Flame could spark off more cyberwar
Rob Rachwald speculates on the geopolitical ramifications of Flame war
Lots of people are asking what Flame does. The more important question, however, as an era of cyberwar emerges, is what Flame means.
Flame can offer two major lessons for the industry.
Global spend on antivirus is massive. Yet Mikko Hyppönen, chief technology officer at vendor F-Secure, confessed in a blog posted on the Wired.com that anti-virus vendors had failed when it came to Flame. "We really should have been able to do better. But we didn't. We were out of our league, in our own game," he wrote.
The lesson is that there is a need for vendors to rebalance their security portfolios. When stocks or shares perform differently from what was expected, you dump them for other investments that may adjust your risk.
Today, anti-virus is an underperforming asset that deserves rebalancing. I cannot speak for everyone, but I see more customers operating on the assumption that anti-virus and other security technologies will fail, concluding that it is time to look for something new and different.
Russia attacked Estonia in April 2007 using simple distributed denial-of-service. But cyberwarfare techniques are now stealthier and more effective. They can be part of a serious military strategy. We have hit an inflection point.
Cyberattack is now preferable to a military attack, in my opinion. The consequences of not using cyberwarfare now outweigh cyber-pacifism. It is a bloodless form of warfare that can yet inflict serious damage.
With what happened in Iran, it seemed cyberattack may have proven more effective than economic sanctions to stop the nation's development of nuclear weapons.
The attacker can more easily remain anonymous. Often, the victim can speculate as to who might be responsible for an attack, but cannot be certain. Graphic images of the pertinent source code also just do not have the same effect as pictures of the dead or injured.
If there were a physical attack on Iran, the Iranians themselves would very likely side with their own government.
Cyberattack can also be a new kind of deterrent. During the Cold War, if the US had 1,000 warheads, the Soviet Union would claim to have 1,001. This might lead to some kind of strategic defence initiative, such as Reagan's Star Wars plan in the 1980s.
Cyberattack, conveniently, may also appear morally superior and – so far – has proven less expensive.
Cyberattack could force adversaries to minimise what they do online. It took nearly 10 years, don't forget, to find Osama bin Laden since he went completely off-grid. He apparently used no internet or phone, just couriers.
Does this mean that scientists developing weapons will restrict themselves to crayons and paper? Probably not, but researching military projects has very likely become a lot more difficult today for scientists worldwide.
Rob Rachwald is director of security strategy at Imperva