In recent months one of the topics of greatest interest in the international scientific community has been the development of new cyber weapons to use against hostile countries.
What dominates, without any doubt, was the use of viruses and other malware to attack critical infrastructure of the opponents. The Stuxnet case did school, for sure behind its development there are government structures, most likely in the U.S. and Israel.
Why the use of a cyber weapon has proved a winner?
- First, the disclosure of such agents is silenced for the nature of the vulnerabilities that are exploited. The study of new zero-day vulnerability provides a real advantage to those who attack and the related risks of failure of operations is minimal. We consider that attacks perpetrated in this way, because of the anonymous nature of the offense, allow you to circumvent the approval by the world community to a military offensive.
- The costs involved in developing solutions such as that at issue are relatively low compared to other conventional weapons.
- The choice of cyber weapon allows those who use the solution to remain anonymous until military strategies deem it appropriate. The main strategies that use of such malware are mainly aimed at:
- Probing the technological capabilities of the enemy. The ability of an agent to infect enemy structures is symptomatic of inadequate cyber defense strategy that may suggest additional military options.
- Undermine those that are considered critical structures whose operation depends on the opponent's vital functions of the governmental structure of a country.
- No doubt regarding the efficacy of these weapons. Events have proved that they are offensive weapons designed with the intent to infect opposing structures. The cyber weapons can be designed to hit specific targets while minimizing the noise related the usage of the weapon that can result in causing the discovery. The vector of infection can be of various kinds, such as a common USB support, being able to hit a very large number of targets in a small time interval.
But what are the objectives to be attacked with weapons of this kind?
The series is very wide, it is known that through a malware can affect any system in which there is a control component. To cite some examples:
- Industrial control systems, particular concern are those components that oversee the operation of such plant for energy production and delivery of services of various kinds, such as water utilities.
- Systems for territory controls
- Hospitals and government controls
- Communications networks
- Defence systems
I conclude the post with a further information. These days a news has been circulating in some media about the Fujitsu company has subscribed a contract with the Japanese Ministry of Defense developed for a development of a new virus. The news confirms therefore the approach introduced in this article, viruses are used as a weapon inside a cyber strategy.
I cite this example to the uniqueness of the case. This time the project for the virus development should not be but for the offense purpose but for defense.
Regarding the project, for an approximate cost of U.S. $ 2.3 million, appears that Japan is keen to have a tool that seeks out infected computers, hopping from PC to PC, and cleans them up.
The debate on the efficacy of the method adopted is open.