Tuesday, March 27, 2012

The (Cyber) War Scientists

A few weeks ago I finished reading the book "The War Scientists" by Thomas Craughwell. It's a book about the individuals - the Scientists if you will - that invented some of the most significant weapons of war. As you'd expect, the book examines their technologies in combat and impact at the time.

By itself, the book is pretty interesting but only in the capacity of bringing together an Encarta-level of history to the fore.

Despite that, it got me thinking about the "who and what" would be included in such a book if it was to be updated in 20 years or so. Would "Cyber War" be worthy of inclusion, what cyber weapon would make the grade and which individual(s) would be included?

Lets for the moment assume that real, full-on "cyber-war" will occur within the next decade or so, and that the weapons to be used in that war either exist today or are derived directly from technologies (or methodologies) present today. Big assumptions, but hey - in the realm of the possible, anything is probable.

Is there a particular technology - turned weapon of war - that leaps out as a game changer? Likely candidates for many I suppose could include Stuxnet or maybe Metasploit, or perhaps even the MBR rootkit. But to my mind these are all derivatives of older tools and tactics - engineering advancements of someone elses invention.

Would the owner of the mind behind the first vulnerability scanner constitute a "scientist"? (probably not).

The more I think about it, despite a lot of innovation in the cyber arms trade, I don't think that any "game changers" have been made to the public eye yet. Is there an equivalent to the torpedo or mustard gas? Sure, you can draw some comparisons between various malware formats or features if you were so inclined, but where are the one-sided game-changing weapon developments?

You know what, I suspect that some of those cyber-weapon game-changers have already been invented or are being invented right now. Unfortunately (or should that be fortunately?) those weapons haven't been used yet and their inventors aren't likely make headlines sometime after the dust settles.

1 comment:

  1. If a cyber war is ever fought, it will be fought on two battlegrounds simultaneously - speech/propaganda, and malware.

    Speech and propaganda are present in any war, but their influence of any cyber war will be critical, as the ability of Anonymous to call enough supporters to initiate DDoS attacks without botnets can prove.

    Cyber weapons will serve two purposes - recon, and assault.

    Recon weapons will include Duqu and other info stealers
    Assault weapons will include Stuxnet and other malware designed to actually inflict virtual or physical damage.

    Another interesting piece of malware which doesn't seem to be on the radar yet is a piece of Linux malware which seems rather professionally crafted, called Hutizu.

    I've written multiple articles on this malware. Feel free to read and comment.
    http://caffeinesecurity.blogspot.com/search/label/Hutizu

    ReplyDelete