About these ads


Posts Tagged ‘Mobile Warfare’

Mobile Warfare In Libya Comes True

April 14, 2011 8 comments

An interesting article from The Wall Street Journal confirmed what I have been writing in my posts since a couple of weeks: Mobile Technologies are destined to play a crucial role in modern conflicts (what I defined Mobile Warfare) and the traditional Military Corps of Engineers will necessarily have to be complemented by Corps of Network and Security Engineers dedicated to establish and maintain connectivity in war zones.

This is exactly what happened in Libya where the rebels, with the support of a Libyan-American telecom executive Ousama Abushagur and oil-rich Arab nations, were able to hijack Libyana Phone Network, the cellular network owned by one of the Colonel’s sons, to steal from Libyana a database of phone numbers, and to build from (partial) scratch a new cell network serving 2 million Libyans, renamed “Free Libyana”. This action was aimed to restore internal Cellular communications after Gaddafi shut down the country’s cellular and data networks.

The operation was led from Abu Dhabu by Ousama Abushagur, a 31-year-old Libyan telecom executive. Mr. Abushagur and two childhood friends started fund-raising on Feb. 17 to support the political protests that were emerging in Libya. During one mission to bring humanitarian aid convoys to eastern Libya, they found their cellphones jammed or out of commission, making nearly impossible planning and logistics. This was the reason why Mr.Abushagur decided to draw a plan for hijacking the Libyana Network, divert the signal and establish a new backbone free of Tripoli’s control, also with the intention to provide backing to the rebels forces which were beginning to feel the effects of the loyalist counteroffensive.

In a race against time to solve technical, engineering and legal challenges, U.A.E. and Qatar (whose officials didn’t respond to requests for comment) provided diplomatic (and economical) support to buy the telecommunications equipment needed in Benghazi. A direct support was provided also by Etilsat, Emirates Teleccomunications Corporation, which refused to comment as well). The support of the Gulf nation was necessary also because, meanwhile, it looks like that Huawei Technologies Ltd., the Chinese Company among the original contractors for Libyana’s cellular network backbone, refused to sell equipment for the rebel project, causing Mr. Abushagur and his engineers to implement a hybrid technical solution to match other companies’ hardware with the existing Libyan network.

By March 21, most of the main pieces of equipment had arrived in the U.A.E. and Mr. Abushagur shipped them to Benghazi with a team composed by three Libyan telecom engineers, four Western engineers and a team of bodyguards: the Corps of Network Engineers committed to build the new infrastructure in the war zone.

Since Col. Gaddafi’s forces were bombing the rebel capital, Mr. Abushagur diverted the Corps of Network Engineers and their equipment to an Egyptian air base on the Libyan border (another indirect show of Arab support for rebels). Once in Libya, the Corps paired with Libyana engineers and executives based in Benghazi. Together, they fused the new equipment into the existing cellphone network, creating an independent data and routing system free from Tripoli’s command. To be free from Tripoli was also a security requirement, since Col. Gaddafi had built his telecommunications infrastructure in order to route all calls (and data) through the capital in order to be easily intercepted and eavesdropped.

After implementing the network, the new Telco had to attract “customers”. A war zone is not the ideal place for advertisement, so nothing better than capturing the Tripoli-based database of phone numbers, and inserting Libyana customers and phone numbers into the new system called “Free Libyana.” The last piece of the puzzle was securing a satellite feed, through Etisalat, with which the Free Libyana calls could be routed.

An important detail: all the operation was successfully performed without the support of allied forces, the result is that rebels now can use cellphones to communicate between the front lines and opposition leaders.

If for a moment we forget that we are speaking about cellular networks, we could assimilate this event as part of a civil war operation, in which friendly countries and dissidents from abroad endeavor to provide weapons to rebels in order to turn the tide of a conflict (examples of which the history is full). In this circumstance this operation did not turn the tide of the conflict (at least so far but mobile warfare, while important, has still a smaller weight in a conflict than real warfare), nevertheless, for sure, restored mobile communications are supporting the leaders of the rebellion to better communicate among them and to better organize the resistance against the loyalists: as a matter of fact the March cutoff forced rebels to use flags to communicate on the battlefield. I will never tire of saying that the events in the Mediterranean area do (and did) not rely solely on conventional weapons but also on weapons of communications (the mobile warfare) through which rebels forces provided abroad the information necessary to witness exactly the brutal internal events and rallied international backing.

After so much theory depicted in my posts, finally the first real and meaningful example of the importance of mobile warfare in the events of Northern Africa, and that example! One single event has unleashed the importance of mobile technologies in war zone and the crucial role played by specialized teams dedicated to establish and maintain communications: the Corps of (Network and Security) Engineers.

About these ads

The Thin Red Line

April 8, 2011 5 comments

There is a thin red line which links the alleged stability of the so called western world, with the instability of the middle east and it consists once again in the opposite role that mobile technologies and social network play in these two different regions of the world. In few words one might say that these technologies contribute to maintain stability (and maturity) in mature countries, and to enhance the level of liberty and awareness in immature countries.

Few posts ago, I just identified one of the reasons for the instability of the Middle East on the role played by mobile technologies and social networks in feeding the protests in Tunisia, Egypt and Syria, essentially contributing to make the younger middle-east generations aware of the discrepancies between their lease of life and that of their occidental peers, and hence acting as a wind capable of propagating at an unprecedented speed the flames of change raised from the Maghreb. In my articles I referred to the effect of these new technologies as Mobile Warfare.

If, for a moment, I turn my head to look at the West I see an opposite situation, unleashing an opposite role for Mobile Technologies and Social Network which, in this context, differently from Middle East, are contributing to maintain social stability, even in a quite complicated economic situation like is the current European situation (and the last events in Greece, Ireland and Portugal are an evident thermometer of the boiling economic situation in the Old Continent). Of course I would not mind to apply the ancient Roman motto “panem et circences” (bread and circuses), luckily for this scope, our society invented football, anyway even if we do not want to bring in football, there are two other factors which, in my opinion, play an important role for our (in)stability: the wish to catch the last tweet or, even better, the last Facebook status update, but also, for most mature generations, the continual rush to the last techno-gadget.

First of all, the rush to tweets or (most of all) status updates is something which affects primarily younger generations (even if the potential of Twitter is pretty much under evaluated in Italy) but, like it or not, it is something which must be kept under serious considerations.

Of course, there are two opposite ways to read this statement: a negative interpretation could lead to think that younger generations are too much addicted to social networks and mobile technologies to the point of neglecting most important problems, on the other hand a positive interpretation could lead to think that social network and mobile technologies allow to share news and information, making them accessible to a greater audience, in formats comprehensible by (and adapted for) different population groups and heterogeneous levels of culture, contributing to create mature citizens. Of course my scope is not to determine which of the two interpretations is the predominant, rather than to highlight, like it or not, the significant role of these media.

Something similar applies if we move to most (im)mature generations, since, also in this case, Social Networks contribute to share information and (in theory) to spread a most mature approach to Society. For this population group an additional factor is involved and it is represented by the rush to the last techno-gadgets which have become a status symbol: nowadays our iPads, iPhones, Android devices, etc. highlight the role of the individual on the society, in a certain manner as a luxury or sport car does, with the difference that the last Android or iPhone is (at least in theory) much more accessible.

If one analyzes this picture from a more global perspective, one finds that mobile technologies and social networks may be assimilated in every way to real weapons: in immature countries they may be used to fight wars for freedom versus authoritarian regimes (as happened in the near past in Maghreb and as happening in Syria or Bahrain), in the same time they may be used in mature countries by wise governments to maintain order and stability, or, unfortunately, also by subtle governments to reduce population to (psychological) servitude.

We know what it means to use “mobile warfare” to fight wars for liberty versus authoritarian regimes: just watch the news and hear the latest events coming from Libya. Very different is the case of mature countries. In these nations, using these (mobile technologies and social networks) weapons to maintain order or stability corresponds to make a wise use of them to keep citizens informed and to create a common mature awareness, using these weapons to reduce population to (psychological) servitude corresponds to use mobile warfare to distract citizens from real social problems and perform large-scale psyops operations. In theory younger population are the most vulnerable to these kind threats even if I must confess, according to my personal experience, that the use of social network is far less wise by the older age ranges that, in turn, seriously risk to be the most vulnerable to an improper use of new technologies by subtle governements.

Will Energy Facilities Be The Next Targets Of Cyber-War?

April 3, 2011 6 comments

I spent some time in reading the declarations of Comodo Hacker, the alleged author of the fake Certificates issued by mean of the compromising of a couple of (sigh!) Italian Comodo Partners, and I found some very interesting points far beyond the single event.

Actually, it had been clear from the beginning that the attack had been performed from an Iranian ISP, feeding the hypothesis of an Iranian Cyber Army action aimed to intercept emails from dissidents in a quite troubled moment from the Middle East after the winds of change blowing from the Maghreb.

Anyway Comodo Hacker was anxious to quickly put the record straight, declaring he was the only author of the attack, and, if one just wanted to involve an army on the event, had to consider that he was the only army, being able to rely on his own experience of 1000 programmers, 1000 project managers, 1000 hackers:

Now, even if the political connotation of the message still makes me think that behind this act there might be a real cyber army (but this is my personal opinion), this is not the real point. The real point is that this attack occurred as a kind of revenge against Stuxnet, and more in general the fact, supported by Comodo Hacker, that the U.S. and Israel where behind it.

Fight fire with fire, fight code with code…

The attack to Comodo Certificates has left a wide impact in the INFOSEC world and probably things will not be the same anymore since in few days  all the strongholds, the identity security model relied on, have been miserably compromised (I took the liberty to add the RSA affaire to this event even if there is no evidence so far of a political matrix behind it). But there is another interesting point, and it is the third law of motion (you will not probably know I was a physic in my previous life) which, with not too much imagination, could be applied to infosec as well, if one considers the events that are happening: “the mutual forces of action and reaction between two bodies are equal, opposite and collinear”, which, in few and simple words should sound as: “to every cber-action corresponds an equal and opposite cyber-reaction”. If this is true, this means to me, as an infosec professional, that we will have to get used to similar cyber actions. Also from this point of view things will not be the same anymore…

Armed with this awareness, my mind runs inevitably among the dunes of the Libyan desert, where a civil war is being fought, now sadly familiar to all. Let me fly (but not too much) with my imagination and think that the Civil War will end up with the exile of Mr. Muammar Gaddafi. In this case it is likely to expect that he will find his revenge, not only with real terrorists act, but also with (cyber)terrorist acts, in the wake of the Comodo affaire, which, even if related to Iran, is the first known example of a cyber-terrorist act strictly related not only to the Stuxnet attack, but also to the movements flooding from Maghreb to Middle East, what I called the Mobile Warfare due to the primary role played by the mobile technologies inside these events.

We don’t have privacy in internet, we don’t have security in digital world, just wait and see… These lines can be considered as a kind of Declaration of Cyber-war against everything…

Targets of Cyberwar

Nowadays everything has a stream of bit inside and as a matter of fact is vulnerable to malware. What is happening in Libya (and the consequences on our energy bills), together with the risk of nuclear meltdown in Fukushima is pushing the so called Western world to reconsider its energy policy and accelerate the development of Smart Grids in order to promote a better, wiser use of energy. In these circumstances compromising an energy facility would have a huge practical and symbolic impact (do you remember the Night Dragon APT, tailored specifically for Oil Facilities?), that is the reason why, in my opinion, the first targets of this Cyber-terrorism reaction will be energy utilities. Few weeks ago I wrote an article (in Italian) concerning vulnerabilities and security of Smart Grids, which can be considered the “world of unknown” from a security perspective since they adopt an Internet open model to interconnect old legacy SCADA systems and, to make matters worse, the structures that govern the IT world and the SCADA world have a silo-ed approach being often mutually suspicious against each other. As a dark omen, few days later, a list of 34 0-day SCADA vulnerabilities was released by Luigi Auriemma, an Italian Researcher.

Think about it: compromising a smart grid with a SCADA malware could have potentially devastating consequences and should sound as a kind of dark revenge: imagine an Iranian SCADA malware sabotaging the energy facilities of U.S., and more in general the facilities the Western World is building to cut the umbilical cord that ties him strictly to the Middle East countries (that often are also the hottest as far as the political temperature is concerned).

Moreover, the development of electric vehicles will further complicate the scenario since they will be able to interconnect Directly to Home Area Networks (the borderline of Smart Grids), offering an unexpected (and probably not so complicated) ingress point for Cyber-Terrorists to Smart Grids, if it is true that nowadays a small car owns 30-50 ECU (Electronic Control Units) interconnected by a bidirectional Synchronous bus and governed by something like 100 millions of lines of codes. My dear friend and colleague, ICT Security expert and Aviation Guru, David Cenciotti will be glad to know that an F-22 Raptor owns about one tenth of lines of codes (“only” 1.7 millions), the F-35 Joint Strike Fighter about 5.7 millions and Boeing 787 Dreamliner about 6.5 millions used to manage avionics and on-board systems. Of course one may not exclude a priori that these systems may be target as well of specific tailored malware (do you remember the intrepid Jeff Goldbum injecting on the mother ship of Aliens on Independence Day?)

Prepare ourselves for a Smart Grid Stuxnet? I think there is enough to be worried about for the next years…

Mobile Warfare… Certified…

March 30, 2011 3 comments

In this post I explained that, what I called the mobile warfare (that is social protest driven by mobile technologies and social networks), is rapidly spreading all over the Middle East, apparently with a systematic time scale (so far events in Tunisia, Egypt and Libya have been separated by approximately a month).

Many observers claim that, in the shorter term, Syria and Bahrain could be the next targets of internal protests (last week 150 people were killed in Syria and today the government led by PM Naji Otri has resigned, apparently a quantum shift).

But the wave coming from Maghreb, led by the mobile warfare, seems unstoppable and in the longer term, also Iran and Iraq, the main barriers of fundamentalism, could be affected as well.

Of course, one of the most exciting things of Infosec, is the fact that the reality is always one step ahead of the imagination. As a matter of fact I tried to imagine different ways in which bad guys from totalitarian regimes could prevent mobile technologies and social networks from achieving their scope to encourage citizens to join the protests, including DDoS, Internet connectivity disruption and so on… I could not imagine, however, that one could think to issue rogue certificates for some high profile websites used for email and chat in order, maybe, to intercept cumbersome and subversive communications.

That is exactly what happened with the Comodo Affaire in which some fraudulent certificates were issued by the Comodo Certificate Authority, exploiting a vulnerability of a couple of Italian affiliates (sigh!) globaltrust.it and instantssl.it allowing to issue a legitimate signed certificate on behalf of any requesting entity. This vulnerability was used in order to issue rogue Certificate Signing Request (CSR), that is false request to obtain legitimate SSL certificates for the following web sites:

  • login.live.com
  • mail.google.com
  • http://www.google.com
  • login.yahoo.com
  • login.skype.com
  • addons.mozilla.org

For those of you, who are not too much practical with Public Key infrastructure and Cryptography, this means that, in simple words, once obtained a rogue certificate one may build a false web site (for instance a false mail.google.com website) to capture precious information normally “traveling” on the web encrypted, for instance username and password of private email. This is called a man-in-the-middle attack.

Since it was discovered that the rogue Certificate Signing Request originated from an ISP located in Iran, an alleged political origin for the attack was proposed, motivating it with the attempt of the Iranian government (enforced by a Cyber Army), to intercept communications and more in general emails and chats belonging to political leaders not “too close” to the positions of Mr. Mahmoud Ahmadinejad (mmhh.. at least for the alleged purpose, to me it reminds Operation Aurora, doesn’t it?)

Now, it looks like that a lonely ranger Iranian hacker, not belonging to any army, claimed the to be the only author of hack (at this link the complete history and a detailed analysis of the event). Probably a real Iranian involvement will not ever been confirmed, but to me, the doubt that this action was planned to stop the mobile warfare remains intact. Otherwise I would not be able to understand why only certificates related to secure communication methods were affected, often used by dissidents to organize protests and share news with the world.

Corps of (Network and Security) Engineers

March 29, 2011 7 comments

A couple of posts ago, in the article “Tweets Of War”, I discussed about the possibility to use consumer mobile devices and Internet connectivity as a kind of weapons, for instance to tweet the positions of enemy troops in order to address allied bombs as did, for instance by some rebels in Libya (simply go to twitter.com and issue a search for the tweets by #LibyanDictator.

Of course this fact raises the question of the importance of internet connectivity during military actions, and, as a consequence, also of the importance of information security, which may not be limited to “simple” message encryption: as an example, referring to the above mentioned example, we cannot authenticate tweets so we may not exclude a priori that they are spoofed tweets in order to drive the allied bombs towards the wrong target (we might always think to authenticate them with a Comodo Certificate!).

As a matter of fact, maintaining the internet connectivity has become a primary priority, that is the reason why U.S. army, for instance, is thinking to implement appropriate technologies and countermeasures in order to maintain or restore Internet connectivity during military actions. Times change and I would almost say that what was once considered the corps of engineers, today, in a mobile warfare, should be called  Corps of (network and security) Engineers. What the Corps of Engineers do in the real battlefield (build connections and bridges), the Corps of (network and security) Engineers do in the Cyber-battlefield (build internet connections and connectivity bridges).

Strictly speaking, why maintaining the Internet Connectivity is so important? Of course, the main reason is for the purpose of propaganda in terms of “evangelism to the cause”, gathering of the faithful, and why not, foreign public involvement.  We have seen  so far, how much has been important (and keeps to be important) for the winds of change blowing in the Maghreb, the role of mobile technologies and social networks, at the beginning for spreading the movements (also beyond the boundaries) and then to bear witness to the World of what was really happening, in all the cases playing a crucial role for the advent of the Odissey Dawn operation (while I am writing, you only need to go to Twitter for being spectator of the dramatics occurrences in Libya: from the reporting of events to requests for help, doctors, etc.). This role is much more important during the military operations where, typical case, both parties claim real or alleged success in combat operations, or provide each other the responsibility for civilian casualties.

But a closer look shows an even more important factor, apparently secondary, but probably potentially decisive in a situation similar to the one occurring in Libya where you are fighting a civil war between rebels and loyalists. In a similar context the Internet may play a primary role for conveying PsyOps messages, not only to encourage citizens to join the protests, as it is happening in Syria, where Facebook is being used to gather followers to revolt; but also for opposite purposes convincing rebels to disarm and return back to their families without further bloodshed. This does not sounds new since such a similar operation had been attempted from the Egyptian Government (actually with a tragicomic outcome) by overtaking the main mobile operators and flooding their mobile subscribers with propagandistic messages which were supposed to encourage the younger people to support the falling government and abandon the protests (a complete report at this link in Italian). One might say that this is not a new concept (read for instance the following article issued in 2001), the difference is that, in 2011, both the transmission technologies and, most of all, the reception technologies (read mobile devices) are much more sophisticated and spread making this kind of operation really effective if compared to how it could be ten years go.

Of course there is a further dramatic question to be addressed for psyops messages propagated through the Internet, and it is the one pertaining to information security, some aspect of which I have already addressed in this post. On one hand, whatever message is transmitted through the Internet may be suitable to man-in-the middle attacks and hence hacked if not properly secured throughout the propagation process: hacking in this case would correspond, for instance, to alter, if not invert, the content. What if the above mentioned tweets were spoofed providing false coordinates? Maybe am I flying with the fantasy if I say that the authors could have negotiated a priori with the recipients some predefined semantics with which to transmit the messages.

On the other hand, it is likely that the Corps of (Network and Security) Engineers will not have to worry about only to establish and maintain the internet connectivity in military operations, but also to face, in a cyber-battlefiedl, enemy malware weapons and/or jamming of Denial-Of-Service tools specifically conceived to attack psyops sources at the root (it is appropriate to say!) in order to make them unusable. In any case, they will not have to underestimate in any way  the impact of hacking from a psyops perspective (in favor or against, (just think of echo raised from the recent  Libyan TV hacking).

Mobile Warfare in Syria

March 27, 2011 8 comments

Sources report that last week 150 people were killed during the protests against president Bashar al-Assad in Syria. Also in this circumstance, as already happened in Tunisia, Egypt and Libya, the world is witnessing to the protests thanks to the hundreds of citizen reporters equipped with their mobile devices and Internet connections.

The mobile warfare is acting in these countries too: as a matter of fact the tweets allow to follow the protests in real time, by mean of continuously up-to-date short messages, while Facebook allows the spread of the movements throughout the Nation (and not only): the blue social networks calls to join the revolution, by mean of continuously increasing groups, the largest of which The Syrian Revolution 2011, currently counts more than 90.000 supporters. In the same time, more and more videos shot by mobile devices are flooding YouTube.

In a certain sense it looks like the Middle East is playing a global Risk board game, whose troops are represented by mobile devices, whose effects on the social landscape effects on the social landscape have no geographical boundaries, especially for those governments that restrict the civil liberties of their citizens. This global Risk match is far from the end, since the invasion of the Mobile Warfare (and its effects for the governments)  is also happening in Yemen and Bahrain, which are suffering similar outbreaks of protests. It is interesting to notice that all the peaks of the revolutions were spaced, in a time scale, by approximately one month:

  • Tunisia, Jan 14th 2011: president Ben Ali ousted;
  • Egypt, Feb 11th 2011: president Mubarak stepped down;
  • Libya, March 19th 2011: after two weeks of fight Operation Odissey Dawn begins

If we perform a kind of extrapolation, does this mean that peaks of the protest in Syria and Jordan will reach the maximum at the half of April?

Mobile Warfare spreading into Middle East

Speculation aside, as far as Syria is concerned, what is happening is following the same pattern advised in Maghreb area with the only difference that, so far, Syria did not decide to disrupt the internet connection in order to stop the stream of information towards foreign countries.

From a political and social perspective, all the involved countries have too many aspects in common: long-living governments (in Syria the al-Assad Dynasty governed continuously for 40 years, which become 42 in case of the monarchy of Bahrain), younger generations with no dream and trust on future, eager for more freedom. Most of all, younger generations which have access to internet connections and social networks (I was in Syria for work three years ago and can confirm that, even then, the penetration of internet, mobile technologies and social network was well established), through which they may observe, study (and compare), the (apparently) better conditions of their occidental peers.

I think the process is irreversible, and indeed is likely to increase (Saudi Arabia, Iran and Iraq will probably be suffering other outbreaks in the middle term). Meanwhile will be interesting to notice if the involved governments will apply preventive measures, on large scale, for instance the disruption of the Internet connections, or targeted specifically on mobile devices or preventing to reach the social networks for sharing tweets, groups or videos…

Tweets Of War

March 24, 2011 4 comments

In a recent post, I discussed the influence and the role of (consumer) mobile technologies and social networks (“Mobile Warfare”) in the events that are changing the political landscape in the Mediterranean Africa, coming to conclusion that they are setting new scenarios which will have to be taken seriously into consideration by all those governments which still put in place severe limitations to human rights.

To me, “to be taken into consideration” means that all those governments will have to deploy “extreme measures” (hopefully less extreme than completely unplugging the Internet connection as already done by Egypt and Libya) in order to prevent mobile technologies from acting as catalyzers for the protests and also from turning common citizens into real time reporter for the most powerful magazine ever issued: the social network). More realistically these measures might include threats specifically targeted for mobile equipment involving hacking techniques commonly known in the infosec arena, such as Distributed Denial Of Service, or also malware aimed to alter the normal functioning of the devices.

On the opposite Site is also clear that modern army will also deploy “unconventional weapons” targeted to maintain Internet connectivity during military operations, mainly for PSYOPS purposes (or at least I was supposed to believe so). As a matter of fact the tweets, pictures, and videos shot from mobile devices during the dramatic days in Tunisia, Egypt and Libya had a dramatic impact on the foreign public opinion. In Tunisia and Egypt the dramatic images shot  from mobile devices contributed to create the international pressure which led to the fall of their respective governments; in Libya, they acted as an accelerator for the definition of “No Fly Zone” and the consequent “Odissey Dawn” operation.

But there is also another point which makes more and more important to maintain Internet connectivity during military operations and is not simply related to PSYOPS, rather than to real military operations. A simple screenshot of twitter may give a dramatic evidence of this, simply searching the #LibyanDictator term.

It looks like twitter was used by rebels to provide NATO with coordinates of the enemy forces.

More in general, think to have a Mobile device with a GPS, and an Internet Connection, and you may “simply” pass the coordinates of the enemy troops to allied forces…

On the opposite front: think to make mobile devices unusable or, worst case, to alter their GPS with a malware and you may avoid to pass precious information to enemy, or worst, provide him with false coordinates (and watch him bombing his allies in few minutes)…

Probably I am going too much far with my imagination, anyway is clear that war strategists will have to become more and more familiar with virtual (that is made of bit and bytes) mobile (and social networks) battlefields.

Mobile Warfare

March 23, 2011 13 comments

It has been recognized that mobile technologies have had a significant impact on the events that occurred in North Africa. In my opinion, their impact was so impressive that I refer to them with the term of “mobile warfare” indicating with this term the fact that they are going to play a crucial role in the (let us hope fewer and fewer) wars of the future.

Since the Wikileaks affaire, and the consequent possibility to convert an Android Device into a Wikileaks Mirror during the attempt to put the main site off-line by mean of massive DDoS Attacks, it was clear to me that Mobile Technologies would have played a very important (never uncovered before) role in 2011, not only in Hacktivism, but, more in general, in human rights related issues.

I had a dramatic confirmation of this role during the Jasmin Revolution in Tunisia, where mobile technologies made every single citizen a reporter, capable of sharing in real time with the rest of the world information such as images, videos and  tweets pertaining the dramatic events happening inside the country.

But it was with the #Jan25 and #Egypt tweets that the World discovered for the first time the power of the mobile warfare.  In those dramatic days every single person of the planet only needed to access her Twitter account in order to become a virtual witness of the events; dramatic facts reported in great detail by hundreds of extemporaneous reporters “armed” only with a Smartphone, and made available in real time to the rest of the world thanks to the “six degrees of separation allowed by Social Networks”. The strength and the impact of this mobile warfare were so huge to force the declining Egyptian Government to shut the internet off for several days starting from January, the 27th.

Can we really understand what does it mean for a country to shut the Internet off? As single persons we are so used to the Web that we could not resist a single hour without checking the status of our mates. But for a country, an Internet connection disruption means a nearly complete stop for all economic and financial activities, including banking, trading, and so on. The only fact to have enforced such a dramatic decision (and the upcoming consequences) is particularly meaningful of the threat led by the Mobile Warfare and perceived by the Egyptian Government. But to have a clear understanding, we must also consider the fact that, at the same time, also the Egyptian Government tried to unleash the power of the mobile warfare with its clumsy attempt to stop the revolution by broadcasting Pro-Government SMS, thanks to country’s emergency laws, causing the following protests of Vodafone.

And what about Libya? I have a direct experience since I was in Tripoli for work at the beginning of last February (so one month and half ago even if it looks like a century has passed since then). I was not even completely out of the finger leading me from the aircraft to the airport facility, that I was impressed in noticing so many Libyan pepole playing with their iPhones. Since I just could not help thinking  to the Egyptian situation, I asked to some of them if they had the feeling that something similar to Egypt could happen in Libya. Guess what they answered? They all simply agreed on the fact that, due to the different economic and political situation, it was impossible! Of course the point is not their answer rather than the fact that I was surprised to see so many smartphones (ok we are speaking about the airport which maybe is not so meaningful in terms of statistics) and more in general so many devices capable to provide an high level internet user experience (even if with the bottleneck of the local mobile networks) and be potentially used as a mobile warfare.

That event was just a kind of premonition since, a couple of weeks later, during the first days of the protests, and in particular during the reaction of the regime, smartphones and social networks once again played a leading role, allowing the world to witness in real time those dramatic events with a spreading rate unknown before. For the second time, approximately three weeks after Egypt, a country decided to disconnect the Internet in order to prevent the spread of information via the Social Networks. This time it was Libya’s turn, which decided to unplug the Web on February, the 18th. Once again the power of the mobile warfare was unleashed, disconnecting a country from the Internet in few minutes (how long would a real army have taken to do a similar sabotage?).

Is mobile warfare the cause or effect?

We must not make the mistake to consider the mobile warfare as an effect of the movements raised first in Tunisia, than in Egypt, and finally in Libya. Mobile warfare is simply the cause, since it is just for the action of mobile warfare that events could spread rapidly inside a single country, and later among different countries (in both cases with an unprecedented speed), encouraging other people to follow the example and acting, in turn, as a powerful catalyzer for the movements. As an example, consider the following article, which in my opinion is particular meaningful: it shows the Middle East Internet Scorecard, that is the dips of Internet connections registered in different countries belonging to Middle East in the week between February 11 and February 17 (that is when the social temperature in Libya was getting extremely hot): one can clearly recognize a viral spread of the “unplugging infection”.

What should we expect for the future?

Mobile Warfare has played and is still playing a significant role in the wind of changes that are blowing in North Africa.  Thanks (also) to mobile technologies, people (most of all students) living in countries where human rights suffer some kind of limitations, have the possibility to keep continuously in touch with people living in different countries, learning their habits, and, in turn being encouraged to “fight” for achieving (or at least for attempting to achieve) a comparable condition. This revolution is not only technological but it is most of all cultural since it is destroying all the barriers that kept many countries separated each other and that allowed many population to live (apparently) in peace simply because they completely ignored the existence of a world outside: we could consider this as the equivalent of the old infosec paradigm (Homeland) Security Through Obscurity”.

At the opposite side, it is likely that all those Governments, having a peculiar idea about what human rights are, will deploy some kind of countermeasure to fight the mobile warfare and its inseparable companion: the social network. I do not think that completely preventing the use of mobile technologies is an applicable weapon, since they became too many important for a country (politics, economics, finance, etc.): nowadays each kind of information flows in real time, consequently no country may allow to go slower.

Moreover,  for the reasons I explained above, the Internet disconnection is not a sustainable countermeasure as well, since no government in the world may allow to be cut-out for too long, in order to simply prevent people from tweeting or sharing ideas or videos on social networks. Even because, for instance, U.S. has secret tools to force Internet in case of disruption, which include the Commando Solo, the Air Force’s airborne broadcasting center, capable to get back to full strength the Wi-Fi signal in a bandwidth-denied area; satellite- and nonsatellite-based assets that can provide access points to get people back online; and finally cell towers in the sky, hooking up cellular pods to the belly of a drone, granting 3G coverage for a radius of a few kilometers on the ground would have 3G coverage underneath the drone. Would be interesting to verify if any of these technologies are currently being used in the Odissey Dawn operation.

For all the above quoted reasons, according to my personal opinion the countermeasures will aim to make unusable the resources of information collection (that is mobile devices), and the resources of information sharing (that is social networks).

So this new generation of Cyber-warfare will involve:

  • A preventive block of Social Network in order to prevent whatever attempt to preventively share information. For the above quoted reason a total block will damage the whole economy (even if I must confess a preventive block of this kind will be quite easily bypassable by external proxies);
  • A massive Denial of Service for mobile devices through massive exploit of vulnerabilities (more and more common and pervasive on this kind of devices), through massive mobile malware deployment or also by mean of massive execution of mobile malware (as, for instance, Google did in order to remotely swipe the DroidDream malware). Honestly speaking I consider the latter option the less likely since I can easily imagine that no manufacturer will provide cooperation on this (but this does not prevent the fact that a single country could consider to leverage this channel).
  • Spoofing the mobile devices in order to make them unreachable or also in order to discredit them as source of reputable information.
  • A “more traditional” Denial Of Service in order to put Social Networks offline (even if this would need a very huge DDoS due to the distribution of the resources of the Social Network providers.

In all the above quoted cases would be legitimate to expect a reaction, as done for instance, by the infamous Anonymous group.


Get every new post delivered to your Inbox.

Join 2,705 other followers