Why Online Attacks By Nations Are Problematic: Enemies Can Learn From Your Digital Weapons, Then Turn Improved Versions Against You

from the that's-awkward dept

Last month, we wrote about a great discussion between Edward Snowden and Bruce Schneier that explored how offensive and defensive operations by national intelligence agencies had changed as they moved online, becoming much more intertwined. A new Snowden leak published by The Intercept confirms that the situation is even more complex, because adversaries can learn from digital attacks directed against them to create even better weapons, which they then use to counterattack:
The NSA is specifically concerned that Iran's cyberweapons will become increasingly potent and sophisticated by virtue of learning from the attacks that have been launched against that country. "Iran’s destructive cyber attack against Saudi Aramco in August 2012, during which data was destroyed on tens of thousands of computers, was the first such attack NSA has observed from this adversary," the NSA document states. "Iran, having been a victim of a similar cyber attack against its own oil industry in April 2012, has demonstrated a clear ability to learn from the capabilities and actions of others."
That's because, unlike traditional physical weapons used against enemy infrastructure, digital versions are not generally destroyed during an attack. One of their big advantages is that once they have infiltrated and infected a target system, they can continue to carry out surveillance or attacks over a long time period. But that also means they may eventually be discovered -- especially if they leak out -- allowing them to be studied and improved in a way generally not possible with traditional weapons. Those new versions can then be directed elsewhere, including against the original attacker.

So intelligence agencies find themselves in a difficult position. The more they carry out attacks using digital weapons, and the more sophisticated those tools, the greater the likelihood that adversaries will detect them, adapt them and then turn them back against the country that deployed them. It's probably too much to hope that this may cause such weapons to be used more sparingly....

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Filed Under: counterattacks, cybersecurity, digital weapons, iran, nations, nsa, online attacks


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    rexfred (profile), 5 Mar 2015 @ 10:01pm

    So, eventually we arrive at a stasis wherein attack, counter attack happens so quickly that actual penetration becomes non-productive? Sort of a Loop de Loo.Bring on the Q computor.

    reply to this | link to this | view in chronology ]

  • icon
    Uriel-238 (profile), 5 Mar 2015 @ 10:35pm

    And Uriel goes on another anecdote that is strangely applicable.

    One of my favorite parts of the Monkey Island games (specifically one and three) was the insult swordfighting bit.

    As Guybrush (yes, that was his name learns to fight with a sword, it's established that in the Errol Flynn tradition, the insults and quippy responses that opponents make at each other are what really determine the outcome of a fight.

    So you walk up and down the roads of Melee island looking for people to duel. And you rapidly realize that there's so many more insults and quips than the couplet that you were given (something about dairy farmers and cows).

    But each time you were caught blindsided by a new insult, that insult became yours. Same with the responses, until you knew more than any pirate on the island.

    Except maybe the Sword Master.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 5 Mar 2015 @ 11:22pm

    And it's taken this long to realize this? Guess what? When I first heard of Stuxnet, I was saying then that they had just handed a weapon to their enemy. It might be 4 or 5 years before they understood completely the complexity of how it functioned but sooner or later they were going to see those methods again. No brain surgeon required on this. It's friggin' common sense (no matter how rare that might be today).

    Notice that we have pretty much the same set up as MADD. No one but government has any protection if there is some to be had. Everyone else on the internet is up to be the victim. Helped out no doubt by the NSA that loves to get zero days to exploit but doesn't share with the companies where the bugs are to fix them. That means everyone else is open to attack and it has been engineered this way very much on purpose.

    Considering how much of our infrastructure relies on computer hardware and software, should such go down, it's not going to be pretty. Imagine how you would feel to go get a shower only to find out the shower and toilet doesn't work because there is no water, the water heater element is burned out because the water level dropped and then the electricity quit. So you go to get parts to fix the frigging water heater only to find the hardware store is sold out of those elements and they have no idea when the next shipment will be because the phone doesn't work and they can't send an order in because the computer is trashed. There are cars stacked up in the intersections wrecked, because the red lights are out and the grocery store can't take your credit card for the same reason that the computer network is down. You best get them groceries in three days before they are completely out of everything because until the next shipment comes in there's nothing else to buy.

    Sounds like a grand defense plan don't it?

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 6 Mar 2015 @ 1:24am

      Re:

      Dont worry, im sure those private companies who do important things care about their security and will not try to save money on it.
      lol jk, real cyber 9/11 will happen soon and they will not be able to stop it. Certainly not with the current methods.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Mar 2015 @ 12:21am

    Hubris...

    There's another message hiding in there: NSA considers it newsworthy that the enemy have learned from their attack.

    I'm not sure what's worse, the hubris or the foolishness displayed.

    reply to this | link to this | view in chronology ]

    • icon
      DaveHowe (profile), 7 Mar 2015 @ 2:34am

      Re: Hubris...

      This is the same thinking that gives you the idea of a "golden key" - A backdoor (sorry, "Framework") that weakens people's privacy, but is magically only usable by one government's TLAs, because China immediately asking for a copy of the key "because terrorism" is of course unreasonable and requires a presidential statement to that effect....

      reply to this | link to this | view in chronology ]

  • icon
    Derek Kerton (profile), 6 Mar 2015 @ 2:38am

    "That's because, unlike traditional physical weapons used against enemy infrastructure, digital versions are not generally destroyed during an attack"

    Also, things like cruise missiles, stealth bombers, and nukes are very, very expensive and have a high marginal cost of production. We can also see their physical production sites from the air, and target them before they are complete.

    OTOH, digital attack tools are largely made of code, and much like an MP3, have a low marginal cost of production, and can be created in somebody's mom's basement.

    reply to this | link to this | view in chronology ]

  • identicon
    Rich Kulawiec, 6 Mar 2015 @ 2:48am

    Consider the Internet of Things

    Or as I think it's more properly called, The Internet of Bots (because nobody hyping this has even made a cursory attempt to consider the massive security and privacy implications). Deployment has already started, and any adversary worthy of the title is busy figuring out how to exploit the surveillance and sabotage capabilities it promises.

    reply to this | link to this | view in chronology ]

  • icon
    jsf (profile), 6 Mar 2015 @ 6:48am

    Nothing New

    This concept is what the classic "military industrial complex" of Eisenhower fame is all about. Once you use or show your latest weapon it will be copied and/or countered. Which in turn means you need a bigger, better, newer weapon. Of course the for profit contractors are more than happy to help build those new weapons, and of course now sell the older stuff to anyone in the world willing to pay for them.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Mar 2015 @ 7:00am

    If you had'nt created them

    If you had focused on defence

    Now....were just fucked

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Mar 2015 @ 7:56am

    Isn't this basically true of any type of weapon and attack? I mean once you use something knew, everyone else (including the target) goes, "Oh, I see what you did there. Cute. I'm going to figure out how to do that too." It doesn't matter if the weapon is destroyed in the process of using it. They will still learn something that helps them develop and even improve on it.

    reply to this | link to this | view in chronology ]

  • icon
    John Fenderson (profile), 6 Mar 2015 @ 8:10am

    The art of the possible

    Very often, the only thing that makes something impossible is the belief that it is. Once someone accomplishes the impossible and demonstrates to others that it can in fact be done, then others very quickly figure out how to do it too. There are countless examples of this going all the way back through history.

    So, if you've developed a weapon (or any technology) that can do things nobody else thinks can be done, then that advantage only exists until the first time you use the weapon, at best. Once others see the weapon demonstrated, then others will have the weapon as well.

    reply to this | link to this | view in chronology ]

  • identicon
    Anon, 6 Mar 2015 @ 10:07am

    Of COurse

    >Isn't this basically true of any type of weapon and attack? I mean once you use something knew, everyone else (including the target) goes, "Oh, I see what you did there. Cute. I'm going to figure out how to do that too." It doesn't matter if the weapon is destroyed in the process of using it. They will still learn something that helps them develop and even improve on it.

    Heck, the same principle applied 100 years ago.
    As soon as the Allies used tanks, or the Germans used gas, the other side could figure out what they needed to do to retaliate. All it did was raise the bar on lethality and futility.

    Note that Germany never used gas in WWII (nor did the allies). It would simply become a zero-sum game to do so.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 6 Mar 2015 @ 10:20am

      Re: Of COurse

      And the Chinese invented and used gun powder centuries before that and look where that ended up.

      reply to this | link to this | view in chronology ]

    • icon
      Uriel-238 (profile), 6 Mar 2015 @ 11:41am

      Hitler was gassed, himself in WWI

      And was so horrified by the experience that he a) swore never to authorize gas attacks in warfare, and b) issued gas masks to his soldiers down to the last clerk and grunt, even in theaters where gas attacks were unlikely. Hitler was rather paranoid about gas.

      Mobile mechanized armor was a critical element to Blitzkrieg, but the Battle of Britain focused on air superiority and military targets until a single bomb was accidentally dropped in an English civilian neighborhood. The allies used this to justify attacking civilian targets and military manufacturing, and the Blitz and later V1 and V2 programs were developed in response.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Mar 2015 @ 11:21am

    NSA/GCHQ Boomerang & Blowback

    "Hoist with his own petard" -- Shakespeare.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Mar 2015 @ 12:35pm

    Straight pride? methinks Nick Steiner is protesting too much.....

    Taking bets on the amount of time before someone uncovers his past history as a hardcore gay porn star....

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Mar 2015 @ 8:06am

    "...has demonstrated a clear ability to learn from the capabilities and actions of others."

    Too bad y'all can't do the same!

    reply to this | link to this | view in chronology ]

  • identicon
    lew, 10 Mar 2015 @ 8:18am

    'Intelligence agency' does not foresee much at all

    NSA is stupid: S/N of mass collection means that approach is useless. Tools it uses are inspirations for others. $Bs spent to no result.

    CIA and NSA spend $Bs on briefing the president every day, but studies show that reading the newspapers make for better decisions. Now the Internet and P2P can obsolete all their intelligence gathering.

    CIA, NSA, military have evolved back into a std mafia protection racket.

    Confidence in gov, approval rating, is at an all-time low. But the right question would be "Are they criminals?" and "Should they hang?"

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown for basic formatting. (HTML is not supported.)
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown for basic formatting. (HTML is not supported.)
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.