Iran on ‘Fire’
Austin Lagomarsino | Friday, September 14, 2012
When most of us think about getting hacked, we usually think of leaving our Facebook open and having someone post offensive statuses for all our friends to see. But imagine if it were left wide open for someone more sinister than your roommates. Imagine if someone could access all of your conversations: They could see who you are talking to, when you were talking and what you were talking about. But even worse, imagine if the hack had come from code written by a malicious hacker intent on using that information against you. Now imagine it isn’t you we are talking about, but Iran, and it isn’t your Facebook account, but the critical, secret communication logs of the nation’s nuclear program. This is the reality Iran’s fledgling nuclear program had to face this summer when Flame struck their systems.
Flame is the most advanced attack code ever seen, and it was deployed by an unknown entity on the Iranian facilities this summer. Flame recorded all data flow into, out of and inside of the facilities it was deployed against. In essence, it allowed the user to view all communications and information regarding the facility.
The code for Flame is very similar to that of Stuxnet, the first cyber-weapon successfully deployed. Stuxnet was also deployed against Iran in the summer of 2010. Stuxnet targeted the Uranium enrichment facilities and was secretly deployed from multiple servers to avoid tracking. After being uploaded into the facility, Stuxnet burrowed into the hardware and began to wait. When the target was confirmed, it began an attack on the infrastructure of the enrichment facility. Upon activation, the code started spinning the nuclear centrifuges at increasing speeds. When the angular momentum reached a certain point, Stuxnet stopped the drive shafts, causing the shaft to shear and break. To make the attack even more devastating, the code also ensured that the various sensor arrays continued to report that nothing was wrong. When the code was discovered, the facility was forced to shut down until every trace of the virus could be removed, delaying Iran’s nuclear program for months.
Stuxnet and Flame are also highly sophisticated in the way they chose targets: They would exploit zero-days, or loopholes, in the systems, customize in order to avoid detection, and then become active. However, the programs would only target specific systems, notably Siemens systems running certain processes. Since the combination of criteria is only found in the Iranian facilities, it is understood that these are targeted weapons.
The question is: Who is pulling the trigger?
Due to the intensive secrecy of the code and the method of deploying the attack from a chain of unrelated servers, no one knows where the attack came from, and no one has yet come forth. Most experts theorize the code was written by the United States and Israel, under Operation Olympic Games (the United States’ covert cyber-warfare program), because of the incredibly high level of complexity. In addition, Flame is equipped with a kill-command, where upon discovery it immediately wipes itself out and deletes all traces that it ever existed in the system.
Even more frightening is the fact the code is now open source on the internet. If you desired, you could download the script, edit it to assign new processes and new targets (electrical grids, oil rigs and other infrastructure) and then redeploy it. This means should the wrong people begin to edit it, there could be vast repercussions.
Flame and Stuxnet heralded in a new era of warfare: Suppose your enemy is developing a nuclear weapons facility on its soil. Traditionally, you would have to initiate a physical attack against the facility, which would result in loss of life, cause political blowback and likely launch an international conflict. Now imagine that you could secretly deploy a code that would render the facility equally inoperable without the aforementioned consequences. The new face of warfare redefines national security and introduces a new weapon that the traditional defenses of gates, guards and guns are useless against.
The popular culture fascination with cyber-warfare already has a solid following, from films like Live Free or Die Hard to the forecasted plot of Black Ops II. These seemingly science fiction concepts are quickly becoming a reality. With the increasing dependence on computers and technology today for everything from infrastructure to finances, these attacks are only going to become more devastating in the future.
Austin Lagomarsino is a junior aerospace engineering major. He can be reached at firstname.lastname@example.org
The views expressed in this column are those of the author and not necessarily those of The Observer.