Friday, November 15, 2013

The Code

This post will elaborate on the topic of computer viruses as tools for cyber attack, such as the case of Stuxnet worm in a previous post. Viruses of the like of Stuxnet are becoming more and more a threat to cyber peace of the world. Developers of these malwares, either an individual, an organization, or even a government, do not seek a massive and random population to attack anymore. The target is of extreme value and well selected. The two incidents below will best help us see this.

 "Flame" virus in Iranian government

 This virus was detected last year inside Iranian government computers. Iran has long been a target of computer viruses, supposedly released by other countries; however, Flame has been the most complex one ever found. It is "one of the most potent cyber weapons ever spotted" and "marks a new milestone in the escalating digital espionage battle."
It was believed Flame had been in successful operation for at least two years. Flame's resume is impressive: it captures what's on the user's screen, turns on microphone to record audio, identifies network users, steals passwords, transfers files to a destined server, and so on.
Many Iranians said Flame was a product of the U.S. or Israel just like Stuxnet or Duqu worm. Maybe. Maybe not. The bigger and more frightening picture is that weaponized virus like Flame is being developed more often, and it can be "reverse-engineered." What it means is that Flame, Stuxnet, Duqu, and their like all carry codes; these codes can be learnt, recreated by targeted countries like Iran, and turned against its attackers. The U.S. government has been called upon to beware of the inevitability of a "code war."



Attack on Saudi Aramco


Saudi Aramco is a Saudi Arabian government-owned exporter of crude oil, the world's largest exporter of crude oil, to be more precise. The virus arrived through email on August 15, 2012 and affected 30,000 computers of Aramco. Soon after the attack, the company's system was shut down and isolated for a period of time for cleansing and avoiding further attacks. On September 10, 2012, the entire system was announced to be back to normal operation.
The attack aimed to disrupt Aramco's oil production, but it failed ultimately. This incident raised serious concerns for future security any how.
Circumstantial evidence was pointing toward Iranian government; however, no conclusion was ever spoken.

Source: http://money.cnn.com/2012/05/30/technology/flame-virus/
            http://www.bloomberg.com/news/2012-12-09/saudi-arabia-says-aramco-cyberattack-came-from-foreign-states.html
            https://www.google.com/search?q=stuxnet&source=lnms&tbm=isch&sa=X&ei=ffaGUqT5DrXC4APk3YDwDg&ved=0CAcQ_AUoAQ&biw=1092&bih=522#q=code+war&tbm=isch&facrc=_&imgdii=_&imgrc=iVVxbNNj2SzzdM%3A%3BG8pFRCwcmFvryM%3Bhttp%253A%252F%252Fflair13.net46.net%252Fimages%252Fcode-war.jpg%3Bhttp%253A%252F%252Fflair13.net46.net%252F%3B2850%3B1900
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)