Skip to main content
Part of complete coverage from

The cyberwar may be headed to your computer

By Douglas Rushkoff, Special to CNN
June 4, 2012 -- Updated 1405 GMT (2205 HKT)
Much of the Flame virus code is simply camouflage -- 3,000 lines of programming that make it hard to understand.
Much of the Flame virus code is simply camouflage -- 3,000 lines of programming that make it hard to understand.
STORY HIGHLIGHTS
  • Douglas Rushkoff: Flame virus attack on Iran has hallmarks of being concocted by nation-state
  • He cites article saying Obama concerned that such an attack might someday be aimed at U.S.
  • He asks: What's to keep malware from being aimed at civilian populations?
  • Rushkoff: We are headed toward an Internet that's blocked by airport-style security checks

Editor's note: Douglas Rushkoff writes a regular column for CNN.com. He is a media theorist and the author of "Program or Be Programmed: Ten Commands for a Digital Age" and "Life Inc: How Corporatism Conquered the World and How We Can Take It Back."

(CNN) -- The recently discovered Flame virus bears all the hallmarks of a cyberattack concocted by a nation-state. It's big and complex and pointed directly at a geopolitical hot zone, Iran.

What really gives it away as a government project is the extent to which its programmers sought to keep it out of civilian hands. The malware seems no more designed to protect us from a nuclear Iran than it is safeguarded to keep us from using the program itself against one another.

Flame is sophisticated. It's not a tiny piece of code that nests itself in e-mail and then erases your hard drive. It might better be described as a suite of programs -- the Microsoft Office of malware -- that perform different tasks.

One turns on the microphone of a computer to record conversations; another sets up a virtual machine on the computer to be controlled remotely; another uses Bluetooth to connect to nearby cell phones and copy data or monitor phone calls. One compresses all this espionage into smaller files; yet another sends data back to the master computer, accepts commands and installs new updates. This level of complexity and breadth of functionality is unparalleled.

Douglas Rushkoff
Douglas Rushkoff

But, in the theater of cyberwarfare, every successful cyberattack can be considered the most advanced attack of all time. This is an arms race of a new sort, where measures and countermeasures change the entire programming landscape. The methods of previous attacks, once analyzed, are neutralized by new additions and patches to computer operating systems. This sends would-be infiltrators back to the drawing board to come up with new, superior approaches. Technological warfare is a bit like evolution, where new mutations compete for survival.

Only on computers, we don't have to wait for nature to spontaneously fold a chromosome in some new way. We have programmers actively looking for new windows of opportunity, new maneuvers, new countermeasures and new ways of hiding what they're doing.

Cyber-sleuths track Flame malware
New computer virus discovered
New espionage 'malware' discovered

It amounts to the weaponization of cyberspace -- a practice in which the U.S. government has apparently been participating, sometimes reluctantly, according to an article in The New York Times last week. The cybercampaign against Iran apparently began under the Bush administration working with Israel, and continued under Barack Obama, who voiced concern about the precedent America was setting.

The resulting Stuxnet virus, aimed at disabling Iran's nuclear refineries, ended up getting loose on the Internet in the summer of 2010. The revelation of U.S. involvement with the virus worried Obama, according to the Times article, as it could justify future cyberattacks on Americans by enemies of the United States.

Flame may or may not be another product of this same campaign.

When asked about his nation's complicity in the malware, Israeli Vice Prime Minister Moshe Ya'alon cheekily told Army Radio, "Israel is blessed with high technology." But the rest of us are blessed with high technology, too.

What's to keep malware such as Flame from being used against civilian populations or even by civilian populations?

Nations have been using computers for warfare since computers existed. The development of the modern computer was in no small part accelerated by World War II. America's ENIAC computer calculated artillery trajectories, while Britain's Colossus computer decoded the Nazi's encrypted messages. At the time, however, computers were not household appliances. Like cannons and other weapons of war, they were tools of the state and inaccessible to regular folks.

And while the current cyberwar may be a nation vs. nation affair, the kinds of technologies unleashed in this conflict are not beyond the technical capability of more rogue hackers and criminals. The same technologies that let the U.S. and Israel thwart Iran's nuclear program can also enable, say, an Eastern European crime syndicate to participate in your banking activity.

What makes Flame unique -- and almost certainly of government origin -- is that it appears to have been written in a way that not only slows detection and countermeasures, but that also slows the spread of its techniques. The complete suite of programs is over 20 megabytes.

And while at first glance this seems to be a downside -- an elephant hiding in plain sight -- it has actually served to keep it unnoticed for at least two years. More importantly, it was made huge on purpose. Much of its code is simply camouflage -- 3,000 lines of programming that make it hard to understand and even harder for an enemy team of coders or even hackers in the civilian population to copy and use themselves.

It's as if its programmers were attempting to be responsible or at least exclusionary, and to prevent the weaponization of the greater Internet. Now that's classic government behavior. It's also probably futile.

Such efforts will likely only slow this inevitable slide toward an Internet that feels as blocked by security checks as an international airport. For in truth, we are all blessed with high technology.

Follow us on Twitter @CNNOpinion

Join us on Facebook/CNNOpinion

The opinions expressed in this commentary are solely those of Douglas Rushkoff.

ADVERTISEMENT
Part of complete coverage on
September 16, 2014 -- Updated 1305 GMT (2105 HKT)
LZ Granderson says Congress has rebuked the NFL on domestic violence issue, but why not a federal judge?
September 16, 2014 -- Updated 1149 GMT (1949 HKT)
Mel Robbins says the only person you can legally hit in the United States is a child. That's wrong.
September 15, 2014 -- Updated 1723 GMT (0123 HKT)
Eric Liu says seeing many friends fight so hard for same-sex marriage rights made him appreciate marriage.
September 15, 2014 -- Updated 1938 GMT (0338 HKT)
SEATTLE, WA - SEPTEMBER 04: NFL commissioner Roger Goodell walks the sidelines prior to the game between the Seattle Seahawks and the Green Bay Packers at CenturyLink Field on September 4, 2014 in Seattle, Washington. (Photo by Otto Greule Jr/Getty Images)
Martha Pease says the NFL commissioner shouldn't be judge and jury on player wrongdoing.
September 16, 2014 -- Updated 1315 GMT (2115 HKT)
It's time for a much needed public reckoning over U.S. use of torture, argues Donald P. Gregg.
September 16, 2014 -- Updated 1225 GMT (2025 HKT)
Peter Bergen says UK officials know the identity of the man who killed U.S. journalists and a British aid worker.
September 16, 2014 -- Updated 1128 GMT (1928 HKT)
Joe Torre and Esta Soler say much has been achieved since a landmark anti-violence law was passed.
September 12, 2014 -- Updated 2055 GMT (0455 HKT)
David Wheeler wonders: If Scotland votes to secede, can America take its place and rejoin England?
September 16, 2014 -- Updated 1241 GMT (2041 HKT)
Jane Stoever: Society must grapple with a culture in which 1 in 3 teen girls and women suffer partner violence.
September 12, 2014 -- Updated 2036 GMT (0436 HKT)
World-famous physicist Stephen Hawking recently said the world as we know it could be obliterated instantaneously. Meg Urry says fear not.
September 12, 2014 -- Updated 2211 GMT (0611 HKT)
Bill Clinton's speech accepting the Democratic nomination for president in 1992 went through 22 drafts. But he always insisted on including a call to service.
September 12, 2014 -- Updated 2218 GMT (0618 HKT)
Joe Amon asks: What turns a few cases of disease into thousands?
September 11, 2014 -- Updated 1721 GMT (0121 HKT)
Sally Kohn says bombing ISIS will worsen instability in Iraq and strengthen radical ideology in terrorist groups.
September 16, 2014 -- Updated 2231 GMT (0631 HKT)
Analysts weigh in on the president's plans for addressing the threat posed by the Islamic State of Iraq and Syria.
September 11, 2014 -- Updated 1327 GMT (2127 HKT)
Artist Prune Nourry's project reinterprets the terracotta warriors in an exhibition about gender preference in China.
September 10, 2014 -- Updated 1336 GMT (2136 HKT)
The Apple Watch is on its way. Jeff Yang asks: Are we ready to embrace wearables technology at last?
ADVERTISEMENT