Welcome back to the show, everybody.
It's Anti-War Radio.
I'm your guest host, Zoe Greif, and I am so happy to welcome to the show Richard Silverstein.
Richard Silverstein has a blog called Tikkun Olam, and then a language I don't understand.
I'm sorry.
But it's great, and there's more to the point.
There's an article here called Flame, Israel's New Contribution to Middle East Cyber War.
And I just am so happy to have Richard Silverstein on the show to explain to me and to you, the viewers, what's up with computer viruses, and what is this new flame thing, and what does it all mean, and what's the significance of it all?
Welcome to the show, Richard.
How are you doing?
Thanks, Zoe.
Thanks for having me.
Appreciate being here.
Okay, well, let's – if you don't mind, I'd like to start.
Can you give a layman's – and I want to emphasize the term layman, because that's what I am.
Just a brief overview.
What is a computer virus?
What do they do?
How are they deployed, and why?
Can you just briefly explain that so we can have that groundwork to start our discussion with?
Well, in terms of how these things are used in cyber war, the computer hackers are employed by various countries, whether they be China, the U.S., Israel.
And they create code which is able to do various things within computer systems or within individual computers that the intelligence networks in those countries might want to see or find out about.
So, for example, if we go back to Stuxnet, which is the computer malware that was installed in an Iranian power plant, that was a bunch of computer code that got into the power plant of an Iranian nuclear power station in Natanz.
And it infiltrated, and in that plant they were enriching uranium, which could be used as part of a nuclear program.
It could be used conceivably if Iran was trying to or interested in making a nuclear weapon, they would need to enrich uranium.
The code was able to disrupt the centrifuges that were enriching the uranium and cause them to smash, because there is an industrial process that is involved in the centrifuge isolating the uranium that they need for this fuel.
So if the centrifuges break, then they can't enrich the uranium, and if they can't enrich the uranium, then they can't pursue this nuclear research.
So that's the example of how Stuxnet was involved in sabotaging Iran's nuclear program.
And Flame is a slightly different version of computer malware, in that I know that Israel, its military, the IDF, has a unit dedicated to cyber warfare, and it's called Unit 8200.
And I believe this unit created Flame.
Now Flame is a little bit different.
It's not designed to infiltrate industrial plants or anything like that.
It's actually designed to target individual computers of people that the Israeli intelligence is interested in learning what might be on their own individual computers.
So computers mainly in Iran were infiltrated with Flame, but computers in other Arab countries that are considered hostile to Israel were infiltrated, and even computers in Israel were compromised, and computers in the Palestinian territories were compromised as well.
So this Flame is a very interesting piece of work, because it's considered one of the most ambitious and one of the largest programs that was ever created to do cyber warfare.
It gets into a computer, and it can take screenshots of anything that the computer user is looking at.
It can record, it can turn on a microphone in the computer if it has one, or the video, and it can record conversations that the person may be having using Skype or whatever utility they're using.
And it can record screenshots of IM conversations that somebody's having using Facebook or Skype or whatever.
So it's a neat way – neat in quotes – for intelligence operatives in Israel to be able to find out what targeted individuals are doing, and who they're talking with, and what they're saying, and things like that.
What's especially interesting to me is that a source, a confidential Israeli source, has told me that not only is Israel deploying this in Iran, but it's actually been deployed in an investigation that the Israeli equivalent of the FBI, the domestic intelligence agency, was involved in a power struggle that went on between the army chief of staff and the defense minister in Israel.
And Flame was deployed in the computer of the defense minister's chief of staff to monitor – No kidding.
They're using it against their own government.
I thought you were going to say, oh yeah, they're using it to monitor the activities of peace activists or whatever.
But no, you're saying it's high-level cloak and dagger type of stuff.
Wow.
Right.
The Shin Bet was called in because the chief of staff of the IDF, the Israeli military, told the FBI equivalent called the Shin Bet in Israel that the defense minister's staff is spying on me.
So the Shin Bet sided with the military and put the computer virus into the computer of somebody on the defense minister's staff in order to monitor what he was doing.
So that's what's intriguing to me.
I don't think there's been any instance known yet where Israel has actually used such viruses in cyber warfare against its own citizens.
So that's the extent to which this stuff is going.
And so I think I've given you this rundown on the technical aspects of things.
Going into a broader, sort of more general context, what really concerns me here is that the U.S. government, the Obama administration, has adopted what I call cyber warfare.
That is deploying these viruses and malware and these worms.
And they have, in effect, sort of become a substitute for having any real constructive relationship with countries like Iran or Afghanistan or Iraq or Iran.
I mean, I said Iran, but Yemen, Somalia.
So instead of being able to have a diplomatic relationship with some of these countries, all we have is we have drone attacks and we have cyber war.
And that is not – you know, the New York Times has been writing about how Obama has full-throatedly embraced drone attacks and cyber warfare, and they burnish the Obama administration's national security credentials.
But they really take the place of having any real strategic kind of foreign policy.
And not to mention that they get us into a slippery slope where if we endorse cyber warfare, then it can be used against us.
Of course.
I mean, of course.
The Chinese – we already know the Chinese are using cyber warfare against us.
But so far they're trying to do it in relatively benign ways.
But cyber warfare, as we've seen in Iran, can be used in quite damaging – this is actually sabotage.
So you can break centrifuges that are enriching uranium, but you can also reprogram an airplane or a power plant or a water treatment plant.
I hate to interrupt you, Richard, but that's the music, the hard break coming up.
I want to talk more about that very specific point about how many different things and destructive ways this virus technology can be used.
On the other side – I'm sorry.
We have to take this break.
I wish we didn't, but we do.
I'm talking with Richard Silverstein, Antiwar Radio.
More on the other side.
Welcome back to the show, everybody.
It's Antiwar Radio.
I'm your guest host, Zoe Greif, and I'm happy to be talking with our guest, Richard Silverstein.
I didn't even introduce you right.
I apologize, Richard.
Richard Silverstein writes Tikkun Olam, one of the earliest progressive Jewish blogs, started in 2003.
And then there's lots more bio after that.
But the guy's really smart and he knows about computer viruses, and that's what we're talking about.
And as you were alluding to before the break, so rudely interrupted you, Richard, these exotic viruses, these worms, what have you, the stuxnet, the flame, they can be used to do a lot of things.
But I want to get one question in for sure, and that is we all know what happened at Fukushima in Japan.
A tsunami hit it and the whole thing went haywire and it was terrible.
Is it not true that one of these exotic worm viruses could cause a similar effect, either intentionally or unintentionally, on some other nuclear facility somewhere else in the world, Richard?
Well, there's a lot of different ways in which these viruses can sabotage power plants.
Anything really that uses a complex computer system can be sabotaged.
It could be an airplane, it could be a water treatment plant, it could be a nuclear power plant, it could be a military production facility.
They all have the capacity, they all have weaknesses.
In spite of the fact that the US tries to make everything as hard a target as possible, there are always ways.
The US and Israel found a way to infiltrate Iran's most important nuclear power plant with stuxnet.
And certainly the Iranians have said that they have just created their own cyber warfare unit.
They may be trying to do the same thing to us.
And even if the Iranians are just starting out and are amateurs at it, we've really opened a Pandora's box here.
Because we have publicly acknowledged to the media that we are, well, I don't know if the government has publicly acknowledged this, but New York Times sources in the government have said that yes, we were involved with stuxnet and we admit it.
So that really makes it open season on us.
We have also, a year ago, the Pentagon released a policy that said that any nation which engages in cyber warfare of the sort that we are engaging in, this might be considered an act of war against the United States.
So we're kind of saying that if somebody employs stuxnet against us, that we might consider that an act of war and engage in hostilities against them.
However, the corollary of that is if we do the same thing to another country, why wouldn't they have the right to do the same to us?
It's really an ugly situation that takes us down a slippery slope very, very fast.
It does, but I'll answer your question with the illogical yet correct answer, and it's a two-word answer, and the answer is American exceptionalism.
It doesn't make any sense, but hey, America is exceptional somehow, whatever.
But you make some really good points there, and I just got to tell you, I'm reminded of that story of Frankenstein, about how the scientist created the thing that ended up destroying him.
I mean, you've alluded to it and hinted at it, but I'll just come out and say it.
I mean, who's to say the Israelis or the Americans or anyone else can keep this thing in check, can keep it contained, can keep it from infecting their own systems and doing the damage, what they intended for the enemies or whatever, to themselves?
Who's to say that can't or won't happen?
Exactly, and you know, if we look at the damage that these various viruses have done, it's been contained, it's been carefully implemented so that the damage would be confined.
But if you look at different kinds of destructive technology that's been created in human history, you'll see that the first uses are often benign, and then someone with more damaging intentions or someone who's smart figures out ways that the technology can be used in extremely widespread and damaging ways.
That is what I'm afraid of.
You go from a situation, if you can imagine, airplanes before World War I, where they're used to just sort of do surveillance, and maybe somebody figures out how to drop a bomb out of an airplane and hit somebody down below.
And then in 60 or 70 years, you've got nuclear weapons being dropped from the same kind of technology.
So cyber warfare, make no mistake, cyber warfare has that capacity.
We are just in the infancy of cyber warfare, and it is my really deep fear that this will evolve just as airplane technology evolved from its beginning into something really malevolent and really damaging and really dangerous.
And the problem is that Obama may claim that he has the best of intentions, and he's going to use this stuff in a very limited, careful way, but even if we accept that premise, which I don't, there are going to be other people that are going to come along and that are going to really maximize the damage that this thing can do.
And we have let the cat out of the bag and cannot put it back in.
Well, are you willing to play with that idea a little bit?
I'm not trying to give the bad guys any ideas here, but gosh, that's really an alarming thought and something to be afraid of that I didn't even know existed before when I woke up this morning.
But gosh, if the Wright Brothers can evolve into nuclear bombers, B-52s, then what could this primitive, nascent worm virus technology possibly evolve into?
Use your imagination.
I mean, it's worse than I could have ever imagined with the screenshots and the audio recording.
How bad can it get, Richard?
Yeah, I mean, you just think about airports and how much they rely on computer systems to control the airplanes coming in.
Oh, you're talking about like a Die Hard 2 situation where they just run the airplane into the ground by fooling its computer sensors or something like that?
Yeah, I mean, they can screw up an entire airport, not just an individual airplane, which of course they could do as well.
Oh, wow, that's horrible.
Think about water supplies to entire cities or think about power plants like Fukushima.
Anything that uses a complex industrial process involving computers could theoretically be compromised.
And let's not make a mistake and say either that it couldn't possibly happen, no one would go that far, no one would be so diabolical.
Once we let this genie out of the bottle, we can't say how the genie is going to be used by somebody else, and you can't put the genie back in once you've taken it out.
And that is the danger here.
You know, you read in the New York Times the conversations that Obama's having and how careful he's telling people he wants to be about whether it be Stuxnet or the drone attacks.
And there were conversations saying we want to be careful that Stuxnet only impacts very discreet groups of computers in Iran.
Well, what happened?
Good luck with that.
Stuxnet accidentally escaped out of Iran and infected thousands and thousands of computers all around the world.
Of course it did, of course it did, but please continue.
And so that is the same exact thing.
We can't, at certain points we're not going to be able to control, if these viruses are really truly malevolent, we are not going to be able to control what they do, despite our best efforts.
So, I mean, leave it to your imagination.
There are so many different ways in which this can wreak havoc on mankind and humankind.
And that is why it is so dangerous.
And, you know, the Russians and some of the computer labs that discovered these malware are asking for an international treaty to ban the use of cyber warfare.
And the United States, of course, since we are the most advanced in it, is poo-pooing this.
But I think it really is worth serious consideration.
We've got, you know, we've got nuclear non-proliferation treaties.
Why not consider an international treaty banning the use of cyber warfare?
Or at least controlling it in very, very careful ways so that this sort of thing doesn't happen.
And the more resistant we are to doing things like that, the more questions people can ask about, well, what is our true intent in terms of cyber war?
Why aren't we willing to participate in an international treaty of this kind?
Here's a scary thought, Richard.
It just occurred to me, what if it's already too late and the flame is already on somebody's little jump drive and it's going to hit something vital that's going to result in death and destruction?
What if it's too late in any treaties or in your efforts, my efforts to educate the public on this?
What if it's just too late and, like you said, the genie's out of the bag and it's already destined to happen already?
Boy, that's a scary, down-pressing thought.
Yeah, that is possible.
My feeling right now is that we're in enough of the initial stages of it that there isn't yet somebody out there that can cause a humongous explosion or mega damage like that.
It's possible that we're at that point, but I think we still have a chance to exert some controls over this stuff.
That's one of the reasons I'm raising the alarm in my blog.
I published a piece in the Guardian's Commons.
It's free that people could find about flame and Stuxnet.
I want to raise the alarm among both your listeners and hopefully also people in the policy community that these things are real dangers and that we cannot leave them to the cyber warriors in Unit 8200 in the IDF.
Or in the National Security Agency in the United States.
We can't leave this to people like them.
We have to have a public, transparent debate about the dangers of this technology.
Well, I certainly hope you're right about guesstimating that the technology isn't that advanced yet to cause the whole world to go up in flames like I'm all of a sudden afraid of.
But yes, thank you so much for your time on the show, Richard Silverstein.
Thank you for educating me and the listeners about the Stuxnet and the flame and these worms, these viruses and the potential catastrophic dangers that they represent to all mankind.
Thanks again for your time on the show, Richard Silverstein.
He runs the blog called Tycoon Olam and he's got a great story about flame and Susnex.
Thank you so much for your time.
I really appreciate it, Richard.
It was great to talk to you.
Thanks, Zoe, very much.
I appreciate it.
