Feeds

Do it with spanners – how the Iraq cyber attack will work

Security expert reveals cunning US plans

  • alert
  • submit to reddit

The Essential Guide to IT Transformation

Updated It was recently revealed that last July President Bush had signed a secret directive covering the development of cyber warfare systems, and providing guidance on their use. We have no idea why, given that it's secret, we've heard of it, but we'll let that pass - clearly, if we're getting the components of cyber warfare in place at this juncture, then we're probably thinking about Iraq.

You can find the Washington Post's take on the directive here,, and last Friday BBC news joined in with some useful 'how it would work' input from DK Matai, chief exec of famous security outfit mi2g. "Iraq has a relatively advanced telecommunications infrastructure," DK told the Beeb, "and any cyber attack could cripple emergency services and prevent both the military and civilians from talking to each other. It would play an important part in shaking citizens' confidence in the government."

Well yes, but how would you cripple it? DK assured the Beeb that the Slammer worm is an excellent example. "The Slammer worm paralysed Korea, disrupted 13,000 ATMs in the US and disabled the emergency services in Seattle," he said. But you might reckon this kind of skips over "how" and gets straight on to "what" - it's pretty easy to see how you deliver a Pentagon-controlled killer Slammer variant to, er, the US and its allies, but as the BBC tells us that Iraq only has 12,000 people online, it's not entirely obvious how you would get it to the country's super-sensitive computer systems.

This was left unresolved in Friday's report, but last night on the BBC's World Tonight programme - hoorah! - they must have decided they liked it so much they'd do it again. The soundbites were so similar that we suspect last night's interview was using the same material, but this time mi2g covered the issue of knocking out the telecoms in a largely non-online state in more detail. And here it comes, folks. As regards Iraq, the US government would have "people on the inside who had been alerted to set certain switches."

So there you go, large numbers of hitherto unknown US agents in Iraqi telephone exchanges, acting in unison with spanners. It's a cyber attack, Jim, but not as we know them... ®

A Clarification

mi2g has contacted us regarding the above article, which it suggests might be misinterpreted by our readers without some clarification. This the company has supplied, and we are of course happy to publish it, although we remain fairly happy with the article as it stands. In mi2g's clarification, note (1) that cyber warfare is defined to include "traditional information warfare", and that NATO has been engaged in this over "the last five decades." So by this definition cyber warfare includes dropping bombs on telephone exchanges, and possibly might even encompass the 1943 attack on the Moehne, Eder, Sorpe and Schwelm Dams. As for (3), a reader points us to the CIA World Fact Book entry for Iraq, calculating that Iraq has 0.028 phone lines per head, compared with South Korea's 2.01. Advanced telecoms depends on where you're standing, we suppose.

Here, however, is what mi2g has to say regarding the BBC interview with company CEO DK Matai:

1. At the start of the interview, cyber warfare was categorically defined to include traditional information warfare which targets ICT (IT, Communications and Telcom services). The traditional information warfare "ICT disabling" doctrine was seen in Serbia in 1999 and in other NATO wars in the last five decades so why would Iraq be any different.
 
2. mi2g has maintained that any threat to critical national infrastructure where a country is paralysed from sustained command and control attacks does require insider help. We also stated that the threat to the West from counter-attack is far greater than to Iraq as evidenced during the NATO-Serbia digital attack & counter-attack.
 
3. When we said that the telecommunications infrastructure of Iraq is relatively advanced we looked at it from a holistic perspective of digital exchanges, microwave links and cellular networks. The very low number of internet connections in Iraq is down to government restrictions and not simply the result of inferior voice/data pipes.
 
4. We also informed the BBC that the most damaging scenario is a blended threat, where critical damage is inflicted through a combined physical and cyber-attack.
 
As you will agree, the article which you have published may be misinterpreted by your readers without some of the clarification mentioned above.

Build a business case: developing custom apps

More from The Register

next story
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
Sonos AXES support for Apple's iOS4 and 5
Want to use your iThing? You can't - it's too old
Amazon says Hachette should lower ebook prices, pay authors more
Oh yeah ... and a 30% cut for Amazon to seal the deal
Philip K Dick 'Nazi alternate reality' story to be made into TV series
Amazon Studios, Ridley Scott firm to produce The Man in the High Castle
Too many IT conferences to cover? MICROSOFT to the RESCUE!
Yet more word of cuts emerges from Redmond
Joe Average isn't worth $10 a year to Mark Zuckerberg
The Social Network deflates the PC resurgence with mobile-only usage prediction
Chips are down at Broadcom: Thousands of workers laid off
Cellphone baseband device biz shuttered
Feel free to BONK on the TUBE, says Transport for London
Plus: Almost NOBODY uses pay-by-bonk on buses - Visa
Twitch rich as Google flicks $1bn hitch switch, claims snitch
Gameplay streaming biz and search king refuse to deny fresh gobble rumors
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.