STUXNET ATTACK

Initially, the computer and the Internet seemed to be miraculous and luxuries, and then they became something without which our daily lives are no longer conceivable. Can you imagine a reality in which it was suddenly impossible to send an email, talk with a friend via Skype for two hours from a thousand miles away, buy something interesting or useful from an Internet auction or online store, or watch the latest news from around the globe just a few seconds after an event or incident has occurred?

On the one hand, the World Wide Web has made our lives much easier and more varied, but on the other, it has completely trapped us, catching us in its net forever. Just think about these words - a recent survey showed that at least half the employers in the US are browsing the Internet for all the information they can find online about this or that candidate.

We depend on computers and the Internet in all spheres of our lives - from education and entertainment to politics and economics. Among other things, we have entrusted our security to machines connected in virtual space. 

Only now are people really starting to realize that the opportunities and broad possibilities of the World Wide Web are, in fact, not well understood; this includes the threat of cyber war. Many politicians and experts agree that this risks should be treated with the utmost seriousness, because in the future super-virus attacks will occur much more frequently and on a much larger scale.

There are, currently, few professionals who can create and unleash a truly terrible "cyber-beast" but, in principle, cyber-weapons are sufficiently available that cannot be traced to source, just like work on nuclear weapons, but their production does not require such sophisticated equipment. Moreover, nuclear weapons have been controlled by governments almost from the beginning, and then by international agreements, but no-one knows yet how to effectively regulate the Internet, the different local area networks and the dangers emerging from them.

The recent upsurge of interest in cyber-war and cyber-weapons is linked to the emergence of the super-virus Stuxnet (though there is evidence that Stuxnet has been around for more than a year), whose "march" through computers in different countries (mostly Iranian) caused a worldwide outcry.

Stuxnet (the name comes from keywords hidden in its code) is known as the first cyber-weapon in the world and is the harbinger of a new era - an era of cyber-terrorism, cyber-weapons and cyber-warfare.

For example, Gen, Keith Alexander, head of the new cyber command centre at the Pentagon, said that such a virus could cause "huge damage". This is true, since the Stuxnet worm targets computer systems of key infrastructure facilities - the virus mainly attacks industrial machinery, in particular that used for the management of pipelines and power plants (for example, an oil pipeline control centre).

The worm, which infiltrates computers via USB carriers, uses four vulnerabilities of the Windows operation system, moves forward, seizes control of industrial systems and ultimately destroys them. The problem for the fight against the worm, according to experts is, among other things, the fact that there is seldom an opportunity to compare the virus code with the code of the affected control system at an enterprise, as that is usually a big secret.

It is believed that the malicious Stuxnet code was created specifically to attack Iranian computer systems (60 per cent of hacker attacks with the worm were launched against Iran) responsible for controlling gas pipelines and power plants. What is interesting is that the virus triggers a failure in systems controlling industrial processes created by the German company Siemens to control oil pipelines, power networks and nuclear power plants around the world. These computers are allegedly also used in the Iranian nuclear cycle.

The point is that it was Siemens which began the construction of the Bushehr nuclear plant 40 years ago. The company finally terminated its contracts with Tehran after the introduction and further tightening of sanctions against Iran over that country's reluctance to halt its nuclear programme. The construction of the Bushehr nuclear power plant was completed by Russia's Atomstroyeksport, but Siemens' computer production management system is still used there.

Tehran acknowledged that the malicious code had hit the Siemens system used in the civilian light water nuclear reactor at Bushehr.

It is assumed that the malware infiltrated the very well-known plant through a flash drive, which was somehow slipped to Russian specialists building the reactor.

But who is behind the cyber-attack on Iran? Most experts seem to agree that it was Israel. First, all data indicate that the virus emerged with the sponsorship of a state; not only does it bring no financial benefit to its creators, on the contrary, it demands solid sponsorship investment. Second, in order to develop Stuxnet, it was necessary to have information about the nuclear plant at Bushehr, i.e. intelligence. The motive in this version seems plausible - it is to stall the opening of the Bushehr plant and the general development of Iran's nuclear programme.

In addition, some believe that the word myrtus found in the code of the worm is an indication of its origin. In Hebrew, "myrtle" is hadassah, which is thought to be the real name of Esther, of whom the Old Testament says that she disclosed and prevented a Persian plot against the Jews, and the Stuxnet attack seems to have actually slowed down Iran's nuclear programme.

Although Tehran stated that the "most important systems" at Bushehr were not damaged, reports coming in from Iran say that new versions of the virus are spreading through the country's industrial enterprises. The Iranian authorities stated that the launch of the Bushehr nuclear power plant had been postponed due to a small leak in the cooling pond and was in no way related to the cyber-attack; this, however, seems suspicious in itself...

Meanwhile, a question arises here: are the nuclear facilities in Natanz infected - the well-known Iranian venture to enrich uranium? According to a number of the world's leading news agencies, Stuxnet has damaged a fairly large number of centrifuges at Natanz and, according to The New York Times, the damage caused by the virus attack on Iran's computer networks is comparable with the consequences of an Israeli air force attack.

Meanwhile, there is information that, in addition to Iran, the worm is also entrenched in computers at enterprises in China, Indonesia, Pakistan and India. According to some reports, computers in Germany, Canada and the USA are also infected.

Thus, Stuxnet has clearly demonstrated that it is a threat to many civilian industrial facilities, which originally had much weaker protection than military facilities. In addition to pipeline control systems and power plants, also at risk are communication systems, air and sea transport and many other similar enterprises.

The Financial Times quotes Richard Clarke, who once predicted the terrorist attacks on 11 September 2001, as saying: "Imagine a coordinated attack which incapacitates the energy grid on the eastern coast of America in 15 minutes, mixes up e-mail messages, halts the air traffic control system, causes accidents on rail transport and disables banks and electronic payments systems."

Is it any wonder that the intelligence services of many countries are seriously concerned that terrorists might use a cyber-weapon? It is clear that cyber-attacks could lead to significant casualties, if, for example, the virus triggered a failure in a reactor, or interfered in the work of the flight control centre at a major international airport.

However, even without terrorists, the situation seems bleak, as the "era of cyber-war" is fundamentally changing the well-established approaches to national security in general, when the quantity and quality of weapons, military personnel and even geographical location no longer matter. You can also say goodbye to the images of Stirlitz and James Bond - live spies will be replaced by electronic worms "on the battlefield".

It is worth noting that news reports about cyber-attacks have appeared previously. For example, we know that three years ago this tactic was used by the Israeli army to bomb a secret nuclear power installation that the Syrians were building with North Korean help. It is believed that Russia resorted to cyber-attacks on Georgia ahead of the war in South Ossetia and launched a massive hacker attack on government websites in Estonia in 2007. There were also attacks on German army computers, servers of Google and other companies and US government agencies. It is assumed that most of these attacks came from China and Russia, although in most cases it is practically impossible to establish the attacker.

We should not forget here that cyber-weapons are very tempting in terms of their huge, and still not fully understood, potential. At the same time, it is not known whether a country is ready to defend itself or attack, while cyber-attacks by themselves can cause conflicts between states. It is clear that in the future, no conflict will go without the use of cyber-weapons, because no modern army can now exist without computer networks and software.

Against this background, it is claimed that the US, China, Russia, Germany, South Korea, India, Pakistan, France, Israel and other countries have long since set up divisions responsible for cyber-warfare. For example, in the USA, it is the US Cyber Command. There is information that the most talented hackers are often involved in so-called service. In fact, a kind of "arms race" has already begun in cyberspace, and the soldiers in its ranks are recruited from a variety of sources - ranging from promising students to members of criminal organizations.

In this respect, experts are talking about the urgent need to develop international agreements to regulate cyberspace, as well as a "unified system for the early detection of enemy cyber attacks". European countries and members of NATO are particularly concerned.

Incidentally, NATO's new strategic concept, which should be adopted at the NATO summit in Lisbon in November, provides, among other things, for joint action against cyber attacks. Thus, Paragraph 5 of the NATO Charter, which refers to collective defence, will come into force in the event of Internet attacks.

La Stampa quotes Luciano Zappata, an Italian admiral and deputy head of NATO's Allied Command Transformation, as saying that "risks are projected for all aspects of public life and, thus, affect citizens' interests ". At the same time, many representatives of NATO countries believe that Russia must be a major party to the cyberspace security system that is being created.

Moreover, according to siteua.org, there has been talk that the US, where the Internet is hailed as a national treasure, is preparing legislation that will give Washington the authority to disable the Internet locally anywhere in the world, as well as allowing US intelligence agencies to intercept any type of electronic communications, including email, social networks and Skype. The New York Times writes that the law will force all providers to supply the services with mechanisms to allow access to users' private communications if need be.

As the saying goes, no comment. Welcome to the new world, gentlemen!