The Future of Warfareby Dr. Steve Elwart
Military analysts have often stated that the next war would be in space. In that regard, they were half right. Recent events are proving that the next war will actually be held in cyberspace.
The complexion of warfare has changed considerably since the United States’ invasion of Iraq. Where soldiers, tanks, guns and planes once wreaked havoc on a country, hackers, computers, and USB drives carry the fight to the enemy in today’s wars.
The CIA’s top intelligence agent Charlie Allen had been in the intelligence business starting from overseeing the secret CIA tunnel under East Berlin to using Twitter to monitor the Mumbai terrorist attacks in India. Before he retired in 2009, I asked him what he thought about the state of the world today. He said, “It is a darker place now than it was a year ago.”
Now, three years later, Allen’s comment still holds true. Today is a darker place than it was last year (and the year before that). The only difference is that cyberwarfare has become the principal weapon in today’s military, industrial and private arsenals.
Five years ago, the term “Facebook” was not in the dictionary (much less used as a verb), Twitter was a sound, the Cloud was still in the sky, 4G was a parking place, and Skype was a typo. Where it had once been said that we were living in a connected world, we are now living in a hyper-connected world. It has been the pervasiveness of computers and mobile devices that have made us so codependent. We have become so reliant on these devices that if they would ever fail, the fabric of society would begin to unravel.
While the physical terrorist threat is still as dangerous a presence in the world as it was on September 11, the cyber terrorist threat has become a favorite weapon of nation-states. Just how important cyberweapons are became apparent last June when President Obama revealed that the United States had started a cyber-program during the Bush Administration that was responsible for releasing the Stuxnet virus on Iran.1
While this was not news in cyberwarfare circles, the announcement sent shockwaves through the media and general public. In essence, the Obama Administration, in a seeming attempt to gain a domestic political advantage, admitted to committing an act that just one month earlier Defense Secretary Leon Panetta classified as an “Act of War.”2
The first inkling analysts had that a cyber-attack was imminent came in the months leading up to the commissioning of Iran’s Bushehr nuclear power plant. In early 2010, the prevailing wisdom was that either Israel, the United States, or both countries would launch a conventional attack on the plant.
Iran has a history of making grandiose claims of “wiping Israel off the map” and lying to investigators about their intentions regarding acquiring nuclear weapons. There was a pervasive fear that Iran would use the product from the Bushehr plant and their nuclear enrichment centrifuges to generate enough atomic material to build a weapon to use against that country.
Many thought that there would be conventional attacks on both the nuclear plant and the centrifuges to halt production of nuclear material.
There was a critical window in which to do this. In the power plant’s construction timeline there could be considerable damage done to the plant with little nuclear fallout in the days just prior to the loading of the fuel rods into the reactor. A virtual countdown began on when such an attack would come. As we got close to the date the Russians would load the nuclear fuel rods into the reactor, people prepared for war.
Then a remarkable thing happened. The announcement came that the Russians were starting to put the fuel rods into the reactor and no attack came. Conventional wisdom in the media was that the United States was showing weakness by not attacking and had also pressured Israel to do nothing.
In the following days, while people were waiting to see if possible covert attacks on the plants were coming, all communications between the plant’s computers and the outside world were cut. A week later, Iran announced that the computers running the power plant were infected with a virus. (One month later, Iran halted the production of enriched uranium from its centrifuges citing “technical problems” after 1,000 centrifuges were damaged.)
Subject Matter Experts (SME) in the area of computer controls believed that the nuclear plant had been infected with a virus called “Stuxnet,” a computer program that was created to attack only industrial computers in Iran.
The SMEs were proved to be correct. Israel, working in concert with defense laboratories in the United States, had created Stuxnet. As Israel is prone to do, they even left their calling card. Hidden deep within the code are two directory file names, “myrtus” and “guava,”3 which could be construed to be an allusion to Queen Esther, who intervened to save the Jewish people from destruction at the hands of a Persian king. (Persia is now known as Iran.) There was also a marker hidden in the code “19790509” which is a possible reference to the date May 9, 1979, when Iran executed Persian Jew Habib Elghanian, prompting the mass exodus of Iranian Jews from the new Islamic state.
Stuxnet was a game changer in cyberwarfare. For the first time, a computer virus was targeted not only for a specific type of computer, but a type of computer that was in a particular region of the world running specific software. Even after the computers were disconnected from the Internet, they were still vulnerable. The virus was transmitted by a USB or “jump” drive. (These drives are commonly used to back up data and install updates on industrial computers.)
By summer 2010, it became clear that Stuxnet had inadvertently jumped from Iran’s Bushehr nuclear and Natanz uranium-enrichment plants to industrial computers worldwide. Even more alarming, the source code for the virus was soon stolen from a cybersecurity website and reprogrammed into a common computer language called C+ and then released out onto the Internet (this is called “going out into the wild.”)
The power of this virus to bring down a nation’s critical infrastructure could now be harnessed by any relatively skilled hacker which a rudimentary knowledge on how a process plant operated.
With the proverbial genie out of the bottle, it will never be contained. A new arms race has started, but at the nanoscopic level. Nations (and individuals) will be able to attack one another at will with little fear of being caught. No country is safe from attack and the United States is the most vulnerable since no other country’s infrastructure is more dependent on computer controls.
A cyberwar would have the power of taking the world back to the 1800s, to a world before the Computer Age. If the world’s industrial computers would shut down in a cyberwar, there would be no devices to take their place, those machines being retired years ago. It would be like an EMP attack, only a little slower but far more pervasive.
Before the advent of nuclear weapons, passages of Ezekiel 39 seemed quaint and thought only to be understood if viewed as an allegory. With the unleashing of the atom’s terrible power, these passages now seem very clear.
It now falls to the Berean in each of us to search the Scriptures to see if these new weapons of cyberwarfare and their destructive power fit into an end time scenario for our time.
To learn more of the nature of cyberwarfare, please see the article in the July 2011 issue of Personal Update titled “Cyber Warfare: Today’s Nukes.”
Cyber Warfare: Today's Nukes - Steve Elwart, Senior Analyst Koinonia Institute