Feeds

Do it with spanners – how the Iraq cyber attack will work

Security expert reveals cunning US plans

  • alert
  • submit to reddit

The next step in data security

Updated It was recently revealed that last July President Bush had signed a secret directive covering the development of cyber warfare systems, and providing guidance on their use. We have no idea why, given that it's secret, we've heard of it, but we'll let that pass - clearly, if we're getting the components of cyber warfare in place at this juncture, then we're probably thinking about Iraq.

You can find the Washington Post's take on the directive here,, and last Friday BBC news joined in with some useful 'how it would work' input from DK Matai, chief exec of famous security outfit mi2g. "Iraq has a relatively advanced telecommunications infrastructure," DK told the Beeb, "and any cyber attack could cripple emergency services and prevent both the military and civilians from talking to each other. It would play an important part in shaking citizens' confidence in the government."

Well yes, but how would you cripple it? DK assured the Beeb that the Slammer worm is an excellent example. "The Slammer worm paralysed Korea, disrupted 13,000 ATMs in the US and disabled the emergency services in Seattle," he said. But you might reckon this kind of skips over "how" and gets straight on to "what" - it's pretty easy to see how you deliver a Pentagon-controlled killer Slammer variant to, er, the US and its allies, but as the BBC tells us that Iraq only has 12,000 people online, it's not entirely obvious how you would get it to the country's super-sensitive computer systems.

This was left unresolved in Friday's report, but last night on the BBC's World Tonight programme - hoorah! - they must have decided they liked it so much they'd do it again. The soundbites were so similar that we suspect last night's interview was using the same material, but this time mi2g covered the issue of knocking out the telecoms in a largely non-online state in more detail. And here it comes, folks. As regards Iraq, the US government would have "people on the inside who had been alerted to set certain switches."

So there you go, large numbers of hitherto unknown US agents in Iraqi telephone exchanges, acting in unison with spanners. It's a cyber attack, Jim, but not as we know them... ®

A Clarification

mi2g has contacted us regarding the above article, which it suggests might be misinterpreted by our readers without some clarification. This the company has supplied, and we are of course happy to publish it, although we remain fairly happy with the article as it stands. In mi2g's clarification, note (1) that cyber warfare is defined to include "traditional information warfare", and that NATO has been engaged in this over "the last five decades." So by this definition cyber warfare includes dropping bombs on telephone exchanges, and possibly might even encompass the 1943 attack on the Moehne, Eder, Sorpe and Schwelm Dams. As for (3), a reader points us to the CIA World Fact Book entry for Iraq, calculating that Iraq has 0.028 phone lines per head, compared with South Korea's 2.01. Advanced telecoms depends on where you're standing, we suppose.

Here, however, is what mi2g has to say regarding the BBC interview with company CEO DK Matai:

1. At the start of the interview, cyber warfare was categorically defined to include traditional information warfare which targets ICT (IT, Communications and Telcom services). The traditional information warfare "ICT disabling" doctrine was seen in Serbia in 1999 and in other NATO wars in the last five decades so why would Iraq be any different.
 
2. mi2g has maintained that any threat to critical national infrastructure where a country is paralysed from sustained command and control attacks does require insider help. We also stated that the threat to the West from counter-attack is far greater than to Iraq as evidenced during the NATO-Serbia digital attack & counter-attack.
 
3. When we said that the telecommunications infrastructure of Iraq is relatively advanced we looked at it from a holistic perspective of digital exchanges, microwave links and cellular networks. The very low number of internet connections in Iraq is down to government restrictions and not simply the result of inferior voice/data pipes.
 
4. We also informed the BBC that the most damaging scenario is a blended threat, where critical damage is inflicted through a combined physical and cyber-attack.
 
As you will agree, the article which you have published may be misinterpreted by your readers without some of the clarification mentioned above.

Choosing a cloud hosting partner with confidence

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
JINGS! Microsoft Bing called Scots indyref RIGHT!
Redmond sporran metrics get one in the ten ring
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Murdoch to Europe: Inflict MORE PAIN on Google, please
'Platform for piracy' must be punished, or it'll kill us in FIVE YEARS
Bono: Apple will sort out monetising music where the labels failed
Remastered so hard it would be difficult or impossible to master it again
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.