Monday, August 26, 2013

A War Waged in Code




By Reece Hirsch

My protagonist Chris Bruen does not carry a man-bag per se but, like a lot of lawyers, he does carry a laptop bag that doubles as his satchel.  On the laptop are fragments of computer code and clues to the identity of the latest hacker or cybercriminal that he is pursuing on behalf of a client.  In THE ADVERSARY, the hackers that Bruen is pursuing have threatened to unleash a sophisticated computer virus on an undisclosed U.S. city in seven days.

THE ADVERSARY is inspired by the very real threats posed by the new generation of computer viruses exemplified by the so-called Stuxnet virus.  Stuxnet is a computer worm, or virus, discovered in 2010.  The Stuxnet virus was specifically designed to target the centrifuges at Iran’s Natanz nuclear enrichment center, causing the delicate machines to speed up or slow down and then explode like so many expensive shrapnel bombs.

Unlike a bomb that is destroyed upon detonation, however, the code that makes up a weapon of cyberwarfare like Stuxnet remains out there in the world after it has been deployed.  Stuxnet was designed to erase itself after it achieved its purpose, but the code malfunctioned and the virus was spread via the Internet, thus bringing it to world's attention.  THE ADVERSARY considers what might happen if the code for such a dangerous, state-sponsored virus came into the possession of black hat hackers who retooled it into a weapon of cyberterrorism that could be turned back against the U.S.

When I began writing THE ADVERSARY, I was basing my story on oft-repeated rumors that Stuxnet had been created by the US and/or Israel.  As I was finishing the book, those rumors were confirmed in a June 1, 2012 article in the New York Times in which David Sanger reported that Stuxnet was indeed part of a joint operation of the NSA and Unit 8200, its Israeli counterpart, dubbed “Olympic Games,” which was begun under President George W. Bush and expanded under President Obama.  The Times further reported that the Stuxnet virus may have set back the Iranian nuclear program by 18 months to two years.

The Lurker virus that is central to THE ADVERSARY is closed modeled on Stuxnet, including the way it operates by taking control of the programmable logic controllers (PLCs).  PLCs are digital computers that govern a vast array of mechanical functions, from manufacturing assembly lines to traffic lights to the electrical grid.

The creation of new viruses like Stuxnet has stirred a new debate about what constitutes warfare between nations.  But this is clearly not warfare in the traditional sense.  It can be conducted anonymously and by small groups of individuals.  In traditional warfare, the identity of the adversary is usually apparent, in the form of a plane dropping a bomb or an invading army.  Sophisticated, “smart-bomb” computer viruses like Stuxnet could pose threats to our critical infrastructure, like the electrical grid, chemical plants or nuclear facilities, but the barrier to entry is much lower than what is needed to develop a nuclear weapons capability.  And the enemy could be virtually anyone possessing the necessary technical expertise.

THE ADVERSARY explores the scary prospect that we may be entering a new age of cyberterrorism.  Computer viruses are no longer merely the harmless annoyances that muck up your home computer. 

No comments: