Security

State-Funded Cyberweapons

gray knife point on purple background

An interesting cyberweapon I have never heard about is China’s ‘Great Cannon’ cyberweapon, which is a state-operated DDoS tool. The Great Cannon hijacks web traffic from users within the ‘Great Firewall of China’ and redirects the traffic to other websites by injecting malicious JavaScript code into the insecure HTTP connections (Winder, 2019). While China has reportedly only used this (that we know of) on their own citizens in the goal of further limiting the population of China’s freedom, I would be quite alarmed at what such a funded project could do if their attention turned to disrupting a U.S. website that is vital to our operations; due to this, I would rank the Great Cannon pretty high in terms of purpose and high in the vast amount of resources I am sure was involved.

As we have read about the 2010 Stuxnet virus, I wanted to touch base on one of its later variants, the Duqu virus. Discovered by Iran in 2011, the Duqu virus, often called the ‘Son of Stuxnet,’ spread and created backdoors instead of destroying systems. While the origin of the Duqu virus was suspected to be from either Israel or the U.S., one thing that can be ascertained from its research is that the creators were highly funded and skilled (InfoSec Island, 2011). The Duqu virus’s purpose was mainly to harvest data and allow access to unauthorized users; however, its potential for damage is quite dramatic. I would rank the Duqu virus pretty high in terms of purpose and high in the vast number of resources I am sure was involved. With greatly funded attacks such as the Great Cannon and the Duqu virus, we get a glimpse of what can occur when cybercriminals are provided with the tools needed to fight a cyberwar.

While not considered as a typical cyberweapon, the rise of cryptocurrency usage by countries such as Iran is leading to the increased use of cryptojacking attacks. Cryptojacking is unlike many of the more common forms of cyberattacks, in that it does not steal your data or hold your network/device for ransom. Instead, cryptojacking commandeers your hardware to be used to mine cryptocurrency. Cryptomining is defined as the process of solving complicated problems to verify digital transactions, using computer hardware such as graphics cards. By using a cryptomining rig (or turning an unsuspecting user’s platform into one), users can both create or just get paid for their processing power in cryptocurrency.

Cryptocurrency’s popularity and value have been skyrocketing as of late, and while the market is volatile, the influx of cryptomining malware can be quite concerning. However, instead of using one’s own device to mine, “borrowing” another’s computer to do the job can yield excellent results; this practice is especially troublesome when you think of the various countries with supercomputers.

Cryptojacking malware is created to specifically hide in a system and only be activated when the computer becomes idle, all while not even requiring access to your network or compromising your data. The longer the malware is in your computer, the better, as mining cryptocurrency is a lengthy process. While cryptojacking (similar to other cyberattacks) does not inflict actual damage, the revenue obtained by the process can fund additional avenues of war, such as the advancement of intercontinental missiles or terrorism attacks, for example; due to this, I would rank cryptojacking pretty low in terms of purpose and low in terms of the small cost that crypojacking requires.

References

Winder, D. (2019, December 05). China Fires ‘Great Cannon’ Cyber-Weapon at The Hong Kong Pro-Democracy Movement. Retrieved December 08, 2020, from https://www.forbes.com/sites/daveywinder/2019/12/05/china-fires-great-cannon-cyber-weapon-at-the-hong-kong-pro-democracy-movement/?sh=37fd7b4d7c85

InfoSec Island. (2011, November 17). Duqu May Actually Be an Advanced Cyber Weapon. Retrieved December 08, 2020, from http://www.infosecisland.com/blogview/18229-Duqu-May-Actually-Be-An-Advanced-Cyber-Weapon.html

Rid, Thomas. 2013. Cyber War Will Not Take Place. Oxford University Press, Inc., USA.

Categories: Security

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s