Just a couple of months ago, in writing the first post about Mobile Warfare (which should have later become Consumerization of Warfare) I expressed some considerations about the growing need for illiberal government to prevent the use of mobile devices as preferred media for the rioters to capture live images of the events, and to spread the information all around the Globe by mean of Social Networks.
Cutting off the Internet has been the first clumsy countermeasure applied by Egypt and Syria, but it is really unlikely that this kind of massive preventive block will be applied again by other countries because of the huge dependence of Internet, which characterizes our epoch, and consequently, as a collateral damage, would stop other vital activities.
As a consequence, I hypothesized that possible future countermeasures will aim to make unusable directly the source of information (read mobile devices), and the media for sharing them (read social networks), relying upon a new generation of Cyber-warfare among which:
A massive Denial of Service for mobile devices through massive exploit of vulnerabilities (more and more common and pervasive on this kind of devices), through massive mobile malware deployment or also by mean of massive execution of mobile malware (as, for instance, Google did in order to remotely swipe the DroidDream malware). Honestly speaking I consider the latter option the less likely since I can easily imagine that no manufacturer will provide cooperation on this (but this does not prevent the fact that a single country could consider to leverage this channel).
No manufacturer will provide cooperation on this? Maybe… Too many times reality surpasses imagination, and when it comes to reality that surpasses the imagination, then surely it comes from Apple. This time, unfortunately, not in the sense that we’re used to (admiring products years ahead of the competition, which previously did not exist not even in our imagination), but in the sense that a patent recently filled by Apple could implicitly provide cooperation for illiberal governments to prevent smartphones to take live images of protests.
It looks like that Apple is Apple is developing software that will sense when a smartphone user is trying to record a live event, and then switch off the device’s camera (only the camera, the other functions will not be affected) by mean of infrared sensors directly installed on the device. The real reason is probably the need to prevent concertgoers to post footage of events on YouTube or other similar sites (at the expense of the organizers which sometimes sell sell their own recordings of the events), which could potentially allow Apple to negotiate better conditions with labels when dealing for placing music on sale on iTunes (and could also potentially provide another source of revenue by charging people to film live events).
But besides commercial considerations, there is another important aspect (a collateral damage I would say). The events of recent months have shown us that the concerts were not the only places where the phones have been used to capture live images. In North Africa and Middle East they have been used to document repression and illiberality. But what would have happened if this technology had really been developed? Probably it would have limited the effect of the winds of change in Tunisia, Egypt, Syria and Libya, since Mobile Devices (and their cameras) played (and are playing) an important role to witness the real entity of the events.
Imagine if Apple’s device had been available to the Mubarak regime earlier this year, and Egyptian security forces had deployed it around Tahrir Square to disable cameras just before they sent in their thugs to disperse the crowd.
Would the global outcry that helped drive Mubarak from office have occurred if a blackout of protest videos had prevented us from viewing the crackdown?
This is more than speculation. since thousands of cellphone cameras in the Middle East and North Africa have been used to document human rights abuses and to share them with millions via social media. I went in Libya approximately a month before the beginning of the revolution and I was astonished by the number of iPhones noticed over there.
This is more than speculation also because the role of mobile technologies for the above mentioned events has been recognized also by Mr. Obama during his speech on Middle East.
As correctly stated, Smartphones like the iPhone and Droid are becoming extensions of ourselves. They are not simply tools to connect with friends and family, but a means to document the world around us, engage in political issues and organize with others. They literally put the power of the media in our own hands.
Apple’s proposed technology would take that power away, that is the reason why the community is moving in order to urge Steve Jobs to pull the plug on this technology.
- Consumerization of Warfare (paulsparrows.wordpress.com)
- Mobile Warfare (paulsparrows.wordpress.com)
- Now Apple wants to block iPhone users from filming live events with their smartphone (dailymail.co.uk)
- Is Apple Launching a Pre-emptive Strike Against Free Speech? (huffingtonpost.com)
- Apple’s bizarre patent (openmobile.posterous.com)
According to a NYT article, this is exactly what the Obama Administration is doing, leading a global effort to deploy a “shadow” Internet and an independent mobile phone network that dissidents can use against repressive governments that seek to silence them by censoring or shutting down telecommunications networks (as happened in Egypt and Syria).
More in detail the above mentioned effort include secretive projects to create independent cellphone networks inside foreign countries, as well as an “Internet in a suitcase” prototype, financed with a $2 million State Department grant, which could be secreted across a border and quickly set up to allow wireless communication over a wide area with a link to the global Internet. In a sort of 21st century version of Radio Free Europe relying on a version of “mesh network” technology, which can transform devices like cellphones or personal computers to create an invisible wireless web without a centralized hub
If one puts together the pieces of the puzzles of the last events, one clearly realizes that the ingredients were already on the pot and now are being mixed in the right dosage for a recipe of freedom.
On the other hand the importance of the Internet Connectivity (in terms of presence or absence) in War Zones is unquestionable. And this is brilliantly shown from the fact that we are getting more and more familiar with the shutting down of Internet connectivity as a clumsy attempt carried out by some governments for preventing the spreading of unwelcome information and the consequent use of Social Networks for propaganda, PsyOps or real War Operations. Of course I already talked about special groups of US Army, which I dubbed “Corps of (Networks and Security) Engineers” dedicated to maintain Internet connectivity in war zones by mean of 3G or Wi-Fi drones. It looks like I was only partially right since the reality seems much closer to a spy novel featuring special agents equipped with Internet suitcases rather than soulless drones equipped with antennas.
Same speech for mobile technologies: United States officials said, the State Department and Pentagon have spent at least $50 million to create an independent cellphone network in Afghanistan using towers on protected military bases inside the country in order to offset the Taliban’s ability to shut down the official Afghan services. More recently, a similar action was performed in Libya, with the hijacking of the Libyana Mobile Operator Network to be used by rebels groups to communicate between them. Clearly these were not episodic cases but the first examples of a real mobile warfare strategy aimed to maintain mobile connectivity (videos shot with mobile phones are a point in common of all the protests in Maghreb and Middle East) without clumsy actions such as the smuggling of Satellite Phones in Syria.
In light of these facts, Mr. Obama’s speech on the Middle East on May, the 19th assumes a new meaning and a deeper analysis shows that some prodromes of this strategy were already announced, even if in a hidden form:
Cell phones and social networks allow young people to connect and organize like never before. A new generation has emerged. And their voices tell us that change cannot be denied…
In fact, real reform will not come at the ballot box alone. Through our efforts we must support those basic rights to speak your mind and access information. We will support open access to the Internet.
Open support to Internet… Even if closed inside a suitcase…
- Shadow Internet: Secret U.S. Effort Reportedly Aims To Help Dissidents (huffingtonpost.com)
Today President Obama held his speech on the Middle East announcing a new strategy (and new investments) for the Middle East aimed to encourage the process of Democratization in place. I gave a look to the entire speech and noticed some assertions particularly meaningful which implicitly admit the crucial role that new technologies played in the past months (and will probably play into this kind of new Middle East Mashall Plan) as triggers (and drivers) for backing the fights for human rights.
I used the term Mobile Warfare to stress the role that (consumer) mobile technologies and social networks played in the events that changed the social and political landscape in the Mediterranean Africa and more in general in the Middle East, coming to conclusion that the impact of these new technologies is defining a new democracy model which will have to be taken seriously into consideration by all those governments which still put in place severe limitations to human rights.
So, I was definitively not surprised when I noticed this assertion on Mr. Obama’s speech:
… But the events of the past six months show us that strategies of repression and diversion won’t work anymore. Satellite television and the Internet provide a window into the wider world – a world of astonishing progress in places like India, Indonesia and Brazil. Cell phones and social networks allow young people to connect and organize like never before. A new generation has emerged. And their voices tell us that change cannot be denied…
Which implicitly admits the role of Mobile Warfare: strategies of repression and diversion will not work anymore and the weapons to fight repression are just Cell Phones and Social Networks with which young people (usually most involved in the protests) can connect and not only organize life like never before but also realize that there is a world outside the window… On the other hand, particularly in case of Egypt, Social Network literally played a primary role in the protest, since one of the leaders was Mr. Wael Ghonim (expressly quoted by Mr. Obama’speech), a young Google Executive.
And the freedom is not only a matter of elections but also of access to new technologies:
In fact, real reform will not come at the ballot box alone. Through our efforts we must support those basic rights to speak your mind and access information. We will support open access to the Internet, and the right of journalists to be heard – whether it’s a big news organization or a blogger. In the 21st century, information is power; the truth cannot be hidden; and the legitimacy of governments will ultimately depend on active and informed citizens.
This implies that the plan that U.S. and E.U. are going to deploy for the Middle East (a comprehensive Trade and Investment Partnership Initiative in the Middle East and North Africa) will also involve funding aimed to promote the access to new technologies for facilitating the sharing of information (and the conseguent hactivism and psyops operations), a factor which the recent events have shown to become synonym of democracy. Also because, according to Cisco predictions, if in 2010 there were 12.5 billion devices connected to the Internet, there will be 25 billion by 2015, and 50 billion by 2020, and consequently it is really hard to think that filters, blocks and any other form of (social, political and technological) repression in the Middle East will stop this tide.
At the end, the Syrian Government could not resist to temptation and followed the wake of Egypt a couple of months ago: since the Internet is the main culprit for the wind of changes blowing in the Middle East, nothing better than shutting it off intermittently in the areas of Damascus, Hama and Daraa. Unfortunately Syria is only the last example of the crusade led by several countries against the internet, and new related technologies: a complete, impressive, picture may be obtained reading the Freedom on the NET 2011, A Global Assessment Of Internet And Digital Media, which has anlayzed the level of freedom in accessing the Internet and new technologies, and the possible obstacles in 37 countries, including countries such as China, Iran, Egypt (and Italy as well). The report is the prosecution of a previous document issued in 2009 and take into considerations events that contributed to obstacle the Internet access in those countries in the period ranging from 2009 to 2011.
The results are well summarized by the sentence: New Technologies, Innovative Repression.
In particular, the report emphasizes the main role played by the Social Network, stating, among the other things:
The new internet restrictions around the globe are partly a response to the explosion in the popularity of advanced applications like Facebook, YouTube, and Twitter, through which ordinary users can easily post their own content, share information, and connect with large audiences. While mostly serving as a form of entertainment, over the last two years these tools have also played a significant role in political and social activism. In Egypt and Tunisia, for example, democracy advocates have relied heavily on Facebook to mobilize supporters and organize mass rallies. Similarly, Bahraini activists have used Twitter and YouTube to inform the outside world about the government’s violent response to their protests.
It is what I called the Thin Red Line (even if my country probably sits in that part of the line in which these technologies are used for entertainment).
The ways used to control the Internet vary hugely from country to country and include: preventive centralized block of unwelcome contents, total block of Social Networks, access to the Internet only available from Government- controlled sites, threats and arrests to bloggers up to true state-led cybercrime operations such as massive DDOS attacks towards web sites of media not aligned, most of all in periods close to elections.
Among the countries taken into considerations, Thailand, Russia, Venezuela, Zimbabwe and Jordan are considered at Risk, while, in the overall score, computed with a metric ranging from 0 (total liberty) to 100 (total repression) Iran is the country opposing the main obstacles to a free Internet Access with a score of 89. It is undoubtedly in good company of countries like Burma (88), Cuba (87), China (83), Tunisia (81 but before the Jasmin Revolution), Vietnam (73) and Saudi Arabia (70) occupying the bottom positions of this unwelcome ranking.
Approximately in the same days in which this very interesting document was released, the CPJ (Committee to Protect Journalists) released another interesting ranking: The 10 Tools Of Online Oppressors: reversing the order of factors does not change the result, as matter of fact according to the last report:
- Iran, since the disputed 2009 presidential election, has dramatically increased the sophistication of its Web blocking, as well as its efforts to destroy tools that allow journalists to access or host online content, ranking over the top for Web Blocking;
- Belarus (showing a score of 69 in the global assessment), often uses denial-of-service, or DOS, attack to break down opposition sites during the elections, ranking on the top for Precision Censorship;
- In Cuba, Only a small fraction of the population is permitted to use the Internet at home, with the vast majority required to use state-controlled access points with identity checks, heavy surveillance, and restrictions on access to non-Cuban sites. To post or read independent news, online journalists go to cybercafes and use official Internet accounts that are traded on the black market. That is the reason why Cuba ranks #1 for Denial Of Access;
- In Ethiopia a state-owned telecommunications company has monopoly control over Internet access and fixed and mobile phone lines. The country has also invested in extensive satellite-jamming technology to prevent citizens from receiving news from foreign sources gaining the first place for Internet Control;
- In Burma, exile-run news sites still face censorship and obstruction, much of it perpetrated by home governments or their surrogates. Exile-run sites that cover news in Burma face regular denial-of-service attacks, allowing the country to get the crown for Attacks for Exile Run Sites.
- In China Journalists reporting in and about the country, have been victims of spear-phishinging installing malwer targeted to control the Journalists’ computers, in a pattern that strongly indicates the targets were chosen for their work. China is probably the most sophisticated for Malware Attacks;
- Tunisia (under Ben Ali) had a pervasive censorship of email and social networking sites under Zine el-Abidine Ben Ali, gaining the first place for State Cybercrime;
- Egypt (under Mubarak) was the first country to completely kill Internet Switch (suddenly followed by other countries such as Libya, Barhain and Tunisia);
- Syria remains one of the world’s most dangerous places to blog due to repeated cases of short- and long-term detention, ranking #1 for Detention of Bloggers.
- Russia is the country where online journalists have become the latest targets of anti-press violence, ranking #1 for Violence Against Online Journalists.
Some final thoughts
Thought #1: I suggest to my compatriots to read the Global Assessment Of Internet And Digital Media in the sections concerning Italy (score 26). It is a really deep interesting analysis of the factors which affects Internet access in our country.
Thought #2: In all those countries where social networks are not censored, they remain a powerful medium to spread information. According to Twitter spokesman Matt Graves, yesterday:
Twitter traffic spiked to more than 4,000 tweets per second at the beginning and end of President Obama’s speech tonight announcing the death of Osama Bin Laden,” said company spokesman Matt Graves.
This simple sentence, more than ever, explains why the blue twitter canary is so undigested in many countries.
- The Thin Red Line (paulsparrows.wordpress.com)
- Mobile Phones Vs Tanks (paulsparrows.wordpress.com)
- Report Finds Mexico And Egypt No Longer Have A Free Press (huffingtonpost.com)
- Report: Mexico, Egypt no longer have a free press (4mainstreet.wordpress.com)
- Global Press Freedom at Lowest Level in More Than Decade – Voice of America (news.google.com)
Or rather “Tweets like Bullets”… I must confess I was uncertain about the title of this post. At the end the one I chose, although absurd at first view, better describes the role that Mobile Technologies (the so called Mobile Warfare) are playing in the dramatic events of Syria. Only few months ago it would have been absurd to only think to fight a tank with a mobile phone, today, looking at what it is happening in the Middle East (and also to what has happened in the Maghreb), it is an image which goes far beyond the reality, and perfectly describes in few words, much better than any post, the way in which the battles for human rights are being led in the Web 2.0 (or War 2.0) world…
The title of the post came to my mind after viewing this post, which well summarizes the way revolutions are being fought.
And both of them (together with other tweets of the same shape appeared today), are dramatically witnessing, once again more than any post, how deeply the Mobile Warfare is acting in Syria.
Mobile Warfare shows, once more, that modern wars are being fought in real battlefields and virtual battlefields in the same time, and if one considers mobile phones as a new kind of weapons (and social networks as the media to propagate PsyOps), one finds for these new weapons the same patterns used for real weapons. As a matter of fact what happens in real battlefields? It often happens that foreign governments interested in changing the tide of the battle, allocate funding for the revolutions. Instead in virtual battlefields foreign governments spend millions to facilitate the use of the Internet technologies for activists (as I reported yesterday). Moreover in real battlefields close countries to war zones are used to deliver weapons to one of the parties fighting; again in virtual battlefield close countries are used to smuggle “war 2.0” weapons such as satellite phones, cameras and laptops. Not only: while in real battlefields corps of engineers build line of communications, in virtual battlefield corps of (network and security) engineers build line of mobile communications: this happened in Libya with the backing of Egypt and this is happening in Syria with the backing of Jordan which today enhanced the strength of its mobile network to balance the cut-off of yesterday performed by the Government in order to prevent Mobile Communications the Deraa Governatorate.
In the virtual battlefield there are also sabotage actions: how else to interpret the fact that the Syrian government has been forced to postpone the auction of its third GSM mobile licence due to the political uprisings in the country. The story in itself is really interesting, but there is a point in particular which is worthwhile to mention:
Before the protests started, France Telecom, Turkcell and Etisalat were all in the running to bid for the licence. But, at the end of March Etisalat withdrew its offer with France Telecom and Turkcell both removing their bids at the beginning of April.
Etisalat is the UAE Telco Provider which took part to the hack of Colonel Gaddafi’s Libyana Operator providing the satellite feed allowing the Free Libyana calls to be routed. Mobile Warfare has always the same patterns regardless of the country in which it acts.
One last consideration: on top of these thoughts (and these tweets) I could not help thinking about the opposite role that mobile technologies and social network play into different regions of the world. While they contribute to maintain stability (and maturity) in mature countries (even if an excessive usage, most of all from younger generations, tends to make people slave and immature), they are playing a crucial role to enhance the level of freedom and awareness in unstable countries. This is what I called The Thin Red Line which marks the political and social impact of the new technologies into our World constantly moving.
It was exactly a month ago when commenting on the Mobile Warfare in Syria, I predicted a possible peak in the protests for the half of April. Unfortunately I was a (quite easy actually) good prophet even if my prediction was not completely correct since we are now in the second half of the month. The wave is moving and in the last days the situation has plunged: protests are rising and from the “Black Friday”, the day in which the protests reached the peak, sources report nearly 300 victims in the wave of violence which shook the Country.
As usual I am watching with interest the roles that mobile technologies and social networks are playing and I am noticing the same patterns which characterized the revolutions of this beginning of 2011: social networks used for witnessing the events, common persons becoming improvised reporters armed only with their mobile devices (weapons), and governments desperately trying to stop the streams of bits from the hot zones with coarse attempts.
Consequently it is not surprising that many tweets are just reporting (together with the dramatic news of new military repressions) the cut-off of Internet, Mobile Phones and landlines in Nawa (Governorate of Daraa).
Nevertheless, Syrian Citizens keep on witnessing, what is happening and their tweets and updates are shacking the web (and the world): they show the importance and power of Mobile Warfare and the weapons citizens are using are well summarized by this tweet which encloses the essence of the mobile warfare:
The shots of the gun are viewable, for instance on the Facebook Syrian Revolution 2011 page, which is continuously fed with video “shot” from mobile devices. Moreover, in this moment, mobile communications in Daraa are possible only thanks to Jordanian Mobile Networks:
Will it happen an hijacking of the mobile network with the collaboration of a close country as occurred in Libya with the “Free Libyana”? Difficult to say, but for sure some other tweets do not exclude this possibility:
Few seconds after publishing the post I found an interesting information, emphasizing the power of mobile warfare, according to which reports by the “Israeli”, announced yesterday that the United States intends to allocate funding for the “revolutions” through the Internet in the “Arab countries” to help the activists bring about change for their countries.
The information have been mentioned by tge “Jerusalem Post” (but I did not fond any conform so far). According to the latter, the administration of President Barack Obama plans to spend more than $ 25 million to facilitate the use of the Internet through activists who’s governments hinder the use of Internet services.
U.S. Assistant Secretary of State for Public Democracy, Human Rights and Labor “Michael Posner” announced to the newspaper “the current administration believes that democratic change must be emanated from within. “
Wars and battlefield are really changing and the parallelism between real weapons and cyber weapons is getting more and more pertinent strengthening the concept of War 2.0: in the “old” world, foreign enemy countries financed internal rebels providing them weapons; in the new world they learn them how to use internet.
Thanks to Twitter I came across this interesting article from NYT, which further enhances the similarities between cyber-activism and real activism. Exiles drive the revolution allowing the sharing of images and information all over the World. Meanwhile they created a network to smuggle “weapons” inside Syria. Which kind of weapons? Of course satellite phones, along with hundreds of cameras and laptops.
Several say they relied on Syrian businessmen — abroad or in Syria — to finance one of their most impressive feats. After witnessing the Egyptian government’s success in shutting down the Internet and mobile phone networks in January, they made a concerted attempt to circumvent a similar move by delivering satellite phones and modems across Syria. Ammar Abdulhamid, an activist in Maryland, estimated that they delivered 100 satellite phones, along with hundreds of cameras and laptops.
Thanks to this “smuggling” we may listen to the tweets of freedom. The mobile warfare seems unstoppable…
There is a thin red line which links the alleged stability of the so called western world, with the instability of the middle east and it consists once again in the opposite role that mobile technologies and social network play in these two different regions of the world. In few words one might say that these technologies contribute to maintain stability (and maturity) in mature countries, and to enhance the level of liberty and awareness in immature countries.
Few posts ago, I just identified one of the reasons for the instability of the Middle East on the role played by mobile technologies and social networks in feeding the protests in Tunisia, Egypt and Syria, essentially contributing to make the younger middle-east generations aware of the discrepancies between their lease of life and that of their occidental peers, and hence acting as a wind capable of propagating at an unprecedented speed the flames of change raised from the Maghreb. In my articles I referred to the effect of these new technologies as Mobile Warfare.
If, for a moment, I turn my head to look at the West I see an opposite situation, unleashing an opposite role for Mobile Technologies and Social Network which, in this context, differently from Middle East, are contributing to maintain social stability, even in a quite complicated economic situation like is the current European situation (and the last events in Greece, Ireland and Portugal are an evident thermometer of the boiling economic situation in the Old Continent). Of course I would not mind to apply the ancient Roman motto “panem et circences” (bread and circuses), luckily for this scope, our society invented football, anyway even if we do not want to bring in football, there are two other factors which, in my opinion, play an important role for our (in)stability: the wish to catch the last tweet or, even better, the last Facebook status update, but also, for most mature generations, the continual rush to the last techno-gadget.
First of all, the rush to tweets or (most of all) status updates is something which affects primarily younger generations (even if the potential of Twitter is pretty much under evaluated in Italy) but, like it or not, it is something which must be kept under serious considerations.
Of course, there are two opposite ways to read this statement: a negative interpretation could lead to think that younger generations are too much addicted to social networks and mobile technologies to the point of neglecting most important problems, on the other hand a positive interpretation could lead to think that social network and mobile technologies allow to share news and information, making them accessible to a greater audience, in formats comprehensible by (and adapted for) different population groups and heterogeneous levels of culture, contributing to create mature citizens. Of course my scope is not to determine which of the two interpretations is the predominant, rather than to highlight, like it or not, the significant role of these media.
Something similar applies if we move to most (im)mature generations, since, also in this case, Social Networks contribute to share information and (in theory) to spread a most mature approach to Society. For this population group an additional factor is involved and it is represented by the rush to the last techno-gadgets which have become a status symbol: nowadays our iPads, iPhones, Android devices, etc. highlight the role of the individual on the society, in a certain manner as a luxury or sport car does, with the difference that the last Android or iPhone is (at least in theory) much more accessible.
If one analyzes this picture from a more global perspective, one finds that mobile technologies and social networks may be assimilated in every way to real weapons: in immature countries they may be used to fight wars for freedom versus authoritarian regimes (as happened in the near past in Maghreb and as happening in Syria or Bahrain), in the same time they may be used in mature countries by wise governments to maintain order and stability, or, unfortunately, also by subtle governments to reduce population to (psychological) servitude.
We know what it means to use “mobile warfare” to fight wars for liberty versus authoritarian regimes: just watch the news and hear the latest events coming from Libya. Very different is the case of mature countries. In these nations, using these (mobile technologies and social networks) weapons to maintain order or stability corresponds to make a wise use of them to keep citizens informed and to create a common mature awareness, using these weapons to reduce population to (psychological) servitude corresponds to use mobile warfare to distract citizens from real social problems and perform large-scale psyops operations. In theory younger population are the most vulnerable to these kind threats even if I must confess, according to my personal experience, that the use of social network is far less wise by the older age ranges that, in turn, seriously risk to be the most vulnerable to an improper use of new technologies by subtle governements.
In this post I explained that, what I called the mobile warfare (that is social protest driven by mobile technologies and social networks), is rapidly spreading all over the Middle East, apparently with a systematic time scale (so far events in Tunisia, Egypt and Libya have been separated by approximately a month).
Many observers claim that, in the shorter term, Syria and Bahrain could be the next targets of internal protests (last week 150 people were killed in Syria and today the government led by PM Naji Otri has resigned, apparently a quantum shift).
But the wave coming from Maghreb, led by the mobile warfare, seems unstoppable and in the longer term, also Iran and Iraq, the main barriers of fundamentalism, could be affected as well.
Of course, one of the most exciting things of Infosec, is the fact that the reality is always one step ahead of the imagination. As a matter of fact I tried to imagine different ways in which bad guys from totalitarian regimes could prevent mobile technologies and social networks from achieving their scope to encourage citizens to join the protests, including DDoS, Internet connectivity disruption and so on… I could not imagine, however, that one could think to issue rogue certificates for some high profile websites used for email and chat in order, maybe, to intercept cumbersome and subversive communications.
That is exactly what happened with the Comodo Affaire in which some fraudulent certificates were issued by the Comodo Certificate Authority, exploiting a vulnerability of a couple of Italian affiliates (sigh!) globaltrust.it and instantssl.it allowing to issue a legitimate signed certificate on behalf of any requesting entity. This vulnerability was used in order to issue rogue Certificate Signing Request (CSR), that is false request to obtain legitimate SSL certificates for the following web sites:
For those of you, who are not too much practical with Public Key infrastructure and Cryptography, this means that, in simple words, once obtained a rogue certificate one may build a false web site (for instance a false mail.google.com website) to capture precious information normally “traveling” on the web encrypted, for instance username and password of private email. This is called a man-in-the-middle attack.
Since it was discovered that the rogue Certificate Signing Request originated from an ISP located in Iran, an alleged political origin for the attack was proposed, motivating it with the attempt of the Iranian government (enforced by a Cyber Army), to intercept communications and more in general emails and chats belonging to political leaders not “too close” to the positions of Mr. Mahmoud Ahmadinejad (mmhh.. at least for the alleged purpose, to me it reminds Operation Aurora, doesn’t it?)
Now, it looks like that a lonely ranger Iranian hacker, not belonging to any army, claimed the to be the only author of hack (at this link the complete history and a detailed analysis of the event). Probably a real Iranian involvement will not ever been confirmed, but to me, the doubt that this action was planned to stop the mobile warfare remains intact. Otherwise I would not be able to understand why only certificates related to secure communication methods were affected, often used by dissidents to organize protests and share news with the world.
A couple of posts ago, in the article “Tweets Of War”, I discussed about the possibility to use consumer mobile devices and Internet connectivity as a kind of weapons, for instance to tweet the positions of enemy troops in order to address allied bombs as did, for instance by some rebels in Libya (simply go to twitter.com and issue a search for the tweets by #LibyanDictator.
Of course this fact raises the question of the importance of internet connectivity during military actions, and, as a consequence, also of the importance of information security, which may not be limited to “simple” message encryption: as an example, referring to the above mentioned example, we cannot authenticate tweets so we may not exclude a priori that they are spoofed tweets in order to drive the allied bombs towards the wrong target (we might always think to authenticate them with a Comodo Certificate!).
As a matter of fact, maintaining the internet connectivity has become a primary priority, that is the reason why U.S. army, for instance, is thinking to implement appropriate technologies and countermeasures in order to maintain or restore Internet connectivity during military actions. Times change and I would almost say that what was once considered the corps of engineers, today, in a mobile warfare, should be called Corps of (network and security) Engineers. What the Corps of Engineers do in the real battlefield (build connections and bridges), the Corps of (network and security) Engineers do in the Cyber-battlefield (build internet connections and connectivity bridges).
Strictly speaking, why maintaining the Internet Connectivity is so important? Of course, the main reason is for the purpose of propaganda in terms of “evangelism to the cause”, gathering of the faithful, and why not, foreign public involvement. We have seen so far, how much has been important (and keeps to be important) for the winds of change blowing in the Maghreb, the role of mobile technologies and social networks, at the beginning for spreading the movements (also beyond the boundaries) and then to bear witness to the World of what was really happening, in all the cases playing a crucial role for the advent of the Odissey Dawn operation (while I am writing, you only need to go to Twitter for being spectator of the dramatics occurrences in Libya: from the reporting of events to requests for help, doctors, etc.). This role is much more important during the military operations where, typical case, both parties claim real or alleged success in combat operations, or provide each other the responsibility for civilian casualties.
But a closer look shows an even more important factor, apparently secondary, but probably potentially decisive in a situation similar to the one occurring in Libya where you are fighting a civil war between rebels and loyalists. In a similar context the Internet may play a primary role for conveying PsyOps messages, not only to encourage citizens to join the protests, as it is happening in Syria, where Facebook is being used to gather followers to revolt; but also for opposite purposes convincing rebels to disarm and return back to their families without further bloodshed. This does not sounds new since such a similar operation had been attempted from the Egyptian Government (actually with a tragicomic outcome) by overtaking the main mobile operators and flooding their mobile subscribers with propagandistic messages which were supposed to encourage the younger people to support the falling government and abandon the protests (a complete report at this link in Italian). One might say that this is not a new concept (read for instance the following article issued in 2001), the difference is that, in 2011, both the transmission technologies and, most of all, the reception technologies (read mobile devices) are much more sophisticated and spread making this kind of operation really effective if compared to how it could be ten years go.
Of course there is a further dramatic question to be addressed for psyops messages propagated through the Internet, and it is the one pertaining to information security, some aspect of which I have already addressed in this post. On one hand, whatever message is transmitted through the Internet may be suitable to man-in-the middle attacks and hence hacked if not properly secured throughout the propagation process: hacking in this case would correspond, for instance, to alter, if not invert, the content. What if the above mentioned tweets were spoofed providing false coordinates? Maybe am I flying with the fantasy if I say that the authors could have negotiated a priori with the recipients some predefined semantics with which to transmit the messages.
On the other hand, it is likely that the Corps of (Network and Security) Engineers will not have to worry about only to establish and maintain the internet connectivity in military operations, but also to face, in a cyber-battlefiedl, enemy malware weapons and/or jamming of Denial-Of-Service tools specifically conceived to attack psyops sources at the root (it is appropriate to say!) in order to make them unusable. In any case, they will not have to underestimate in any way the impact of hacking from a psyops perspective (in favor or against, (just think of echo raised from the recent Libyan TV hacking).
Sources report that last week 150 people were killed during the protests against president Bashar al-Assad in Syria. Also in this circumstance, as already happened in Tunisia, Egypt and Libya, the world is witnessing to the protests thanks to the hundreds of citizen reporters equipped with their mobile devices and Internet connections.
The mobile warfare is acting in these countries too: as a matter of fact the tweets allow to follow the protests in real time, by mean of continuously up-to-date short messages, while Facebook allows the spread of the movements throughout the Nation (and not only): the blue social networks calls to join the revolution, by mean of continuously increasing groups, the largest of which The Syrian Revolution 2011, currently counts more than 90.000 supporters. In the same time, more and more videos shot by mobile devices are flooding YouTube.
In a certain sense it looks like the Middle East is playing a global Risk board game, whose troops are represented by mobile devices, whose effects on the social landscape effects on the social landscape have no geographical boundaries, especially for those governments that restrict the civil liberties of their citizens. This global Risk match is far from the end, since the invasion of the Mobile Warfare (and its effects for the governments) is also happening in Yemen and Bahrain, which are suffering similar outbreaks of protests. It is interesting to notice that all the peaks of the revolutions were spaced, in a time scale, by approximately one month:
- Tunisia, Jan 14th 2011: president Ben Ali ousted;
- Egypt, Feb 11th 2011: president Mubarak stepped down;
- Libya, March 19th 2011: after two weeks of fight Operation Odissey Dawn begins
If we perform a kind of extrapolation, does this mean that peaks of the protest in Syria and Jordan will reach the maximum at the half of April?
Speculation aside, as far as Syria is concerned, what is happening is following the same pattern advised in Maghreb area with the only difference that, so far, Syria did not decide to disrupt the internet connection in order to stop the stream of information towards foreign countries.
From a political and social perspective, all the involved countries have too many aspects in common: long-living governments (in Syria the al-Assad Dynasty governed continuously for 40 years, which become 42 in case of the monarchy of Bahrain), younger generations with no dream and trust on future, eager for more freedom. Most of all, younger generations which have access to internet connections and social networks (I was in Syria for work three years ago and can confirm that, even then, the penetration of internet, mobile technologies and social network was well established), through which they may observe, study (and compare), the (apparently) better conditions of their occidental peers.
I think the process is irreversible, and indeed is likely to increase (Saudi Arabia, Iran and Iraq will probably be suffering other outbreaks in the middle term). Meanwhile will be interesting to notice if the involved governments will apply preventive measures, on large scale, for instance the disruption of the Internet connections, or targeted specifically on mobile devices or preventing to reach the social networks for sharing tweets, groups or videos…
- 457,295 hits since November 2010
08/13/2011 - My Post on Android Malware Mentioned on Engadget.
04/14/2011 - The Article Smart Grid: L'ultima Frontiera del Cybercrime published on ICT Security Magazine May 2011.
03/14/2011 - Security Summit 2011: Paolo Passeri guest at Round Table "Mobile Security: Rischi, Tecnologie, Mercato"
02/14/2011 - The Article Gears of Cyberwar published on ICT Security Magazine January 2011.
About This Blog
In this blog I express my personal opinion, which does not necessarily reflects the opinion of my organization, about events and news or interest, concerning information security, winking to mobile world and, why not, to some curious personal event.
Every information is reported with its source.
Anyone intending to use information contained in my post is free to do so, provided that mention my blog in your article.
Top Posts & Pages
- List Of Hacked Celebrities Who Had (Nude) Photos Leaked
- 2012 Cyber Attacks Statistics
- 2012 Cyber Attacks Timeline Master Index
- 16-30 April 2013 Cyber Attacks Timeline
- March 2013 Cyber Attacks Statistics
- 2013 Cyber Attacks Timeline Master Index
- One Year Of Android Malware (Full List)
- What is a Cyber Weapon?
- 1-15 April 2013 Cyber Attacks Timeline
- 2011 Cyber Attacks Timeline Master Index
- RT @LastlineLabs: Marco Cova from Lastline talking about hacktivism on Italian TV ow.ly/l8Az6 - 8 hours ago
- RT @lastlineinc: Malware can make itself invisible: in the case of RSA security's breach, malware went undetected for 1/2 year http://t.co/… - 20 hours ago
- RT @gianlucaSB: SMS-based command and control protocols are here ow.ly/l47Ye - 2 days ago
- Skype with care Microsoft is reading everything you write h-online.com/security/news/… - 3 days ago
- How the Syrian Electronic Army Hacked The Onion - Onion Inc.'s Tech Blog theonion.github.com/blog/2013/05/0… - 1 week ago
- @Xyri3 sorry I forgot :) Done! - 1 week ago
- @Xyri3 sure when you want. - 1 week ago
- RT @LastlineLabs: NPR story about new Pentagon report on Chinese intellectual property theft ow.ly/kNdew - 1 week ago
- An interesting novel approach to detect compromised accounts on Social Networks: seclab.cs.ucsb.edu/media/uploads/… - 1 week ago
- 16-30 April 2013 Cyber Attacks Timeline wp.me/p14J6X-2oH - 1 week ago