A few months ago, I wrote about how we could all be subject to electronic eavesdropping and internet monitoring. That was relating, more or less to the public end user. When it comes to Government, Military and Corporate matters, that is frighteningly different.
A huge percentage of data communications used by banks, Military and infrastructure-control to name but a few, is carried out over the internet and therefore open to being hijacked, “sniffed” copied, modified, etc… As technology moves on, the sophistication of these threats increases at a commensurate rate.
The attacks of 9/11, started a massive review of the ‘States and global Internet Security. The US Director of National Intelligence, Mike McConnel, sat with George Bush for 15 minutes, post attacks, and bluntly told him this was just the beginning. He coldly explained that whilst flying planes into buildings was bad enough, what would happen as a result of the following: Mike explained that, hacking into the systems of one or two international banks, monies could be transferred, lost, redirected. Accounts could be deleted and it would be almost impossible to repair the damage. Confidence in the money market would vanish and a financial crash would occur. He went on. The National Power Transmission is controlled via the internet. Say you were to hack into that, taking power stations off the grid and plunging numerous states into darkness? This would make 9/11 pale into insignificance. To his credit Bush was outraged and set about a massive review and amplification of USA’s cyber protection.
Countries and Continents hacking into and protecting each others secure networks is a multi billion dollar business. The US spends some 3-4% of GDP on it. China is at the forefront of military and commercial attacking. The US claim that the majority of attacks on its commercial and military networks come from the Far East. In 2012 the US had some 1500 personnel with a budget of 350 million $ defending itself. However, it is said China has more that 10 times that resource. Let’s take a simple fact; Big companies such as Cisco as an example, who provide data routers which allow us to connect clusters of PCs and servers to the internet, have their products made in China. It is well documented that some manufacturer’s routers have been found with “backdoor access” imbedded into their software. This means that a PC with a suitable Trojan downloaded onto it, could secretly open the router to sending personal, commercial data to locations undesired, without the user knowing.
The writing of viruses and Trojans is big business. The government agencies such as GCHQ and the US’s NSA (National Security Agency) are not allowed to hack the hackers (i.e. attack those that attack you) but it goes on. Quite often, when an attack virus or Trojan is detected on say, a military network, it’s allowed to sit on a secured system and monitored to see what it does. This gives the security agencies a clue as to where it came from and what it’s purpose in life is. Once understood, a virus is created and sent back to it’s source in order to learn more about it’s creators and or destroy the systems on which it resides.
The US and Israel were very concerned about Iran’s nuclear development. Now this is what I call a Trojan: The NSA and Israel worked together to produce a virus that would cause havoc with a certain piece of equipment used in Iran’s nuclear manufacturing process. In short the virus was to cause the centrifuges used to separate substances, to run out of control and causing massive damage. The virus, called Stuxnet, was somehow allowed to get into the Iranian power plants network. Probably done by an innocent engineer downloading a so called “Update” (made to look like a normal expected Microsoft update let’s say) for his laptop. This jumped to a pen drive which at some point was connected to a PC inside the secure network. It worked and the desired damage done. A minor problem however, that has come to light, is that the virus has infected machines elsewhere outside of Iran and has to be hacked itself to be stopped doing further damage.
The whole thing is actually quite worrying. We live on a fragile edge with the hackers and counter hackers doing their best behind us. Just be careful what you write in your next email is what I say. And, if I disappear soon after this is printed, I have said too much.
Seth, Zeta Services.