At 11:08 a.m., on August 15, Iran stuck the largest Saudi oil firm, Saudi Aramco, with a devastating attack. The attack went unnoticed because that was also a major Islamic holiday and the offices were closed.
A virus, later dubbed "Shamoon" after a word in a line of its code, was set to work by someone with privileged access to the company's computers.
While employees were home preparing for the holiday, Shamoon was erasing data on a full three-quarters of the company's computers.
As Shamoon erased material ranging from documents, to spreadsheets, to random files, it replaced each with the same image of a burning American flag.
Middle Eastern hackers identifying themselves as the "Cutting Sword of Justice" claimed responsibility. However, something didn't seem right about that.
Independent researchers from a private firm in California dissected a sample of the virus and concluded that there were several suspicious elements within the virus designed to confuse and throw investigators off track.
They concluded that the virus originated in Iran and US Intelligence officials agreed after concluding their own assessment.
Among the more suspicious clues was a reference to the Persian Gulf as the "Arabian Gulf." The Iranians insist on calling it the Persian Gulf, however use of the term "Arabian" might throw off investigators and have them looking everywhere but Iran.
Combined with the image of the burning flag and the supposed claim of responsibility, examiners became highly suspicious of Shamoon's true origins.
It was a case of "methinks you doth protest too much."
These were recently described by US officials as a "red herring." However, the actual smoking gun was part of the code itself, known as "wiper." Wiper was the name given to a feature in the Flame computer virus that was used to attack Iran's oil production facilities. It is believed that Flame and an earlier predecessor, Stuxnet, were created by US and Israeli experts to attack Iran.
The inclusion of a virtually identical "wiper" in Shamoon suggests that Iran, which has plenty of copies of Flame, was the author of the new virus.
What all this suggests is that a full-scale cyber-war between the US and Iran, and involving allies throughout the region including Saudi Arabia and Israel, has begun. It also suggests that countries that supposedly lack sophistication, can still manage to make devastating attacks.
If so, then the attack is a wake-up call to American officials and people around the world. It suggests that virtually anybody can strike even the most critical facilities around the globe, without the need for direct violence. Such attacks can be every bit as disruptive as a bomb.
A cyber attack on critical infrastructure can snarl traffic, prevent the movement of critical assets such as water and fuel, and could even drain bank accounts of money. All these things could prove useful to an adversary in a wartime situation.
What civilian bombing did to populations a century ago, cyber warfare threatens to do to us today. It should be enough to give pause and careful consideration to our next moves abroad.
2012, Distributed by NEWS CONSORTIUM.
No hay comentarios:
Publicar un comentario