Support 100 years of independent journalism.

  1. Politics
12 October 2010updated 27 Sep 2015 2:11am

Know thy meme-ny

Look closely and the nature of global cyber-warfare is changing dramatically.

By Rob Higson

A number of governments are battling against an evolving type of cyber-warfare, incidences of which have been appearing increasingly across the world.

It’s hard when discussing such trends not to evoke images of global conspiracies, the dark underbellies of spy networks or the hunt for the “smoking USB”.

Recent events around the globe, however, have demonstrated that it’s a threat that many governments are taking more and more seriously.

Two weeks ago, the Iranian government confirmed that its ongoing nuclear programme had been infected deliberately by a complex and damaging computer virus, which some have, not unhyperbolically, called the “first cyber superweapon”.

Sign up for The New Statesman’s newsletters Tick the boxes of the newsletters you would like to receive. Quick and essential guide to domestic and global politics from the New Statesman's politics team. The best of the New Statesman, delivered to your inbox every weekday morning. The New Statesman’s global affairs newsletter, every Monday and Friday. A handy, three-minute glance at the week ahead in companies, markets, regulation and investment, landing in your inbox every Monday morning. Our weekly culture newsletter – from books and art to pop culture and memes – sent every Friday. A weekly round-up of some of the best articles featured in the most recent issue of the New Statesman, sent each Saturday. A weekly dig into the New Statesman’s archive of over 100 years of stellar and influential journalism, sent each Wednesday. Sign up to receive information regarding NS events, subscription offers & product updates.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy

Mehr, the Iranian state news news agency, reported that the IP addresses of over 30,000 computers had been infected by the rapacious “Stuxnet” virus, which attacks plants and large-scale industrial systems, first discovered in late June.

The origins of the virus are as yet unknown. Estimates suggest a high level of sophistication and thus state involvement – that it took a team of eight to ten people six months to create, for example.

Some have suggested that it might have originated amid ongoing tensions between China and India, originally developed in the People’s Republic in a bid to attack its neighbour’s systems. The Iranian Foreign Ministry has suggested that blame lay with “Western states”.

Iran, however, was not the only country to have been affected. A subsequent analysis by Symantec, the computer security firm, found that 60 per cent of infected machines were in Iran, 18 per cent in Indonesia and 8 per cent in India. News from Beijing indicates that millions of computer users in China have also been affected.

The European Union’s cyber security agency – the European Network and Information Security Agency (ENISA) – said on Thursday that these events marked a “paradigm shift” in terms of the importance of the attacks for future security and how they might be likely to be repeated in the future.

The events were the latest in a wider series of deliberate cyber attacks which stretch back a number of years.

Only in August this year, the Pentagon confirmed that, in a similar attack two years ago, memory sticks which had been placed in the washrooms of a US military base in the Middle East had been deliberately infected with a computer worm which attacked the operating computer systems of US forces when opened by curious military personnel.

This comes almost two and a half years after Estonia endured a three-week wave of cyber attacks — or “Clickskrieg” as it is occasionally known — which engulfed the country’s banks, parliament and government ministries. In March the following year, members of a Russian backed youth-movement claimed responsibility for the attack.

And it goes on and on.

Today, NATO announced that it aims to spend almost €1bn over the next two years in attempts to address such “increasingly sophisticated” attacks.

Yesterday, official figures from the Austrailian military has revealed a 230 per cent increase in cyber attacks with, it suggests, evidence that “dozens” of countries are involved.

As a result, governments around the world are shifting security priorities and resources towards cyber-crime.

Coincidentally, the European Commission announced yesterday its intention to create a new directive, adding to a 2005 framework decision, to prevent against cyber crimes.

This includes: the penalisation of the use of as malicious software; the introduction of “illegal interception” of information systems as a criminal offence; and the creation of a basic obligation to collect basic data on cyber crimes. As a result of the Lisbon Treaty taking effect, the legislation to do this will no longer need to be approved unanimously by the EU Council of Ministers. It can now be adopted by a simple majority of Member States at the Council together with the European Parliament.

The UK government is also waking up. It has now set up the Office of Cyber Security (OCS) in the Cabinet Office, and a multi-agency Cyber Security Operations Centre (CSOC) at GCHQ in Cheltenham.

As Dr Paul Cornish, Professor of International Security at Chatham House recently observed, our society is increasingly dependent upon a globalised communications infrastructure. With this dependence brings great vulnerability.

It is anticipated that the next major “leap” in this trend will occur when quantum cryptanalysis technology is first developed. Such technology would make it possible to crack virtually any encryption in very short periods of time. At the same time, computer scientists are racing towards developing quantum cryptography technology, which would prevent communications from being intercepted.

Given the ability of just a few individuals to disrupt entire networks and command systems, one might recall the eerie prescience of Sun Tzu’s dictum that “the supreme art of war is to subdue the enemy without fighting”.

You can follow Rob Higson on Twitter.