It follows that the line between weapon and non-weapon is conceptually significant: identifying something as not a weapon is an important first step towards properly understanding the problem at hand and to developing appropriate responses. The most common and probably the most costly form of cyber-attack aims to spy.
The two expert define “cyber weapon” as “a computer code that is used, or designed to be used, with the aim of threatening or causing physical, functional, or mental harm to structures, systems, or living beings“
Over the years many cyber weapons have been identified, without a doubt the most famous of which is the virus Stuxnet, and this has led to introduce many different classification for their qualifications.
An interesting classification of cyber weapons is based on spectrum of action, in this scale we introduce the following categories:
Cost and complexity of this cyber threats are related to the category the belong, consider also that behind high potential agents there is a long and considerable content of intelligence used to acquire information on final target and develop the weapon specific for it.
In recent years one of the topics of greatest interest in the international scientific community has been the development of new cyber weapons to use against hostile countries.
What dominates, without any doubt, was the use of viruses and other malware to attack critical infrastructure of the opponents.
The Stuxnet case did school, for sure behind its development there are government structures, most likely in the U.S. and Israel.
Why the use of a cyber weapon has proved a winner?
To understand the real evolution of cyber weapons will propose again taken from a slide part of the presentation “Preparing for a Cyber Attack” by Kevin G. Coleman.
Easy to understand how is grown over the years the technology in the development of a cyber arsenal and how dangerous are the cyber weapons of the next future.
But what are the objectives to be attacked with weapons of this kind?
The series is very wide, it is known that through a malware can affect any system in which there is a control component. To cite some examples:
Several intelligence studies demonstrate that more over 140 countries have a cyber weapon development program, starting from 2006 the the equity investment is a hundred times higher, with a sensible increase in the number of countries that are pursuing this kind of weapon or acquiring knowledge in the sector.
THE cyber weapon is a unique prerogative of governments?
Unfortunately not, although behind the development of a cyber weapon there is a painstaking intelligence work and investment still large, we must keep in mind that such weapons can also be developed by groups of criminal and hacktivist with unpredictable and disastrous. As anticipated the development of a cyber weapon requires a long process of research, however, groups of hackers and cyber criminals may be able, through processes of reverse engineering, to analyze the sources code of existing weapons modifying it according their design. In this way could proliferate cyber weapons characterized by increasingly complexity and unpredictable behavior.
Let’s clarify that a cyber weapon not necessary must be used with offensive purpose, during last months a news has been circulating in some media about the Fujitsu company has subscribed a contract with the Japanese Ministry of Defense developed for a development of a new virus.
The news confirms therefore the approach introduced in this article, viruses are used as a weapon inside a cyber strategy. I cite this example to the uniqueness of the case. This time the project for the virus development should not be but for the offense purpose but for defense. That is another interesting usage of a cyber weapon, developed to defend systems and track back any cyber threats.
Regarding the project, for an approximate cost of U.S. $ 2.3 million, appears that Japan is keen to have a tool that seeks out infected computers, hopping from PC to PC, and cleans them up.
The debate on the efficacy of the method adopted is open.
Are we ready to face a cyber attack?
No doubt in recent years, international opinion was strongly sensitized on this issue and there have been huge investments in warfare. Numerous studies have demonstrated the need for adequate cyber strategy, defensive as offensive. Unfortunately the news is not good, too many critical infrastructures are still vulnerabilities to attacks carried out with this type of weapon, it is therefore necessary to monitor, with an international collaboration, the development and proliferation of these threats. The key critical infrastructures all over the world must be identified and must be defined a common defense policy … we still have much work to do.
About the Author : Pierluigi Paganini, Security Specialist
CEH – Certified Ethical Hacker, EC Council
Security Affairs ( http://securityaffairs.co/wordpress )
Email : pierluigi.paganini@securityaffairs.co
References
http://www.tandfonline.com/doi/abs/10.1080/03071847.2012.664354
