In Defense of Cyberwar

Why digital warfare is a good thing

A brief history of nuclear weapon prevention

1979: Saddam Hussein begins building a nuclear reactor with the help of the French

1980: During the Iran-Iraq war, Iran tries to bomb the reactor. Minimal damage. No casualties.

1981: Israel bombs the reactor, destroying it. 11 People are killed (10 Iraqi soldiers, 1 French civilian)

A brief history of nuclear weapon prevention

Early 2000s: Syria begins building a nuclear reactor with help from North Korea.

2007: Israel destroy the reactor. Unconfirmed reports state that 10 North Koreans were killed.

A brief history of nuclear weapon prevention

Iran’s nuclear program:• Dispersed• Underground• Protected

The Natanz Nuclear site: Under 30 feet of reinforced concrete

A brief history of nuclear weapon prevention

An attack on Iran would be difficult, and likely cost many more lives than the previous two examples.

Attack would take hundreds of planes, ships and missiles - CSIS

A government simulation of an Israeli attack led to 200 dead Americans and full scale American involvement.

A brief history of nuclear weapon prevention

2008: Operation Olympic Games• Stuxnet• Duqu• Flame• Any Others?

Targeted at destroying Iran’s nuclear capability.

What makes Stuxnet unique?

Stuxnet SQL Slammer

Target Very specific Everyone

Breadth of damage Narrow Widespread

Depth of damage Physical Internet only, minor secondary effects

Cost to develop Very high Moderate

Complexity Very high Moderate

Time to detection Years Hours

Weaponizing SQL slammer is MAD

• MAD = Mutually Assured Destruction. It’s what kept the USSR and the USA from starting a nuclear war for several decades.

• Creating a worm that destroyed the internet would likely hurt the originator as much as the recipient.

Weaponizing SQL slammer is MAD

• How many parasites destroy their entire ecosystem?

Cyberweapons ageExploit for sale!• Full root, 100% of the time• Windows machines• No patches available• Can be launched remotely• “Point and click” simplicity• Bypasses all AV, firewalls, and can

even traverse NAT

• How much is this worth?

Cyberweapons age

AK-47RT-2PM TopolFirst deployed by the USSR, 1988. Still in use.

Yes, we are vulnerable too

Do you really think refraining from use of cyber weapons will stop others form doing the same?

Yes, we are vulnerable too

Which would you rather face?

The law is always playing catchup

There are currently no international conventions, treaties, standards, etc…..

They always come after the weapon is used – policymakers have a hard time acting in a vacuum.

In the future, I hope we use and are confronted by digital weapons and not kinetic ones

Ari Elias-Bachrachari@defensium.com@angelofsecuritywww.defensium.com