Tuesday, October 05, 2010

High-end cyber weapon

So someone has written and deployed a very complex, mutating malware weapon designed to damage or destroy specific infrastructure equipment.

Stuxnet

There are a number things about the escalating level of cybenetic attacks taking place that worry me.

1) It's a form of combat taking place in civilian environs around the world. It's playing out in banks, power grids, as well as in several nations' national industrial infrastructure.

2) Insanely enough, major infrastructure devices here in the US are accessible via the internet. Power plants, dams, oil derricks, ATM networks, emergency service systems, have all been infiltrated, in a few instances attacked. A coordinated attack several regional power networks or dams could result in physical damage and major economic losses that would take months if not years to recover from. Amazingly, the private sector continues to drag its feet and resist taking steps to protect critical systems.

3) It's difficult to distinguish criminal activity from espionage or military attacks

3) It's extremely easy for events to escalate. An incident between two nation-states can quickly result in attacks by nationalist civilian hackers on each side.

4) Once malware is out on the internet it can spread quickly to non-targeted systems

No comments: