Thursday, December 2, 2010

Cyber-espionage At the Crossroads


Aurora and Stuxnet - here to stay
It has been a milestone week in cyber-espionage developments . sounds like out of a spy movie, --  a confession, a killing, and a leaked intelligence cable: Iranian President Mahmoud Ahmadinejad issued a statement that "enemies" of Iran had successfully used software to disrupt centrifuges in Iran's nuclear facility, 

Iran's top nuclear scientist was assassinated, and a U.S. State Department cable obtained by WikiLeaks suggested the Chinese government had ordered the Aurora attack against Google. 

While the attacks on Google, Adobe, Intel, and other U.S. companies earlier this year served as a big wake-up call to Corporate America, the Stuxnet worm shook the SCADA and critical infrastructure industry with a reality check that even physical equipment without Internet access isn't immune to attack. 

Speculation that the Chinese government was somehow behind the Aurora attacks has been rampant since Google in January first revealed it had been hacked. And while Stuxnet was aimed specifically at Siemens' SIMATIC WinCC and PCS 7 systems and appeared to be focused on Iran's nuclear facility, there had been no solid indication whether Stuxnet had successfully executed its mission.
But both cases hit the headlines again this week in a big way: Ahmadinejad acknowledged publicly that "enemy" code disrupted a "limited" number of Iran's centrifuges. He didn't reference Stuxnet by name, but security experts believe he was referring to the now-infamous worm: "They succeeded in creating problems for a limited number of our centrifuges with the software they had installed in electronic parts," he said in a press briefing. "They did a bad thing. Fortunately our experts discovered that and today they are not able [to do that] anymore." 

Operation Aurora also re-emerged in the news, with reports that among the State Department cables leaked by WikiLeaks was one that implicates the Chinese government in the attacks on Google. According to a report in The New York Times, "China's Politburo directed the intrusion into Google's computer systems in that country, a Chinese contact told the American Embassy in Beijing in January, one cable reported. The Google hacking was part of a coordinated campaign of computer sabotage carried out by government operatives, private security experts and Internet outlaws recruited by the Chinese government. They have broken into American government computers and those of Western allies, the Dalai Lama and American businesses since 2002, cables said." 

Adding to the intrigue of the possible Iranian nuclear plant incident, a scientist described as Iran's top Stuxnet expert was killed this week either by a targeted bombing attack or a shooting ambush, according to news reports. Of course, plenty of unanswered questions still remain, and experts say these developments could ultimately be dead ends that can't easily be confirmed. Either way, the Aurora and Stuxnet attacks are classic espionage with a twist. 

No comments: