Cyber Weapons
So called cyber weapons are named as such because they are used to fight “enemies.” These weapons can spy on people or cause major damage by either causing direct damage such as overloading a power plant or opening the floodgates of a dam, or denial of service, such as causing an airliner’s controls to shut down or a central bank to make huge bogus transactions.
All of these weapons are software based, and though some are highly sophisticated, they are not magical or so esoteric to the point it takes an army of PhDs and industrial level manufacturing to develop them like the Manhattan project.
What it does take is competence and persistence, two thing highly available to any government, company, group or community on earth.
By competence I mean you need people with a relatively high level of computer systems understanding. These skills are not in abundance but there is plenty talent around. When I say persistence, I mean those willing to do the tedious work of reverse engineering and looking for vulnerabilities, and vigorously testing and refining software. Any company making a software product needs exactly these same skills and they aren’t all geniuses.
The hard part is already done. Vulnerabilities have been unintentionally built into software since day one, and astonishingly, because of lack of concern for security, vulnerabilities continue to be built in to this day.
Nation-state cyber warfare and spying agencies have a couple of things going for them that no one else does. They can legally gain access to systems through the courts and semi-legally through the cooperation of private companies. This is the great power of the NSA, FBI, DHS, and other three letter organizations in the government of the US. Foreign governments do this as well, it’s not just the US.
And lastly, private companies do this too, and you agreed to be spied on when you decided to use their software. Smartphones and tablet computers were designed to collect information from you. Google, Facebook and Apple have more information about you than any government. Should we worry about that?
Posted in Cyber Security by Mark with comments disabled.