Cyber bombs, the Russian grid and the threat of war
By Prabir Purkayastha
The NYT
report shows what the doctrine of “deep forward defence” adopted by the US
Cyber Command really is: planting cyber bombs in its opponents’ infrastructure,
leading to grid failures that can paralyse the country.
The United
States Cyber Command has planted “malware” read cyber bombs deep into the
Russian grid, should worry not just the Russian people, but all of us. Taking
down a country’s grid leads to blackouts, and disrupts a country’s vital
infrastructure: communication networks such as metros, railways, airports,
hospitals, telecommunications including cell phones; it can lead to failure of
hydroelectric plants and dams causing devastating floods, nuclear plants’
outages and possible meltdown.
As we have
seen in India, grid failures of the kind we saw in 2012 are major events that
can paralyse any country. The US itself has signalled the importance it
attaches to its electrical grid. In its Nuclear Posture Review, 2018, it made
explicit that any country attacking its grid either physically or with cyber
weapons would face US retaliation including even a nuclear response.
The US
Cyber Command, set up in 2017 as an independent command on par with its
Strategic Command that controls its nuclear weapons, had formulated its
doctrine of “deep forward defence”. The NYT report shows what the doctrine of
“deep forward defence” for what it really is: planting cyber bombs in its
opponents’ infrastructure.
This also
gives credence to what the Venezuelan government had earlier said, that they
were under cyber-attack from the US during Guaido’s attempted coup, and that
had led to repeated grid failures. What exactly is a cyber-bomb and what does
it do to an electrical grid? Most industrial systems and electrical networks
depend on what are called digital controllers for their operations. As most of
these systems are highly automated, these controllers send commands to various
physical equipment for their functions.
This is, by
the way, what happens in our lowly washing machines and in our refrigerators as
well. If malicious software can be injected into these controllers, they can
not only shut down such equipment, but also make them behave in ways that
damage the equipment. And this damage can even cause catastrophic failures.
An example
of this is the Stuxnet, now admitted to be a US-Israeli joint operations
against Iran’s uranium enrichment program. This led to extensive damage of the
Iranian centrifuges in their Natanz uranium enrichment plant, as the Siemens
controllers which were controlling the centrifuges were attacked.
In a more
recent case, in a Saudi Aramco’s petrochemical plant, the Triconex safety
system was infected leading to a plant shutdown. What both these cases show is,
that once state actors get involved, the level of sophistication and complexity
of these weapons make protection a very difficult task. Cyber weapons are not different
from physical weapons as they have the same impact; and unlike other malware,
they cause physical damage and destruction.
Discussions
on cyber weapons and demilitarising the cyber space has been on the United
Nations’ disarmament table for quite some time. Russia and China have demanded
a number of times that the world should have a treaty that bans cyber weapons
and they should be treated differently from viruses, worms and other malware.
In 2011,
Russia and China had proposed a treaty to limit cyber weapons modelled on the
1997 Chemical Weapons Convention that outlawed chemical weapons. This was
followed up by a revised proposal in 2015 by the same countries, asking for a
UN discussion on how to prevent the use of cyberspace for acts of war.
The proposals
were similar to what the world has already achieved in the field of chemical
and biological weapons. No major country today develops such weapons, even
though such weapons are easy to develop and use. And as the cult Aum Shinrikyo,
in its sarin attack in Tokyo subway showed, it can be done in anybody’s
backyard.
The US has
stonewalled any attempt of demilitarising the cyber space. In the UN, a Group
of Governmental Experts set up under the aegis of its Office of Disarmament
Affairs, discussed the Russia-China proposals. The US countered the demand of
demilitarising or de-weaponising the cyberspace, with a demand for free speech
and a completely “open” internet with no restriction by nation states. After
five such UN expert bodies were set up over years and their failure to create a
consensus, the UN has ceased to be a platform for future discussions on
disarming cyberspace.
The Trump
administration is now moving ahead its own strategic vision of cyberspace as a
contested domain, and the need to “defend forward”, presumably the basis of the
decision to plant cyber bombs in the Russian grid. This is not to argue that
the US is the only player that uses or has cyber weapon capability.
Once such
weapons are available, every country will try and develop offensive and
defensive capabilities. Almost every major country is developing these
capabilities. Even non-state actors are involved in developing malware. The
difference is that if a state actor gets involved in developing cyber weapons,
it is almost impossible to defend against such attacks. What countries can do
is only limit the attack, reduce damage and work out how to recover. Why did the
US, and it still does, refuse to demilitarise cyberspace?
After all,
there were the precedents of banning chemical and biological weapons; and also
treaties such as demilitarising outer space. We can blame the US administration
under Trump of being war mongers, but much of this period was under the Bush
and Obama administration. Bruce Schneier, one of the leading security experts
in the US, wrote in 2012, “There’s a common belief within the U.S. military
that cyberweapons treaties are not in our best interest: that we currently have
a military advantage in cyberspace that we should not squander.”
He went on
to say that this was foolish because by its very nature cyber war is asymmetric
it is much easier to attack than to defend, and therefore the US would not only
have no major advantage in defending itself from attacks, but is more
vulnerable. Its infrastructure from physical infrastructure to information and
financial infrastructure is far more networked than most other countries.
The danger
to the world from cyber weapons has become worse, as the US has failed to
protect its cyber weapons and malware developed by National Security Agency
(NSA) and the Central Intelligence Agency (CIA). Two cache of tools and they
are two independent set of tools are now in public domain.
Shadow
Brokers, a criminal group dumped NSA’s tools online. WikiLeaks posted details
of another set of such tools that were created by the CIA, and that have also
been hacked. These tools are far more sophisticated than what criminal groups,
even sophisticated ones can develop on their own. Now criminal gangs and other
state actors have all these tools available for the asking.
After the
leak of NSA and CIA’s cyber weapons, we should be asking the question whether
nation states can really be trusted to develop such weapons? This is what
certain leading companies within the industry Microsoft, Deutsch Telekom and
others had raised in 2017, calling for a new Geneva Convention banning cyber
weapons. Brad Smith, the President of Microsoft, and no peacenik or leftist
wrote, “Repeatedly, exploits in the hands of governments have leaked into the
public domain and caused widespread damage…”
The climate
in the world, particularly in the US is rapidly turning towards war. With
Bolton and Pompeo leading the Trump administration’s charge against Russia,
China and Iran, it is clear the US is unwilling to be only one among major
global players and reconcile with a multipolar world. It wants to regain its
position as the only global power, and a return to a unipolar world.
Trump’s
worldview of threats and blackmail combines with this war lobby to create a
world in which the US is threatening a war on three fronts a shooting war with
Iran, a cyber war with Russia, and a tech-cum-trade war with China. The problem
is not that we have a war-mongering US administration. It is the near silence
of the larger global community and the weakness of global forces for peace that
is the real cause for worry. We only have a delusional US administration, which
seems to live in a post-truth world, teetering on the brink of war with no real
opposition.
‘Courtesy
The New York Times’.
Leave a Reply