The world’s first cyberwar just ended

Wednesday, 27 November 2013

On 15 July 2010, journalist Brian Krebs reported on his cybersecurity blog that researchers had discovered a sophisticated new strain of malicious software – what most of us would refer to as a virus.

Krebs: “Independent security researcher Frank Boldewin said he had an opportunity to dissect the malware samples, and observed that they appeared to be looking for Siemens WinCC SCADA systems, or machines responsible for controlling the operations of large, distributed systems, such as manufacturing and power plants.”

In the early hours of Sunday morning this week in Geneva, Iran reached agreement with the United States, France, Britain, Germany, China and Russia to curb some of its nuclear activities.

What's the connection, you may ask?

What most of us have observed, but not yet understood, is the first global cyberwar in the history of the human race.

But let's step back for a bit. In 2006, then US President George W Bush had been presented with a range of alternatives to dealing with a resurgent Iran.

Mahmoud Ahmadinejad was elected president in 2005 and the country was suddenly becoming vocal about pursuing the destruction of Israel and ramping up on its nuclear capability. In 2006, Ahmadinejad took media on a tour of his country's uranium enrichment facility at Natanz where he promised to install more than 50 000 centrifuges.

(Natural uranium is made up of more than 99% uranium 238 and less than 1% uranium 235. Uranium 235 is needed for nuclear reactors or weapons. A kilogram of uranium yields about 7 grams of u-235. One separates uranium into the heavier u-238 from the lighter u-235 by spinning it in a centrifuge.)

Bush effectively had two alternatives. He could either go to war with Iran or let Iran get nuclear weapons.

But Bush had a problem. He had not so long before gone to the rest of the world and lied about Iraq having weapons of mass destruction.

He could not now go back to them for support in going after Iran.

(What could he have said? "Guys, sorry I lied before, but this time I'm telling the truth"?)

So Bush began to seriously consider the question: Could cyberweapons be used against other countries?

They codenamed the operation "Olympic Games".

Fast forward two years and Barack Obama walked into the White House. One of his promises to voters was to tighten up America's cyber security. What he did not say was that the resources being poured into that task would also be successfully used to ramp up on offensive capability.

The Olympic Games project was tightened up under Obama in partnership with Israel's Unit 8200.

And it was unleashed.

A centrifuge, like any automated mechanical process such as assembly lines or traffic lights or railway switching, is controlled by a computer known as a Programmable Logic Controller – PLC.

The Olympic Games virus spread rapidly through the Internet, but unlike most malware was almost completely harmless to most. It would check to see whether it was running on a PC running Siemen's control software for PLC, it would then check to see whether there were centrifuges attached, it would then download control code into the PLC.

By 23 November 2010, Natanz was shut down several times because of technical problems. What would happen is that the centrifuges would suddenly speed up, then slam on the brakes. The effect was that the centrifuges began to destroy themselves.

So Iran's nuclear ambitions were shot to hell. Meanwhile, crippling economic sanctions around that nuclear capability had brought the country to its knees. President Hassan Rouhani was smart enough to realise that continuing down the nuclear path set by his predecessor was never a path to victory.

The decision in Geneva last Sunday was Iran's surrender in the first global cyberwar.

Don't believe the bluster of Israeli premier Benjamin Netanyahu. The cooperation between the US and Israel has never been stronger. The world is a safer place now that the possibility of war in the region is reduced.

But pause for a moment to think what this means. There is no aspect of our life that is not controlled somewhere up the food chain by PLCs. All of these are open to cyber sabotage. Randomly simultaneous changing all traffic lights at intersections to green can disable a nation far more cost-effectively than a ground war.

Then reflect on the fact that our government has squandered our intellectual capacity to fight such a war in the name of affirmative action.

  • Brian Krebs blogs at krebsonsecurity.com
  • Confront and Conceal: Obama's Secret Wars and Surprising Use of American Power by David E Sanger gives details about Olympic Games and other programmes. I highly recommend it.