Flame Virus Proves Cyber-Terrorism Concerns Well-Founded
One of my favorite talks at CeBIT Australia last week was from Russian billionaire Eugene Kaspersky. While the other keynoters offered rosy visions of growth and opportunity, Kaspersky -- whose company, Kaspersky Lab, makes security software -- discussed only risk. “Risk for you, opportunity for me,” he shrugged, in a Russian accent straight from central casting. His entire talk was supported by a single slide, outlining the five biggest risks he sees in the Digital Age in ascending order of severity: privacy, cybercrime, Internet IDs, social media manipulation, and cyberwarfare/terrorism.
We all know these are risks. We know, for example, that authentication -- Internet IDs -- is a problem that isn’t entirely solved. How do you know you’re accessing the real Facebook, and how does Facebook know you’re you? We’ve all got friends who have had their Twitter accounts hacked; just a few hours ago, I got an email from a friend: “wow this is pretty crazy you should look into it” followed by an obviously dodgy URL.
But Kaspersky’s perspective is farther-reaching, and revealing of a bigger problem than whether you’re inadvertently DMing porn links to all your followers. The problem, he pointed out, is with the children. “You know, children? Little homo sapiens?” Digital Natives, never having known a world without the Internet, expect immediacy and mobility. If there is a task that this ultraconnected cohort feels they should be able to accomplish online, they won’t put in the effort to get it done any other way.
So why is this a problem? Because one task that we really should be able to accomplish online is voting. But the security specifications for voting are significantly higher than those for Twitter, and if we can’t meet those specs -- and, as of now, we can’t -- there's not much point in allowing it to happen online. If you think elections can be bought now, just wait until they can be hacked; a vulnerable e-democracy is not far removed from no democracy at all.
The alternative, that we stick with an analog voting system (or at least an in-person one), produces an equally volatile scenario: that “official” elections engage only the dinosaurs, and that everyone born after the year 2000 unhooks from the framework. It’s not hard to imagine younger voters, in 10 or 20 years’ time, looking at you incredulously: “You want me to stand in line? And show physical identification? Are you serious?”
And that’s the problem Kaspersky thinks will eventuate in a decade or two. Right now, his number-one worry is cyber warfare, a worry that seems well justified this week. On Monday, Kaspersky Lab, working with ITU (the UN agency for information and communication technologies), announced the discovery of Flame, “a highly sophisticated malicious program that is actively being used as a cyber weapon attacking entities in several countries,” and whose “complexity and functionality… exceed those of all other cyber menaces known to date.”
In the announcement, Kaspersky himself drew a link to the same nation-state activity that led to Stuxnet’s crippling of Iranian centrifuges. “Stuxnet and Duqu belonged to a single chain of attacks, which raised cyberwar-related concerns worldwide. The Flame malware looks to be another phase in this war, and it’s important to understand that such cyber weapons can easily be used against any country. Unlike with conventional warfare, the more developed countries are actually the most vulnerable in this case.”
As Kaspersky said, risk for us, opportunity for him -- or for anyone else with the chops to tackle the biggest questions of the Digital Age.
Correction: Sorry, loyal Online Spin readers. Due to technical difficulties, Tuesday's Spin was sent out without an important link -- the picture of the object that Max Kalehoff was describing. Please check out the story online for the link to the "World's Ugliest Internet Device."