Why Online Attacks By Nations Are Problematic: Enemies Can Learn From Your Digital Weapons, Then Turn Improved Versions Against You
from the that's-awkward dept
Last month, we wrote about a great discussion between Edward Snowden and Bruce Schneier that explored how offensive and defensive operations by national intelligence agencies had changed as they moved online, becoming much more intertwined. A new Snowden leak published by The Intercept confirms that the situation is even more complex, because adversaries can learn from digital attacks directed against them to create even better weapons, which they then use to counterattack:
The NSA is specifically concerned that Iran’s cyberweapons will become increasingly potent and sophisticated by virtue of learning from the attacks that have been launched against that country. “Iran?s destructive cyber attack against Saudi Aramco in August 2012, during which data was destroyed on tens of thousands of computers, was the first such attack NSA has observed from this adversary,” the NSA document states. “Iran, having been a victim of a similar cyber attack against its own oil industry in April 2012, has demonstrated a clear ability to learn from the capabilities and actions of others.”
That’s because, unlike traditional physical weapons used against enemy infrastructure, digital versions are not generally destroyed during an attack. One of their big advantages is that once they have infiltrated and infected a target system, they can continue to carry out surveillance or attacks over a long time period. But that also means they may eventually be discovered — especially if they leak out — allowing them to be studied and improved in a way generally not possible with traditional weapons. Those new versions can then be directed elsewhere, including against the original attacker.
So intelligence agencies find themselves in a difficult position. The more they carry out attacks using digital weapons, and the more sophisticated those tools, the greater the likelihood that adversaries will detect them, adapt them and then turn them back against the country that deployed them. It’s probably too much to hope that this may cause such weapons to be used more sparingly….