Highly complex computer viruses developed for the cyberwar
Internet attack: Computer viruses have evolved into modern weapons of cyberwarfare. How can a country protect itself from this threat?
I’M THE CREEPER: CATCH ME IF YOU CAN’. This is how ‘Creeper’, the first computer virus, introduced itself in the early 70s. ‘Creeper’ was able to install itself onto computers within a local network. Aside from its annoying message, it did not cause any damage.
Its successors, however, were much less friendly. Be it ‘Morris’, ‘I loveYou’, ‘Blaster’ or 'Storm', computer viruses delete files, cause computers to crash or install so-called ‘backdoors’, allowing a computer to be operated remotely.
No longer an innocent game
At the dawn of the internet age, inventive hackers developed viruses out of technological curiosity. Nowadays, criminal interest in these programmes has grown. For some time now, it has no longer been just about spying on bank data or technical construction drawings. As government infrastructure is now largely managed by computers, internet attacks even threaten national security. The annoying bugs of yesteryear have evolved into dangerous weapons of cyberwarfare.
Cyberwar against Estonia
Estonia was the first country to fall victim to a large-scale internet attack. In April 2007, the Estonian Government decided to remove a Soviet war memorial from the centre of the capital in spite of numerous protests. As a consequence, there were attacks on various government websites through automatic, recurring requests, something which is known as distributed denial of service (DdoS). For around three weeks, the websites of the Estonian president, parliament and ministries, as well as those of important banks and three of the six main news agencies, were shut down due to overload.
Cyberwar’s mission: sabotage
‘Stuxnet’ was a virus developed in 2010 specifically for cyberwarfare. For the first time, a virus’s purpose was to target and manipulate technical control processes, i.e. supervisory control and data acquisition (SCADA) systems. Stuxnet targeted and sabotaged facilities in the Iranian nuclear programme. As the virus is extremely complex, experts are convinced that only government organisations could be behind something like this. Since then, ‘Duqu’, ‘Flame’ and ‘Gauss’ have been developed as further cyberwar weapons. These are also suspected to have been commissioned by government agencies.
Can cyberattacks be prevented?
There is no protection against these highly complex viruses. Even Germany’s National Cyberdefence Centre, founded in April 2011, does not view its main responsibility as preventing cyberwar attacks. Its purpose is only to analyse attacks that may occur and keep damage to a minimum.
For fear of cyber attacks, some power plant operators do not connect their process control computers to a network. However, this makes software updates difficult, meaning that older viruses can still cause damage to these systems.
It is alarming how vulnerable countries have become to cyberwar attacks. However, as long as operating systems and programmes remain complex and difficult to analyse, it will continue to be impossible to develop effective protection against future spying, DdoS attacks or manipulation.
Activities within the Community