Topic: Skyfall and Cyber Warfare (spoilerish content)

My friend and I are currently working on a book about international relations in the James Bond movie-verse. My buddy also happens to be an expert on cyber "war." So it works out really well for us that the latest Bond film is all about cyber terror. We had a conversation and cranked out this quickie article. For some reason "cannot" turns into "canit." Don't ask me why. Probably hackers.

http://www.whiteoliphaunt.com/duckofmin … l-era.html

Cyberwar is everywhere. I am sure there is some selection bias in my perspective, but I canít read the news without finding another ‘cyberwar will be the new 9/11‘article. The narrative? Our digital futures are in a precarious balance and threatened by the great cyber powers itching to destroy our lives, finances, and prevent access to the Playstation network through cyber attacks.

Now James Bond is getting in on the fun with Skyfall. In the disastrous first act (at least for me, although the overall movie might be a top five Bond film ever), the villain turns out to be a skilled cyber warrior. He is capable of blowing up buildings with a simple virus and his entire criminal enterprise seems build on his cyber abilities.

Just like Moonraker, and whatever Octopussy was, Skyfall goes too far. There is no logic or reason to the capabilities of the Javier Barden villain Silva. Somehow the villain is able to escape from containment due to a cyber worm that defies all logic. We are all helpless to the threat of cyber warfare, even James Bond. Bond himself actually triggers the worm by putting together an innocuous series of letters in lines of code. All hell breaks loose, providing James Bond with his raison d’Ítre, eventually saving the day and ìBritish civilization.î

The debate on cyberwar needs to be returned to some level of rationality. Skyfall is a symptom of the wider failure of society to understand just what Cyberwar is and the threat it represents. I define Cyberwar as ìthe use of computational technologies in diplomatic or military affairs in the international system. The discourse seems to be that cyberwar will lead to a revolution in military affairs as the battlefield moves to cyber space. Along with a changing battlefield, the targets will change and civilians will be threatened by this new development. Supporters of this idea have already rushed to suggest that Skyfall is the most realistic Bond ever [http://uk.news.yahoo.com/bond-s-most-re … real-.html].

Unfortunately, fears of the capabilities of cyber warriors seem to reach a level of absolute certainty that the worst case scenarios will come true. Our future will be shaped by cyber attacks that will control our destinies. But first, let us take a step back. My coauthor and I have collected data that demonstrates that cyber attacks are relatively little used tactic. We reason that states restrain themselves from using the tactic because there is the fear of blowback, civilian collateral damage, and retaliation through replication of the attack. Many see Stuxnet as a harbinger for the future. I tend to think of it as an outlier, an outlier that was not very effective and unintentionally escaped from the bounds of Iranian military networks.

In reality, cyberwar is a tough tactic to utilize. Cyber attacks are not exactly the future of combat, diplomacy, and human relations. While computers shape our lives, it is by no means assured that cyber attacks will take place at a level that will impact our day to day lives, let alone the foundations of British intelligence headquarters. These worst case scenarios are not helpful, if anything they make us less secure by convincing actors that constant cyber warfare is the coming reality.

We must step back from this imagined cyber brink. If James Bond canít stop the cyberwar future, who can? Our perception of cyber conflict is indicative of a perspective that the world is perpetually insecure and dangerous. There are very few ‘bogeymen’ in this world and much of the fault for any particular cyber attack can be placed on the actors themselves rather than the nature of the tactic. If plans for the latest jet are stolen, might it not have been a good idea to allow them on the network in the first place? If Silva was able to blow up MI6 with a simple computer program, MI6 probably had too many security issues to sort out that had nothing to do with the nature of cyber attacks. In the end, we can be reasonably confident that there is a developing set of norms or regimes that will regulate the use of cyber tactics. I predict that it will continue to be a little used tactic. If I am wrong, we can trust in James Bond to save the day.

Thumbs up Thumbs down

Re: Skyfall and Cyber Warfare (spoilerish content)

Me and my programmer friends were losing it in the theater we were laughing so hard at the hacking scenes.

"Hacking" involves lots of network traces running in dark terminals. What it does not involve is weird rotating globes of characters (which aren't even HEX! I thought, ok, they're exaggerating, so they have the hex randomly scrolling for no reason, then I notice it has the whole alphabet and embedded plain-text...sigh).

Also Q is one of the dumbest tech experts. What kind of idiot takes a compromised machine and plugs it directly into his top-secret government network (using 2 ethernet cables for some reason). Honeypots and VMs exist for a reason.

And then they keep dropping in actual security terminology that has no relevance to whatever the hell is supposed to be happening on screen. "Security through obscurity" was our personal favorite, and caused us to collectively lose it.

I still like the movie a lot, but you'd think in 2012 our hacking scenes would be a step beyond the "Unix" sequence in Jurassic Park.

Thumbs up Thumbs down

Re: Skyfall and Cyber Warfare (spoilerish content)

There is a much larger conversation here which I'm not well positioned to have, or debate, at 4:30 in the morning.

Hollywood hacking aside, I do think the issue of electronic security and state-funded network intrusion is larger than implied in this article. There is a reason Chinese technology manufacturer Huawei has been barred from providing infrastructure for Australia's NBN, for example.

http://www.abc.net.au/am/content/2012/s3463312.htm

Thumbs up Thumbs down

Re: Skyfall and Cyber Warfare (spoilerish content)

You only need to look at Stuxnet, and how it set the Iranian nuclear program back by a year, to realize the cyber-warfare age is well upon us. The amount of coordination and planning that attack took on the part of the US and Israel, is pretty crazy

Thumbs up Thumbs down

Re: Skyfall and Cyber Warfare (spoilerish content)

I'll post a larger response later if anyone wants it, but my major points would these:

1) Most hackable systems, if attacked, would be hiccup nuisances - a power grid goes down for 10 hours. While that sucks, it's not changing the tides of any war. Any unprepared countries have learned from the Iranian incident.

2) Any system vulnerable to attack is, in all likelihood, vulnerable to a variety of different attacks, not just cyber based (internal sabotage, strike, etc). An undefended thing is an undefended thing.

3) We've yet to see anything that even resembles an actual threat. Just the threat of threat. Which is a key distinction.

Thumbs up Thumbs down

Re: Skyfall and Cyber Warfare (spoilerish content)

If we go back to network intrusion, this can be performed remotely and silently from a territory which does not uphold the law as it applies in the target country. Any fallout, if discovered in the first place, would be diplomatic. This is a very different scenario than physically accessing a location on foreign soil. We have lots of experience in building walls and employing guards, not as much defending from something we can't see.

There's a perception that cyber warfare is just about shutting down systems and blowing things up, where as it appears a far bigger concern is information gathering. There is history of this occurring at a corportate level, and I believe this has also been documented from within government departments.

When was the last time we were at war with a technologically advanced country?

Thumbs up Thumbs down

Re: Skyfall and Cyber Warfare (spoilerish content)

Dave wrote:

If we go back to network intrusion, this can be performed remotely and silently from a territory which does not uphold the law as it applies in the target country. Any fallout, if discovered in the first place, would be diplomatic. This is a very different scenario than physically accessing a location on foreign soil. We have lots of experience in building walls and employing guards, not as much defending from something we can't see.

There's a perception that cyber warfare is just about shutting down systems and blowing things up, where as it appears a far bigger concern is information gathering. There is history of this occurring at a corportate level, and I believe this has also been documented from within government departments.

When was the last time we were at war with a technologically advanced country?

You're 100% correct. I hate to reply with a link, but that's exactly what I'm going to do. It covers your points thoroughly (written by the guy who I did the Bond thing with).

http://tigger.uic.edu/~bvaler/Persisten … prints.pdf

Last edited by oTom (2012-11-13 18:55:51)

Thumbs up Thumbs down

Re: Skyfall and Cyber Warfare (spoilerish content)

Not having a villain for half the movie is a much bigger problem than unrealistic hacking. We all know practically any system can be hacked.

Warning: I'm probably rewriting this post as you read it.

Zarban's House of Commentaries