Monday, July 12, 2021

Will any lock ever be good enough?

kw: book reviews, nonfiction, cyberwar, computer hacking

A wag once said, "If we built houses the way we build software, the first woodpecker to come along could destroy civilization." I wrote software for forty years, and I must say, with some chagrin, that I agree.

Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers, by Andy Greenberg makes it clear that the woodpeckers are winning. (To see a fictional forecast of a war with China that includes cyberwar, see the recent book 2034: A Novel of the Next World War, which I reviewed this past May.)

American security analysts use "Sandworm" to refer to the penchant the Russian hacking team initially had for Frank Herbert's Dune novels, as seen in names and comments in their code. Other security groups around the world have different monikers.

The book Sandworm is primarily a history of the damaging cyberwar carried out by this group, and apparently a few other allied groups, plus forays into cyberwar by others, including the US/Israeli team that launched Stuxnet to disable Iran's equipment for preparing bomb-grade uranium. By far the most beleaguered victim of the Sandworm hackers has been the Ukraine. Their computer-connected infrastructure, from electric utilities to the post office, has been attacked repeatedly, leading to blackouts and other disruptions. The author considers Ukraine the test bed for the Russian hackers.

One would think that the nations, or at least the NATO allies, would get together to create and invoke Geneva-Convention-styled measures to "outlaw" cyberwar carried out against civilian populations. When the author questioned a number of security leaders about this, however, the cynical response was that "we" don't want to hobble ourselves from using such measures.

I noticed that it was an American, Mike Assante, who first demonstrated, to Pentagon leaders and others, the capability to destroy a running powerhouse generator using software commands. It was also American (plus Israeli) software that was first used to destroy physical equipment, with the Stuxnet attack. I couldn't avoid the analogy with the first use of nuclear weapons, again by America. I don't like where this is going.

I am puzzled that, in the face of what is known about Russian cyberwar—going on right now—, and Western cyberwar capabilities, the American military seems hell bent on making all our weapons systems Internet-dependent and GPS-dependent. It's like giving a key to your house to "the mob."

About the time I was born the term "fail safe" appeared, and it enjoyed a few decades of popularity. Somehow, it was not much applied to software. Over time, it was changed to "failsafe", and the term is becoming current again, but it did not appear in Sandworm. I don't know how "popular" it is in the Pentagon. One would think that system robustness would be a top priority, particularly for the American military with billions at their disposal. Utilities and others need failsafe systems also, even though their budgets are tiny by comparison.

Bottom Line: All the test cases have been tested, by the Sandworm folks and others. Every red line has been crossed. Software bombs have already been emplaced, almost anywhere a security analyst cares to look. When will the triggers be pulled? It apparently isn't up to us. Fat, Dumb & Happy, that's what we are, with a target front and center on our T-shirts. Not a good feeling.

No comments:

Post a Comment