Vmyths.com


Hoaxes, myths,
urban legends

Columnists

Newsletter
signup

Addictive
Update
Model

False
Authority
Syndrome

About us

Computer
security
humor

Truth about computer security hysteria
Truth About Computer Security Hysteria

Rob Rosenberger

Forget nukes — Pakistan wants a flash worm!

Rob Rosenberger, Vmyths co-founder
Saturday, 8 June 2002 THE SPECTER OF cyber-terrorism came up yet again — this time in a technical paper on "flash worms." Think of it as a world-devouring computer virus.
"Com­mer­cial air­craft as bomb" is very fea­sible but not likely.
"Com­pu­ter virus as bomb" is not fea­sible but very likely. So what exactly is a flash worm? Well, it doesn't exist, but it's like a Warhol worm on steroids. So what's a Warhol worm? Well, it doesn't exist either, but it's like the Nimda virus on steroids. So what's a Nimda virus? Well, that baby does exist, and it's like Code Red on steroids (that's a direct quote). So what's a Code Red worm? Well, that baby exists too, and according to Senator Charles Schumer (D-NY), "last year we came within about four hours of seeing the Code Red virus take down the Internet," although you probably don't remember it. According to the fearmongers, a single flash worm can take over the entire Internet in "tens of seconds" — whereas a lumbering Warhol worm can only take over the entire Internet after a leisurely 15 minutes. Yet be it a flash worm or a Warhol worm, we wouldn't have enough time to shut down the Internet to avoid a global cybertastrophe. To quote president Bush's computer security advisor: "think of the functional equivalent of four 767s crashing into buildings." It's theoretically that bad if these "weapons of mass disruption" ever come to exist. The research paper about flash worms came out a little while ago. I probably should've told you sooner about this "blitzkrieg" threat to computing... ...But I wanted to wait long enough for irony to set in. (Ha!) So like I was sayin', a technical paper on "flash worms" raised the specter of cyber-terrorism yet again. "If you could control a million Internet hosts [with a flash worm]," the paper's authors breathlessly intoned, "the potential damage is truly immense: on a scale where such an attack could play a significant role in warfare between nations or in the service of terrorism." Oh, hey! Speaking of "warfare between nations"... Pakistan & India continue to rattle their swords in preparation for a bloody war. They've already shed a few civilian lives on both sides. Time for a quick audience poll — if you actually think Pakistan will attack India with computer viruses, raise your hand. If you actually think Pakistani president Pervez Musharraf will enlist the Brain brothers in a war over Kashmir, raise your hand.
"Let's sup­pose a virus comes along and wipes out a million hard disks in two days... Go on: predict the mayhem. How many quin­til­lions of $$$ will we lose?"
(If you raised your hand, then you win! Click the little "X" in the upper right corner of your browser window to receive your prize.) I looked at the concept of flash worms and I honestly thought: "that's the most horrific cyber-weapon you can theoretically conceptualize?" Hey, I've seen better imaginations in "The Forbin Project."
THE RENEWED SPECTER of war & terrorism waged by computer viruses instead of explosives led me back to a December 2001 online debate in a computer security mailing list. Moderator William Knowles offered a pathetic correlation between physical- and cyber-terrorism:
Just because there hasn't been a real cyberterrorism attack does mean its not eventually going to happen, who before September 11th, 2001 would have thought that someone would have hijacked commercial jetliners and used them as cruise missles...
I fired back with a blistering rebuttal:
I reject Knowles' argument out-of-hand. He misses the point when he asserts "[who] would have thought that someone would have hijacked commercial jetliners and used them as cruise missiles." The simple fact is that terrorists always had the ability to turn planes into cruise missiles; their effectiveness as flying bombs merely grew in proportion to their fuel payload. On the other hand, [Sophos bigwig Graham] Cluley & I & others insist no one has the ability to destroy America with a computer virus (read [this] for starters). We can therefore sum up Knowles' misguided argument as follows:
  • "commercial aircraft as bomb" is VERY feasible but NOT likely;
  • "computer virus as bomb" is NOT feasible but VERY likely.
Knowles & others (e.g. Michael Vatis, Richard Clarke) could validate their cyber-terrorism arguments with just one — I repeat, ONE — technologically feasible idea for destroying America with a computer virus.
My reply triggered a post from a participant named Gary Warner:
The thing about viruses, is that so far we have not encountered a talented rapid-spread-virus author who wished to "destroy the world". I mean, Code Red was not nice, and Nimda was not nice, but imagine how much less nice they would have been if they launched their attack, and then formatted your C:\ drive! Could they have done that? Certainly! ...The fact that this has not happened is one of the greatest blessings we have received, and yet, it has also lulled us into a false sense of security. Upper Management reads about the Love Bug virus, looks around, and notices the world has not ended. They then conclude that the world will not end in the future.
If you actually think Paki­stan will attack India with com­pu­ter viruses, then you win! Then click the little "X" in the upper right corner of your brow­ser window to re­ceive your prize...

WARNER'S LEGIT CONCERN about a coming destructive worldwide infection led me to postulate how much damage it could really inflict:
Let's take a statistic of roughly 200 hard disk reformats per month per air force base for numerous arbitrary reasons. The colonel wants a new OS, or the secretary can't get her machine to act right, or the captain deleted CMD.EXE because he didn't need a program that just displays a copyright notice, or the airman gets a hand-me-down upgrade, or a contractor takes over a cubicle. "Thanks, sarge. What happened to all the data?" It's gone; I blew it away. "Ouch. Oh well. Thank goodness we haven't moved to the paperless office." Let's take another statistic of 100 air force bases worldwide, times 12 months... We can speculate our mighty zoomie electron defenders reformat roughly a quarter-million hard disks each year. And that's just USAF. Add the Army and the Navy and various purple-suit agencies: I suggest multiplying this number by three. We can speculate DoD reformats roughly a million hard disks each year. A million per year, and I didn't even talk about all the hard disks reformatted each year by the civilian government. Reformatted each year by the Fortune 1000. Reformatted each year by countless small businesses. Reformatted each year by countless individuals. Okay, now let's insert the word "virus" in this argument. Let's suppose a virus comes along and wipes out a million hard disks in two days. "What happened to all the data?" It's gone; the virus blew it away. Go on: predict the mayhem. How many quintillions of $$$ will we lose?
Think about it: a million hard disks blown away in two days. Frightening, I tell you! We can safely predict Dell, Gateway, and many other companies will go out of business when they try to make good on their support contracts. It will cost at least $3.571 quadrillion just to reinstall an operating system on those one million hard disks.
"We need a clear cut defi­ni­tion of 'de­stroy America'. With­out that well-defined objec­tive, this be­comes an argue­ment that spirals onward with­out termination."
And that's not counting the quintillions of dollars we'll lose in the form of deleted antivirus data!
MY COMMENT LED participant Aj Reznor (no relation to Trent) to ask for an important clarification:
We need a clear cut definition of "destroy America". Without that well-defined objective, this becomes an arguement that spirals onward without termination as people produce wild, vivid and sometimes even feasible scenarios... So, what's it mean, your statement? What destroys Amerika? A "virus" (or maybe more applicably, a worm) that downs the Internet? Only the core routers? A majority (50% +1)? Hoses primary DNS servers? Something not internet related? Hoses the economy? Causes a vast majority of the populace to lose faith (I mean, moreso than the standard levels of complaining and disenfranchisement)?
Reznor's query led me to clarify "destroys Amerika" as follows:
Let's use White House fearmonger Richard Clarke as our bellwether. After the twin towers fell, he went on the record to claim a coming cybergeddon will invoke "catastrophic damage to the economy [that is the] functional equivalent of 767s crashing into buildings." Someone please describe a computer virus or worm of this caliber. Oh, and please remain within the state of the art. We've got enough thorazine-deprived cyberfreaks already.
No one answered my challenge. The cyber-terrorism debate ended here — and so does my column for today.