Cyberwar. When 500 Kb of code is worse than an intercontinental missile

6 min

Hello, Habr! We sincerely congratulate all of the Khabrovites on the Defender of the Fatherland Day! And today we have prepared interesting thematic material.

“War never changes.” I think everyone recognized the intro from Fallout. But is it really so? Indeed, over the past 20 years, the military sphere has changed so much that it has practically nothing to do with the large-scale conflicts of the last century. Today we will talk about modern high-tech elements of military operations – the so-called “cyber war”.

Already during the Cold War between the USSR and the United States, world leaders realized that one mistake on either side would mean not just the beginning of a war, but the almost guaranteed destruction of all mankind, because by 1967 both world powers possessed a total ammunition stock of 40 thousand nuclear charges.

Several times the world literally hung by a thread. It is worth remembering only the false triggering of the Soviet space early warning system “Oko”, which recorded the launch of several rockets from American territory on September 26, 1983. Operative duty officer Stanislav Petrov, who held the position of an analytical engineer, who received a signal from the Oka at the command post, doubted the accuracy of the data. As an engineer, he rightly believed that a computer could be wrong. And its logic is easy to understand. In the event of a war, the Americans would use their entire arsenal rather than launching a couple of missiles from one base. Petrov deliberately violated the instructions and told the commander that the system had been falsely triggered. If the officer on duty had acted according to the instructions, a “retaliation strike” would have immediately followed from the USSR and none of us would have been alive. No one under the age of 37 would ever be born.

Stanislav Petrov, who then saved the entire planet, received only a reprimand. This story was described in detail in the book by David Hoffman “The Dead Hand” – one of the world’s premier books on the Cold War.

Local conflicts were still there. Even more: the superpowers did not hesitate to confront each other in foreign territories. But with the beginning of the fourth industrial revolution, things began to gradually change. Today, the life of ordinary people, business and the state itself is gradually going online. This is fraught with new opportunities – and new dangers. Indeed, today, in order to blow up a power plant, it is not necessary to organize a sabotage and attract special agents. You just need to download the virus.

Hackers – new special agents

2010 marked the beginning of a completely new type of military action – cyber.

In September, it became known that the Stuxnet computer virus caused significant damage to the Iranian nuclear program. This 500 KB worm damaged 1,368 of 5,000 uranium enrichment centrifuges and set Iran’s nuclear program back about two years ago. Once again: 500 kilobytes of assembly code, C and C ++ partially destroyed the infrastructure of the entire country’s nuclear program, which was built over a decade.

In terms of damage, the worm’s effect can be compared to a full-fledged air raid and air attack. But at the same time, there is no risk to the manpower of the attacker and military equipment, no ammunition is wasted. The attack doesn’t need anything other than a piece of code. It has been 10 years since the first bells of cyberwarfare, but it is still unclear how much damage such attacks can cause. Experts are considering the most pessimistic options like detonating nuclear warheads right in the launch silos.

Some experts rate the threat of cyber warfare so high that “it makes them wake up at night.” Indeed, in fact, none of the existing countries has sufficient protection against cyber threats.

There is no reliable cyber defense

Absolutely. While strategic facilities such as nuclear mines and nuclear power plants are fairly well protected, cyberattack capabilities are developing much faster than the skills to defend against them.

In 2013, Iranian hackers successfully attacked the software infrastructure of a small dam in the north of New York. And it was so unexpected that the FBI actually signed up for its helplessness. A Bureau spokesman commented that “if the terrorists tried to take control of the Hoover Dam, they would most likely succeed.”

The destruction of the Hoover Dam or damage to it threatens to flood an area of ​​over 360 sq. km. Suburbs of Las Vegas and dozens of small towns will be affected. And California, Nevada and Arizona will lose a quarter of all energy capacity at once. It would be a colossal catastrophe that would be estimated at billions or even tens of billions of dollars.

For comparison, this is how the Bowman Avenue dam looks like, which was attacked:

It has no strategic value, but at the same time, a successful sabotage showed the United States the danger of cyber war, including for themselves. But that’s not all.

Oddly enough, the Internet of Things is considered one of the main dangers of cyberwar. Indeed, the more devices are connected to the global network, the wider the opportunities to use them to harm. The security of the Internet of Things is so weak that an ordinary kettle, refrigerator, or even a toilet can pose a danger.

It is clear that sensitive facilities do not have access to the network and are guarded much more strictly. But this does not protect against the human factor and multistage sabotage.

Any secure facility has a very complex technical structure. But from time to time they also need technical upgrades. It is practically impossible to control their production at each separate stage – hundreds and thousands of people take part in the creation of software parts. It is easier to infect even a batch of chips at the production stage than it might seem. And if an infected chip gets into the control panel, then in the future it can be used for a cyberattack.

International policy issues

Another serious problem is the state’s response to cyberattacks. There has already been a precedent in history when Israeli forces launched an air strike in response to a cyberattack by Iranian hackers.

In May 2019, the Israeli Air Force destroyed a building in Gaza City that housed the main computing power of Hamas, an organization designated as terrorist in Israel. Note that the airstrike was inflicted on a very residential area.

One of the basic principles of warfare states that the response to an attack must be proportional to the attack itself. But the difficulty lies in the fact that it is impossible to assess a promising threat.

If a satellite can estimate the number of combat units and heavy weapons, as well as their possible targets, then it is impossible to figure out the power and goals of cyber attacks. But even if we consider that the target of cyberattacks can be strategic points like nuclear mines or power plants, such preventive attacks on computer bases are deep in the gray zone and do not correspond to the principles of warfare.

The UN and NATO were supposed to develop international laws for cyber warfare back in 2014. But, as of early 2021, they are still missing. Because it is still unclear how dangerous cyberwar can be and how it can be regulated in general. There are only guidelines that are not legally binding.

In 2013, NATO experts prepared a document entitled Tallinn Cyber ​​Warfare Guide, where in 95 points the rules for conducting military operations using cyberspace were described. In 2017 they were supplemented up to 154 rules

In fact, the 2017 edition of the Guide already covers all or nearly all possible cyberattacks, but is not binding. Enormous legislative and policy work is required to make them mandatory for countries.

Developed countries are developing their own cybersecurity doctrines. But, in fact, these are only internal rules of what to consider as elements of cyber warfare, how to defend against cyber attacks and how to respond to them. A single and generally accepted system is still very far away.

Ordinary citizens often misunderstand what cyber war is. “Talking heads” on the screens and disinformation in the news are only part of politics. The real cyber war will begin at the moment when mobile communications and the Internet disappear overnight and nuclear power plants start to explode together with intercontinental missile silos.

And here it is just worth remembering the statement of Einstein: “I don’t know what kind of weapon they will fight in the Third World War, but in the Fourth they will use stones and sticks”.

Actually, it is high time for the world community to realize that cyber war can be no less dangerous than a full-fledged military clash between states. There are other bridgeheads, other soldiers, other ammunition. But the meaning is the same – the war, unfortunately, never changes. But it is entirely within our power to prevent it. Peace for everyone!

Find out the detailshow to get a Level Up in skills and salary or an in-demand profession from scratch by taking SkillFactory online courses with a 40% discount and a promotional code HABR, which will give another + 10% discount on training:


Leave a Reply