Just FYI, Mr. McCain: Any Cyber Attack Can Be Reversed – Cybersecurity Expert

Recently, US Senator John McCain has suggested that his country should attack Russia with its cyberweapons to retaliate for Russia's alleged meddling in the US elections. Kevin Curran, a professor at the Cyber Security School at Ulster University explained to Sputnik why this is a bad idea for the US.
Sputnik

Curran points out that being a non-expert in such things as cyberweapons, McCain misses the crucial difference between them and conventional ones; namely, that any cyberattack can be reverse engineered and later used against the aggressor.

Russian Lawmaker Says Russian Electoral Systems Invulnerable to Hacking Attacks

Curran explains that once the attack is detected, parts of its malicious codes can be obtained and later analyzed. When its underlying principles of operation are cracked by cybersecurity, it will be able to replicate the weapon and use it against the country that unleashed it.

READ MORE: Stolen US Cyberweapons Could Spark Conflict With Rival Powers — Ex-NSA Analyst

Curran also reminded Sputnik (and McCain) that apart from information-obtaining malware, there are also those that attack with a focus on control systems. Once they obtain control, they can manipulate physical infrastructure, such as electrical networks, railroads or water supplies. Attack on such infrastructure can have a significant negative impact, the cybersecurity expert warned.

One of the examples of such viruses is The Flame, a malware found in 2012. The Flame was a platform designed to host various modules that can perform different tasks. The problem is that over 40 different antiviruses failed to detect The Flame when tested.

READ MORE: British Gov't May Be Preparing Public for Cyberattack on Russia — Ambassador

Another demonstrative example is the Stuxnet computer worm that was specifically designed by the US and Israel to infiltrate systems associated with Iranian nuclear material. It managed to find and successfully attack the country's nuclear centrifuges.

Curran believes that organizations around the world should expect rogue states to attack their computer systems in the future, seeking information or wreaking havoc. He also thinks that states won't refrain from developing cyberweapons, noting that the US has already admitted developing both defensive and offensive models. Although the US claims to focus on defensive ones, there is no way to prove that, he added.

US Congressman Seeks Deal to Prove Russia Did Not Hack US Election

"It is also incredibly difficult to estimate which countries are heavily conducting research into offensive cyberattack tools, as it is not as easy as simply counting the size of their armies or guns," Curran said.

The expert also noted more peaceful uses for such viruses — for example, intelligence. According to him, such malware can be used "akin to spy planes."

Discuss