Cyberwarfare - features of the national war
The cyberwarfare theme (conducting “combat” operations in cyberspace, of which the Internet is a part, but not only it) has been widely discussed in various publications and departments of countries all over the world, becoming as much of a favorite topic as the concept of network-centric wars. warfare). As an educational program, it can be mentioned that the events held within the framework of Cyberwarfare can be divided into informational and technical ones. Technicals, in turn, can be broken down into “offensive” (sabotage), reconnaissance (cyber espionage) and “defensive” (building information security systems). Let us leave aside the topic of information events, recalling only that their essence is that a certain circle of people (the population of the country, for example) would receive a large amount of information (usually falsified or “slightly” refined), a profitable interested party, and not truly objective information. Carrying out such events has long been put on a wide scale - at least look at your TV or news clips on youtube, and then think about who forms this information and how it affects you.
Over the past few years, articles on the topic "Found another sample of cyber-weapon" have not disappeared from the pages of news resources in the field of information security. This situation was triggered by the discovery of the well-known Stuxnet malware in 2010. By cyber-weapon, they usually mean malicious software with the functionality of sabotage and cyber espionage. Sabotage is aimed at disrupting the normal operation of automated production management systems and banking systems (critical infrastructure facilities), which ultimately leads to certain negative consequences in the economy and the social mood of human masses. Cyber espionage involves obtaining confidential information that is used for political, economic and military purposes.
What is good cyber weapons? It is impossible to identify who is behind its creation - this is its main feature. Accordingly, there is no one to make a complaint.
On the other hand, lovers to speculate about cyber-weapons constantly repeat like a mantra that any state that does not possess military might comparable to its political opponents (countries) is able to defeat in cyberwar. For example, Iran took and broke the work of most factories and banks in the US, and take the US and yes. This is all reminiscent of the argument about the free trade in arms - they say, give me a gun and the Gopniks from the neighboring region will no longer beat me. Unfortunately, this is not the case.
First, any state has certain military capabilities, both defensive and offensive. For example, the recent news: US President Barack Obama issued a secret directive allowing the Pentagon to conduct preventive cyber attacks. The directive was signed in mid-October and gives the Pentagon the right to determine the tactics of protecting US information networks from external cyber threats themselves. In accordance with the directive, in order to protect the information networks of the country, the Pentagon received the right to conduct preventive and retaliatory strikes against information systems located in any country in the world if these systems were used to carry out actions that pose a threat to the US information networks. In such conditions, many countries will not risk putting cyber-blows first, in order to receive in response a number of real missiles.
Secondly, any state has certain financial capabilities. And if structures such as the CIA and the NSA can afford to hire hackers for any money and buy any information about new zero-day vulnerabilities, then Iran is unlikely to have such opportunities (despite the proceeds from the sale of oil).
So, the cyberwarfare as a great leveler of chances (as a Colt's revolver) cannot act.
In the wake of interest in cyber-wars, news sites are full of catchy headlines about terrible cyber attacks, not forgetting to mention such examples as a cyber attack on Estonia in 2007 and Georgia in 2008. What are the consequences of these attacks, but for some reason is silent. But everyone remembers the bad country of Russia, where the evil hackers are sitting in hats with earflaps in the snowy snows of Siberia and using the MK-54 micro calculator to conduct cyber attacks on the Pentagon between vodka drinking glasses. This is another example of a successful information operation, only the victims are not Estonia and Georgia.
Experts in the field of information security note that, basically, all the content that relates to information security is taken from foreign sources. That is, we have intelligent writers once or twice and miscalculated. After reading the news for a month or two and comparing them with original sources in English (which, as a rule, are not indicated), you can see how the general background of the news is distorted due to minor changes in favor of “sensationalism.” Well, of course, journalists also like catchy headlines and words of cyberwar, cyber threat and cyber weapons. Keep up with journalists and antivirus companies. This is particularly different for the company Kaspersky Lab, the articles of which on the site securelist.com suspiciously often flash the words Iran and the Middle East.
An example of manipulation - take four sources of the number of infections Stuxnet:
When searching on Google, it is clear that some Internet resources contain initial versions of an article from Eset, where Iran is listed as the main affected country. The same picture is in the Eset “Stuxnet Under the Microscope” report, the link to which somehow disappeared from esetnod32.ru. The company Symantec is not far behind the company Eset, in the report "W32.Stuxnet Dossier" the following figures are given: Iran (58.31%), Indonesia (17.83%), India (9.96%). Analyzing figure 5 from this report, you can determine that the approximate number of infected computers is also equal to 180 thousand, as in Kaspersky Lab, only the distribution is different.
Do you know what it is called? Order it! The company Eset publishes data that are beneficial to it. USA, they show one thing, and the Middle East - another. Naturally, such revelations arouse suspicion - well, as in other trifles, they also lie? Kaspesky Lab is also great, everywhere they see cyber war - you see, and the market will expand in the Middle East.
Russia, by the way, occupies a special position. There are doubts that Russia is taking part in the events taking place in the Middle East military cyber theater. According to Trend Micro's analysis , cybercriminals from the countries of the former USSR create quite high-tech samples of malware , for example, Sality and Zeus. But what is interesting, having such great potential, they do not “climb” into politics, they just earn money from ordinary Internet users. Is this a lack of patriotism or “fear” of serious investigation in the event of an attack on the secrets of a single state? Or maybe Russia has long been keeping the entire Internet under control? I would like to believe.
Over the past few years, articles on the topic "Found another sample of cyber-weapon" have not disappeared from the pages of news resources in the field of information security. This situation was triggered by the discovery of the well-known Stuxnet malware in 2010. By cyber-weapon, they usually mean malicious software with the functionality of sabotage and cyber espionage. Sabotage is aimed at disrupting the normal operation of automated production management systems and banking systems (critical infrastructure facilities), which ultimately leads to certain negative consequences in the economy and the social mood of human masses. Cyber espionage involves obtaining confidential information that is used for political, economic and military purposes.
What is good cyber weapons? It is impossible to identify who is behind its creation - this is its main feature. Accordingly, there is no one to make a complaint.
On the other hand, lovers to speculate about cyber-weapons constantly repeat like a mantra that any state that does not possess military might comparable to its political opponents (countries) is able to defeat in cyberwar. For example, Iran took and broke the work of most factories and banks in the US, and take the US and yes. This is all reminiscent of the argument about the free trade in arms - they say, give me a gun and the Gopniks from the neighboring region will no longer beat me. Unfortunately, this is not the case.
First, any state has certain military capabilities, both defensive and offensive. For example, the recent news: US President Barack Obama issued a secret directive allowing the Pentagon to conduct preventive cyber attacks. The directive was signed in mid-October and gives the Pentagon the right to determine the tactics of protecting US information networks from external cyber threats themselves. In accordance with the directive, in order to protect the information networks of the country, the Pentagon received the right to conduct preventive and retaliatory strikes against information systems located in any country in the world if these systems were used to carry out actions that pose a threat to the US information networks. In such conditions, many countries will not risk putting cyber-blows first, in order to receive in response a number of real missiles.
Secondly, any state has certain financial capabilities. And if structures such as the CIA and the NSA can afford to hire hackers for any money and buy any information about new zero-day vulnerabilities, then Iran is unlikely to have such opportunities (despite the proceeds from the sale of oil).
So, the cyberwarfare as a great leveler of chances (as a Colt's revolver) cannot act.
In the wake of interest in cyber-wars, news sites are full of catchy headlines about terrible cyber attacks, not forgetting to mention such examples as a cyber attack on Estonia in 2007 and Georgia in 2008. What are the consequences of these attacks, but for some reason is silent. But everyone remembers the bad country of Russia, where the evil hackers are sitting in hats with earflaps in the snowy snows of Siberia and using the MK-54 micro calculator to conduct cyber attacks on the Pentagon between vodka drinking glasses. This is another example of a successful information operation, only the victims are not Estonia and Georgia.
Experts in the field of information security note that, basically, all the content that relates to information security is taken from foreign sources. That is, we have intelligent writers once or twice and miscalculated. After reading the news for a month or two and comparing them with original sources in English (which, as a rule, are not indicated), you can see how the general background of the news is distorted due to minor changes in favor of “sensationalism.” Well, of course, journalists also like catchy headlines and words of cyberwar, cyber threat and cyber weapons. Keep up with journalists and antivirus companies. This is particularly different for the company Kaspersky Lab, the articles of which on the site securelist.com suspiciously often flash the words Iran and the Middle East.
An example of manipulation - take four sources of the number of infections Stuxnet:
- Eset, July 2010 , United States (57.71%), Iran (30.00%), Russia (4.09%);
- Kaspersky, July 2010 , India (18307), Indonesia (34138), Iran (14171), Russia (773);
- Kaspersky, September 2010 , India (86258), Indonesia (14010), Iran (11952), Russia (7904), a total of about 180 thousand;
- Eset (Indonesia), September 2010 , Iran (52.2%), Indonesia (17.4%), India (11.3%), Russia (2.1%).
When searching on Google, it is clear that some Internet resources contain initial versions of an article from Eset, where Iran is listed as the main affected country. The same picture is in the Eset “Stuxnet Under the Microscope” report, the link to which somehow disappeared from esetnod32.ru. The company Symantec is not far behind the company Eset, in the report "W32.Stuxnet Dossier" the following figures are given: Iran (58.31%), Indonesia (17.83%), India (9.96%). Analyzing figure 5 from this report, you can determine that the approximate number of infected computers is also equal to 180 thousand, as in Kaspersky Lab, only the distribution is different.
Do you know what it is called? Order it! The company Eset publishes data that are beneficial to it. USA, they show one thing, and the Middle East - another. Naturally, such revelations arouse suspicion - well, as in other trifles, they also lie? Kaspesky Lab is also great, everywhere they see cyber war - you see, and the market will expand in the Middle East.
Russia, by the way, occupies a special position. There are doubts that Russia is taking part in the events taking place in the Middle East military cyber theater. According to Trend Micro's analysis , cybercriminals from the countries of the former USSR create quite high-tech samples of malware , for example, Sality and Zeus. But what is interesting, having such great potential, they do not “climb” into politics, they just earn money from ordinary Internet users. Is this a lack of patriotism or “fear” of serious investigation in the event of an attack on the secrets of a single state? Or maybe Russia has long been keeping the entire Internet under control? I would like to believe.
')
Source: https://habr.com/ru/post/160937/
All Articles