Thursday, July 05, 2007

Live Free or Die Hard Underscores Cyberwar Threat

Die Hard 4 scenario more plausible than one might expect

For anyone enamoured with the action film, Live Free or Die Hard must have been hard to resist (although some apparently did, as Ratatoulie nabbed the #1 spot at the box office). In the film, John McClane (Bruce Willis) does what he does best -- killing bad guys.

The film depicts a group of terrorists carrying out a cyberwarfare attack dubbed a "fire sale", wherein a country's transportation, communication and utility infrastructures are disabled. As John McLane's hacker-turned-sidekick Matt Farrel (Justin Long) entones, "everything must go."

Some viewers may be tempted to write off the "fire sale" scenario as the far-fetched fantasy of 30-year-old computer nerds hanging out in their "command centers" in their mothers' basements.

But according to James Dunnigan, in his book The Next Warzone, the cyberwarfare scenario portrayed by the newest Die Hard film may not be all that far fetched.

As the world's most wired -- and Internet-dependent -- country, the United States is a very tempting target for "cyberwarriors" -- be it professional cyberwarriors, crackers (bad-guy hackers), or mere "script kiddies" (hacker wannabes). Add the extent of the United States' dependence on the internet -- virtually any service, private or public sector, is wired to the internet -- and any vulnerabilities quickly become dangerous chincs in a very large suit of armour.

The United States isn't alone in this vulnerability. The threat of cyberwarfare is one that is shared globally.

The great majority of computer users worldwide rely on Microsoft software, which actually turns out to be among the most insecure software available. Add this to the fact that most computer users don't know how to secure their computers to begin with, and a very serious problem quickly emerges.

The insecurity of computers in the hands of the average user is a glaring issue in and of itself. An attack the magnitude of that depicted in Die Hard would, by necessity, have to take advantage of those vulnerabilities. This would be done by hackers planting "zombie" viruses in such computers.

A "zombie" virus would then be activated in two phases: in the first phase, the "zombie" attaches itself to the computer's email programs, attaching itself to all outgoing emails. When those emails are opened by the recipient, the recipient's computer is "bitten" and becomes a "zombie".

In the second phase of activiation, the "zombie" begins to do what it is programmed to do. In the process of planning a "fire sale" attack, numerous "zombie" programs would be at work, all of them designed to do different, sometimes surprising, things.

In The Next War Zone, Dunnigan forwards the following possibility: numerous computers with VOIP-style internet phones are programmed to dial 911 continuously, overloading 911 systems wherever such programs are at work. Sometimes, cyberwar attacks don't disable the system -- they merely turn the system against itself.

A scenario such as this clearly has dire implications -- even life-threatening implications -- for anyone suffering from a critical injury, unable to obtain help. However, it should be noted that this is one of the few scenarios that pose a direct threat to human life. Cyberwarriors can't kill people through computers, though they can cause death and destruction.

One thing seemingly exagerated in Live Free Die Hard is the ability of cyberwarriors to attack the entire system through the internet. Many governments, militaries, and large corporations maintain their own, isolated networks that aren't accessible through the internet. The only way to access such networks -- in order to affect communications and utility infrastructure, as well as obstruct government or corporate operation -- would be to physically access the network from a computer hooked up to it.

In Live Free or Die Hard, this is done, by Mai Lihn (Maggie Q's smoking hot and dangerous cyber terrorist character), when the terrorists attack the power infrastructure. However, earlier in the film, attacks on another isolated network, metropolitan traffic control centers, is perpetrated seemingly from the internet. This wouldn't happen so easily in real life.

There is one caveat to this assertion: isolated networks lull their owners into a false sense of security (literally). Isolated networks fool the owners into believing they control everything going on through that network. However, all it takes is one subverted employee to compromise that entire network. Consider that isolated networks often use far fewer security measures than computers hooked up to the internet, and isolated networks quickly become houses of cards that can be toppled rather easily.

When all of this is considered together, "fire sale" scenarios become all the more likely in a world where a small cyberwar is already underway -- American and Chinese hackers have been testing each other's defences for a number of years now, periodically defacing each other's websites in order to achieve -- and prove -- cyberwar dominance. China has publicly asserted its intention to achieve complete supremacy over cyberspace, much as the United States has over the world's airspace. India is a real player, as well, and many American hackers feel a significant degree of hostility toward immigrant Indian programmers.

Given the magnitude of the threat posed by cyberwarfare, Canada needs a strategy to secure itself against such attacks. It's actually concievable that if no such strategy yet exists, it may already be too late.

The Pandora's box of cyberwarfare has already been opened. There is only one way for Canada to prepare for this threat -- help its citizens secure their own private computers, and develop its own cyberwarfare capacities. Rivalling China's cyberwar capacity should be a goal of the Canadian military. Developing paramilitary cyberwar units (combat units fully trained in cyberwarfare) should be considered as well.

The government should also set new security standards for all software developed in, or marketed in, Canada. Microsoft -- the world's predominant software supplier -- has not been sufficiently compliant in fixing its security issues voluntarily. Legislation may be required to force them to, or forfeit the Canadian market. And while NAFTA and the WTO may try to veto such laws as "artificial trade barriers", there is no reason why the notwithstanding clause of the constitution couldn't be used to protect laws that potentially violate international trade agreements, when there is significant cause.

That's how serious the threat posed by cyberwarfare is. If Canadians don't come up with an appropriate response to this potential threat, then we ourselves may be forced to choose between living free or dying hard.

No comments:

Post a Comment

Post your comments, and join the discussion!

Be aware that spam posts and purile nonsense will not be tolerated, although purility within constructive commentary is encouraged.

All comments made by Kevron are deleted without being read. Also, if you begin your comment by saying "I know you'll just delete this", it will be deleted. Guaranteed. So don't be a dumbass.