Support 100 years of independent journalism.

  1. Politics
12 October 2010updated 27 Sep 2015 2:11am

Know thy meme-ny

Look closely and the nature of global cyber-warfare is changing dramatically.

By Rob Higson

A number of governments are battling against an evolving type of cyber-warfare, incidences of which have been appearing increasingly across the world.

It’s hard when discussing such trends not to evoke images of global conspiracies, the dark underbellies of spy networks or the hunt for the “smoking USB”.

Recent events around the globe, however, have demonstrated that it’s a threat that many governments are taking more and more seriously.

Two weeks ago, the Iranian government confirmed that its ongoing nuclear programme had been infected deliberately by a complex and damaging computer virus, which some have, not unhyperbolically, called the “first cyber superweapon”.

Select and enter your email address Quick and essential guide to domestic and global politics from the New Statesman's politics team. The New Statesman’s global affairs newsletter, every Monday and Friday. Your new guide to the best writing on ideas, politics, books and culture each weekend - from the New Statesman. A weekly newsletter helping you fit together the pieces of the global economic slowdown. A newsletter showcasing the finest writing from the ideas section, covering political ideas, philosophy, criticism and intellectual history - sent every Wednesday. The New Statesman’s weekly environment email on the politics, business and culture of the climate and nature crises - in your inbox every Thursday. Sign up to receive information regarding NS events, subscription offers & product updates.
  • Administration / Office
  • Arts and Culture
  • Board Member
  • Business / Corporate Services
  • Client / Customer Services
  • Communications
  • Construction, Works, Engineering
  • Education, Curriculum and Teaching
  • Environment, Conservation and NRM
  • Facility / Grounds Management and Maintenance
  • Finance Management
  • Health - Medical and Nursing Management
  • HR, Training and Organisational Development
  • Information and Communications Technology
  • Information Services, Statistics, Records, Archives
  • Infrastructure Management - Transport, Utilities
  • Legal Officers and Practitioners
  • Librarians and Library Management
  • Management
  • Marketing
  • OH&S, Risk Management
  • Operations Management
  • Planning, Policy, Strategy
  • Printing, Design, Publishing, Web
  • Projects, Programs and Advisors
  • Property, Assets and Fleet Management
  • Public Relations and Media
  • Purchasing and Procurement
  • Quality Management
  • Science and Technical Research and Development
  • Security and Law Enforcement
  • Service Delivery
  • Sport and Recreation
  • Travel, Accommodation, Tourism
  • Wellbeing, Community / Social Services
Visit our privacy Policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications.

Mehr, the Iranian state news news agency, reported that the IP addresses of over 30,000 computers had been infected by the rapacious “Stuxnet” virus, which attacks plants and large-scale industrial systems, first discovered in late June.

The origins of the virus are as yet unknown. Estimates suggest a high level of sophistication and thus state involvement – that it took a team of eight to ten people six months to create, for example.

Some have suggested that it might have originated amid ongoing tensions between China and India, originally developed in the People’s Republic in a bid to attack its neighbour’s systems. The Iranian Foreign Ministry has suggested that blame lay with “Western states”.

Iran, however, was not the only country to have been affected. A subsequent analysis by Symantec, the computer security firm, found that 60 per cent of infected machines were in Iran, 18 per cent in Indonesia and 8 per cent in India. News from Beijing indicates that millions of computer users in China have also been affected.

The European Union’s cyber security agency – the European Network and Information Security Agency (ENISA) – said on Thursday that these events marked a “paradigm shift” in terms of the importance of the attacks for future security and how they might be likely to be repeated in the future.

The events were the latest in a wider series of deliberate cyber attacks which stretch back a number of years.

Only in August this year, the Pentagon confirmed that, in a similar attack two years ago, memory sticks which had been placed in the washrooms of a US military base in the Middle East had been deliberately infected with a computer worm which attacked the operating computer systems of US forces when opened by curious military personnel.

This comes almost two and a half years after Estonia endured a three-week wave of cyber attacks — or “Clickskrieg” as it is occasionally known — which engulfed the country’s banks, parliament and government ministries. In March the following year, members of a Russian backed youth-movement claimed responsibility for the attack.

And it goes on and on.

Today, NATO announced that it aims to spend almost €1bn over the next two years in attempts to address such “increasingly sophisticated” attacks.

Yesterday, official figures from the Austrailian military has revealed a 230 per cent increase in cyber attacks with, it suggests, evidence that “dozens” of countries are involved.

As a result, governments around the world are shifting security priorities and resources towards cyber-crime.

Coincidentally, the European Commission announced yesterday its intention to create a new directive, adding to a 2005 framework decision, to prevent against cyber crimes.

This includes: the penalisation of the use of as malicious software; the introduction of “illegal interception” of information systems as a criminal offence; and the creation of a basic obligation to collect basic data on cyber crimes. As a result of the Lisbon Treaty taking effect, the legislation to do this will no longer need to be approved unanimously by the EU Council of Ministers. It can now be adopted by a simple majority of Member States at the Council together with the European Parliament.

The UK government is also waking up. It has now set up the Office of Cyber Security (OCS) in the Cabinet Office, and a multi-agency Cyber Security Operations Centre (CSOC) at GCHQ in Cheltenham.

As Dr Paul Cornish, Professor of International Security at Chatham House recently observed, our society is increasingly dependent upon a globalised communications infrastructure. With this dependence brings great vulnerability.

It is anticipated that the next major “leap” in this trend will occur when quantum cryptanalysis technology is first developed. Such technology would make it possible to crack virtually any encryption in very short periods of time. At the same time, computer scientists are racing towards developing quantum cryptography technology, which would prevent communications from being intercepted.

Given the ability of just a few individuals to disrupt entire networks and command systems, one might recall the eerie prescience of Sun Tzu’s dictum that “the supreme art of war is to subdue the enemy without fighting”.

You can follow Rob Higson on Twitter.