Cyber Attacks – Not Your Grandpa’s Weapon
Throughout the development of computers and later the internet, cyber warfare has been a growing topic of interest. The term was coined in 1996 and describes the possible attacks by nations using sophisticated viruses that infect targeted computers and execute a programmed purpose. Such a purpose could range from causing economic turmoil to seizing valuable data from government information servers. In addition to land, sea, aviation, and space, cyberspace is the fifth dimension to become included in the realm of warfare. Due to its relatively recent conception and the relentless pace of technological improvement around the world, there is little consensus on how to deal with it. Governments know they have to protect against the threat of a cyber attack, but they’re not sure how to do it.
In June, researches at the anti-virus firm Kaspersky Lab announced that they discovered what they call, “perhaps the most sophisticated piece of malicious software ever designed”. Dubbed Flame, it is the latest in a string of highly sophisticated viruses that targets the middle east, specifically Iran. Unlike its predecessors focused on wreaking havoc on Iran’s nuclear operations, Flame has been sneaking onto the computers of high ranking Iranian government officials. Although discovered in June, Flame has been snooping for at least two years now. It uses USB sticks as a vehicle for infection by hopping on and then off onto other computers. Whoever is behind Flame also created the function to selectively choose which computers to infect at their discretion. It’s ability to spread and acquire targets so effectively mirrors the concepts we learned about general network structure and development.
In this example, let nodes represent computers and ties represent that the two shared an infected USB stick. We can designate strong or weak ties based on whether or not those running Flame “okayed” the proposed infection. Furthermore, the ties can have a direction signifying which computer infected which. This would mean that only successful infections (strong ties) will have arrows. This illustrates the purposeful growth of the network. All the usual factors of networks are at play except for the Strong Triadic Closure Property. The network initially started as a single node when the first computer was infected. From there, it grew into a large component growing in the suspected direction of the targets. In this component, there are computers that by purpose share lots of USB’s. In addition USB’s tend to stick within certain groups such as social and work-related. Each node only has a single strong tie pointing at it because once a computer is already infected, there’s no motive to infect it again. Once a computer shares a usb with a computer from a different potential component of computers, which represents a separate group of interacting computers, a local bridge is formed. This creates a second strong tie yet the Strong Triadic Closure property does not hold true. This can simply be attributed to the fact that computers share usbs in components as mentioned before. Once a bridge is formed between two components, it is unlikely that the USB will return to the previous component. This once again aids the rampant growth that Flame seeks. It should also be noted that the one of the aspects of a surveillance virus is its resistance to being detected. The lack of a Strong Traidic Closure Property in this network fortifies this notion as the fewer unnecessary ties there are, the better.
The bridges that connect components as well as the lack of a Strong Triadic Closure Property are the most crucial aspects to the virus’s infection network. The bridges connect the initial component to various other potential components waiting to be infected. The lack of the Strong Triadic Closure Property helps it avoid detection as a less interconnected network means less contact between nodes. Through these manners, Flame spreads like wild fire at night.
-Greg Zalevsky
Sources:
–http://www.cnn.com/2012/05/29/tech/web/iran-spyware-flame/index.html
Interestinging how a simple usb-stick eventually can be used as a weapon