VX Heavens

Bibliothek Sammlung Quellcodes Engines Konstruktoren Simulatoren Zusatzprogramme Links Forum
Minimize
Lesezeichen

Autonomous Mobile Cyber Weapon

Sung Yang
December 1996

[Back to index] [Comments (0)]

Abstract

Cyber soldiers, ones who engage in cyber conflicts, wars, or espionage with hackers' skill and knowledge, are comparable to soldiers or cavalry soldiers with lances, swords, or guns. The capabilities and threat of cyber soldiers have well been known, however, the capabilities, threat, vulnerabilities, and opportunities of the autonomous mobile cyber weapons are yet unknown. Autonomous mobile cyber weapons are a type of computer viruses or other computer organisms that are capable of effectively moving from a source to a specifically defined destination and designed for or usable in cyber wars, conflicts, or espionage. Autonomous mobile cyber weapons are capable of cruising to specific destinations where aimed information or information systems are located and capable of carrying out missions and certain tasks more effectively than the way in which cyber soldiers manually carry out the tasks, and is purchasable, untraceable and multiplying. Implication of the appearance of autonomous mobile cyber weapons is vulnerabilities and opportunities.

Preface

A key theme of the essay is that a novel property cruise will allow AMCW (autonomous mobile cyber weapon) come to existence. For example, a computer virus with the property 'cruise' can be used for defense application. In other words, the computer virus with capacity of cruse that is launched to attack adversaries' computer systems for military purpose autonomously travels to adversaries' computer systems and carries out missions. In this article, discussion of the property 'cruise' is not made, but this article was written based on the conclusion already drawn from the paper 'Behavior Cruise'.

INTRODUCTION

Vulnerabilities of computer systems by intruders (e.g. hackers) are well known. Those hackers who engage in a battle or an espionage in cyberspace are cyber soldiers. Cyber soldiers use particular programs in the battles or espionage. These programs are cyber weapons, such as, critters.

For cyber wars or conflicts, computer viruses or worms have been received great interests from military as computer viruses or worms are mobile and autonomous, and has nature of anonymity and cheap and easy to make. (We often use the term 'virus' as representing the entire computer organisms, which include viruses, worms, and virus-worms) However, military applications of computer viruses are somewhat no progress. However, it is still considered as a kind of cyber weapon to be used by cyber soldiers. Cyber soldiers intrude adversaries' computer systems and plant a destructive program, whether virus or trojan horse.

The primary and critical function that viruses was lacked in defense application was the ability of cruise from a source to a specific destination, adversaries' computers, by itself. Thousands of viruses have been found, however, none of them have cruise ability. However, the appearance of viruses or other computer organism that have the cruise ability is very likely, and will dramatically change the way waging wars or conflicts in cyberspace.

Autonomous mobile cyber weapons (AMCW) are a type of computer organisms that are capable of cruising to specifically defined or aimed destinations (organizations of adversaries) and carrying out certain tasks such as obtaining, destroying, or manipulating data against adversaries, by itself without assist or control.

AMCWs are powerful and have advantage over cyber soldiers whose tasks are largely depend upon manual operations, sometime tedious and comparatively higher risks in disclosing the identity of cyber soldiers even though disclosures of the identity are not wanted.

The new capability of computer organism, cruise, will revolutionize the way waging wars, conflict or spying in cyberspace.

CYBER SOLDIERS

Hackings, intruding or penetrating, have already shown the feasibility of offensive use, and vulnerability of the existing information systems.1 When these skills, tools and knowledge of hackers are applied to soldiers who engage in wars or conflicts in cyberspace against adversaries, then the solders are called cyber soldiers. In fact, the cyber soldiers' some potentiality has been demonstrated by many incidents of hackers' intrusions. The publicized recent incidents of intrusions (very unfortunately, these intrusion incidents have been committed against legitimate governmental organizations, however, these incidents still gave us lessons) to web servers of CIA, U.S department of Justice and U.S. Air Force showed how cyber soldiers from adversaries would harm or disrupt. However, the incidents do not necessarily demonstrate the real danger posed to critical information and information systems of military, air traffics or financial institutions. These vulnerabilities and opportunities with cyber soldiers potential capabilities will energize to escalate the birth of more systematically trained cyber soldiers, units, and training institutions in every nation. 2

COMPUTER VIRUSES

Computer viruses have been a subject for military application 3 while the feasibility and potentiality of offensive use of them and vulnerabilities have already been known. Future military use of an intelligent agent is also conjectured.4 There may be confusion between agents, computer viruses, web crawling robots, computer programs and cyberships; all these are collectively called programs. [?]

Despite speculation, efforts and expectations in military application of computer viruses, capabilities of military use of computer viruses is very limited or prevented. The matter is not agents or viruses. The biggest obstruction that prevented these programs from being used for offense and a defensive means was the absence of the cruise property 5. Cyber soldiers have to plant viruses on adversaries' computers otherwise viruses wander and spread to all directions than reaching the destination, adversaries' computers, after a virus is released in hope to disrupt the adversary. The chance of reaching adversaries by releasing a virus is consider very low, so cyber solders must plant the virus into adversaries, without cyber soldiers, the virus is meaningless like a lance is mere an object if no solder carries and skillfully handle it. The poor movement of viruses makes it an annoyance than real critical threat and impracticable as a self-contained autonomous mobile weapon in defense. So far, a visible threat is hacking.

Computer viruses, so far, exhibited a number of major properties, reproduction, aiming-at-data, untraceability, self-nonself determination, self-preservation, execution and reaction (or response). These properties except untraceability are subject to execution of viruses. Execution property is that viruses need execution of viruses code in order to be active. If the viruses aren't executed, the viruses are mere stream of binary sequences.6 Reproduction is a behavior in which a program replicates or mutates and it results growth in number of copies or number of different kinds. Aiming-at-data is a property that we can observe among some viruses that manipulating and destroying specific data, which is not necessary to the its growth. The Self-preservation property normally exhibits attempt to avoid detection in order to preserve their existence. Response is yet another property that virus has appropriate reactions to circumstance. Self-nonself determination allows a program to determine self from nonself, however, accurate determination of successors is not guaranteed for a virus that is capable of mutating in large number of different shapes. Untraceability prevents from tracing offender or author or launcher who developer and/or release a (malicious or offensive) program. Combinations of these properties that are shown in conventional viruses prevent or limit military applications of viruses unless cyber solders secretively carry and deliver to the adversaries' computers.

Properties that are expected to appear in near future viruses are self-learning, communications and cruise. Cruise is a type of movement of computer organisms, allowing programs to travel toward a destination, a computer or an organization, from a source 7. The movement is the essential property of AMCWs, and is very desired for offensive use of a program. Self-learning will allow programs to respond to the circumstance and make the program sophisticated and powerful, allowing chance of survival of programs higher. Communication property allows programs to communicate autonomously, without or with self-learning ability, between programs or between programs and a (control) center directly or indirectly. Computer viruses or AMCWs using new properties and more advanced techniques are expected to come into existence. Especially application of cruise and self-learning property to a computer organism, i.e. viruses or worms, will be critical.

We used to believe that viruses tends to grow in number and produce exact copies of itself. We became astonished when this belief became false by observing a tiny digital creature that mutates. It was novel that how a tiny and trivial program can mutate as complex biological creatures do. A virus that mutates was novel in the very early 90s is called polymorphic virus or polymorphic type virus. In few years later, one of our other beliefs had again been smashed. We used to believe that computer viruses aren't transparent in terms of platforms or operating systems that a virus infecting programs 8 on MS-DOS can't infect programs on non-DOS, such as Mac or Unix. Now, all believe that a virus can both infect programs on DOS and programs in Unix or MacOS or other operating system. Simply, all of us didn't understand the simple nature of viruses. What would be next surprises? Some of us still can believe that computer viruses will remain as simple as today in complexities, attributes and its applications (vandalism, hobby, or research). More surprise will come and shatter our faith in viruses and other organisms. (We may be too confident in computer viruses; computer viruses are one of subjects about which we know very little, though some would not agree. )

The most of all, new viruses are the biggest threat to the existing virus detection technology, which requires to be updated constantly in order to detect and deal with new viruses.

Computer viruses won't remain as trivial programs that can be annoyance than a real threat and are all detected by one of our favorable antivirus software before occurring serious damages. Unfortunately, there are a lot space in which virus can grow. Viruses will out grow beyond most of us think today. It's no doubt that viruses will be far more advanced in near future. And novel property like cruise will bring new era to cyber combats beyond vandalism.

AMCW

What if there is a robot 9 that can autonomously travel to an aimed or defined destination, an organization of an adversary, to disrupt and steal confidential information. Is there such a robot that can travel hundreds of thousands of kilometers without being detected and carries out mission and without disclosing the identity of sender of the robot in the case captured? It is possible in cyberspace. What does make it possible is the property cruise, i.e. a type of virus movement. The cruise property will enable viruses and other organisms powerful ever in terms of defense and police use against adversaries and illicit groups. Conventional viruses and other organisms, so far, are able to wander around computers and computer networks and some with some targets such as specific antivirus programs, e.g. removing viral signature data from virus scanners. The Internet worm 10 spreaded and infected hundreds of Unix machines on Internet were also wandered without having specific destinations. Conventional computer viruses also do not have ability to cruise to an aimed or defined destination but wander and spread if ever launched and it will spread in all directions and would be found in everywhere that the viruses could infect. However, the cruise property makes viruses possible to cruise to a specifically defined destination. A virus or any other organism that has cruise property can be launched to attack specific organizations of adversaries. The launched virus with cruise property will secretively cruise and arrive at the destination by itself and carries out given missions. It can try million times until succeeding missions given and without risks or with very little risks of disclosing the identity of the sender or offender, unlike manual operations by cyber soldiers.

Conventional viruses are autonomous and mobile, however, it is very inadequate to be an weapon because viruses wander without reaching to specific targets. It may be appropriate terrorists weapons, nondiscriminatorily destructive. So a virus itself is ineffective to be autonomous mobile cyber weapon but cyber weapons for cyber soldiers who can intrude and plant a virus into adversaries. However, computer viruses with cruise property makes critical difference. Conventional viruses can be a full AMCW with the property, cruise. It can cruise to adversaries without cyber soldiers, but by itself. A virus or other organism has property cruise is called a cybership, especially cyberships designed for or usable in cyber wars or conflicts are called an AMCW. An AMCW is a computer virus or other computer organism that has the cruise ability and designed for or usable in cyber wars, conflicts, or espionage is autonomous and mobile.

Thus, AMCWs are capable of autonomously traveling to a destination, adversary's organization, and obtaining data or disrupt information and/or information systems.

In the myth, our favorable antivirus program can detects all or 99 percent of viruses and other computer organisms such as worms. The belief could be true for viruses that are written by someone's spare time, in a week, day or even an hour, for his/her emotional satisfaction. Since the autonomous mobile cyber weapons are considered a type of viruses, AMCWs can be detectable by an antivirus program, for which we pay less than $100 for its use. However, it's very skeptical that AMCWs that are built or purchased to obtain priceless information or to destroy adversaries information or disrupt information systems are easily detected by our favorable antivirus programs before the AMCWs achieving its missions. Most conventional viruses may be made for one's emotional satisfactions or other personal interests while AMCWs are built and used for survival and win battles. Conventional viruses are neither threatening national security nor serious while AMCWs are serious and threatening.

CYBER SOLDIERS AND AMCWS

Computer intrusions by computer hackers have already been known the feasibility in military application and vulnerabilities in information infrastructure.11 However, the threat and vulnerabilities caused by AMCWs haven't yet been studied and known. The manual operations by cyber soldiers (hacking) can carry out most of missions that AMCWs could achieve. Similarly hacking is replaceable with AMCWs. AMCWs can substitute hacking the way robots replace human workers in factories and gain same products with different productivity. Hackers in cyberwar may be comparable to foot-soldiers with lances, swords or guns while AMCWs may be comparable to robot soldiers as well as autonomous (not remote controlled) military equipments, warships, airplanes, cruise missiles, etc.

In fact, unnecessarily, hacking and launching an AMCW are alternative to each other but also supplementary because both means have many differences. AMCW can assist cyber soldiers and cyber soldiers can also use AMCW as their tool, a cyber weapon. There are difference between hackings and launching AMCWs. Productivity, transferability, morality, number of entity, mobility and traceability are those differences. Achieving same goals by either means take different cost and time, one can be advanced over the other means for certain tasks and circumstances. The techniques and know-how that are attached to hackers are not easily transferred to adversaries, however, know-how and capacity of AMCWs can be shared by both parties as AMCWs are purchasable. Cyber soldiers don't make physical movement in order to penetrate and carry out missions while an AMCW can make trip to destination where targets are located. Hacking are easily traceable than AMCWs as an AMCW is a type of computer organism that is capable of cruise; a virus or other organism has an attribute of untraceability. Cyber solders have intrinsic morality and humanity and are affected by an ethic, and are unlikely against their country, organization to which they belong, family and friends to which they're emotionally attached. AMCWs, by contrast, have no such morality and are not affected by an ethic, and will act upon missions given to accomplish beyond everything. Cyber soldiers are not wounded or killed in a cyber battle so the number of cyber soldiers and capacity of cyber soldiers in a group or unit are remained constant unless more soldiers are added or dismissed. Thus, amount of tasks or missions that cyber solders can carry out is constant and limited. Meanwhile, AMCWs can easily multiply and grow in number as much as needed. An AMCW launched can have hundreds or thousands of different copies that may have same or different missions.

When a virus is an alternative to hacking and hacking is an alternative to virus in a circumstance, one would choose whichever better means. The choice would be made by parties who wage cyberwars or conflicts. However, in general AMCWs are not alternative to hackings and hackings are not alternative to AMCWs but cooperative. Thus, both hacking and launching AMCWs may be required, for offensive and defensive purposes.

VULNERABILITIES AND OPPORTUNITIES

Vulnerabilities of one's information systems by cyber attacks can be opportunities for one's adversary in the time of cyber conflicts. Equally, an adversary's vulnerabilities can be one's opportunities.

Do we need commanders and strategies and units to launch an AMCW? It's unlikely that there are needs of large staffs or expensive equipments or commanders. But all it takes is: purchasing a right AMCW or AMCWs generating software; choosing destinations and targets; and click the button 'Yes', for example, on the following message:

An AMCW that will cruise to ABC organization (destination for the AMCW) for obtaining classified data and randomly altering some of them (target) is now ready to launch. The chance of accomplishment of the mission is estimated 80%. This AMCW can cause tremendous damage and disrupt to the organization or delay functions of the organization when it is launched.
Launching the AMCW? [Yes] [No]

AMCWs can be very self-contained, it can be purchased, just like military buying weapons or someone illegally buying drugs, or weapons, or fire-arms from black markets. An AMCW is a program, can easily be transferred and delivered over computer networks or any other conventional delivery channels to anywhere in the world for the buyers. How do we detect or monitor an AMCW, a computer program, is being delivered or transferred to buyers from developers over illegitimate channels and for illegal purpose. Since AMCWs can be used for legitimate purposes without threatening lives of people unlike conventional weaponry such as missiles, tanks, biological or chemical weapons. (Since cyber weapons, for example, can possibly target to malfunction medical equipments, it is not entirely true that cyber weapons don't threaten to harm or kill people.) Trades, research, developments of AMCWs would not be completely banned. Rather AMCWs would be an important part of legitimate arm-race.

Since AMCWs aren't easily traceable, especially when an AMCW is designed untraceable, it would be impossible to trace complete trails along which the AMCW cruised. As AMCWs are a type of organisms, the some attribute of computer viruses are also applicable to AMCWs. How do we catch one who makes and spreads viruses on purpose? The characteristic of AMCWs allow malicious groups, governments, businesses to launch AMCWs on behalf of them without risks or with very little risks of being caught or being disclosed as an offender or aggressor. Unlike tanks and missiles, AMCWs can have property of untraceability, which allows launcher of AMCWs remain anonymous if desired. A fear of using conventional weapons, such as missiles and nuclear arms, is consequences, counter-attack, diplomatic, and political consequences. When aggressor or offender can remain anonymous, the fear is not applicable any more. Thus, commitment of cyber attacks with AMCWs can largely be depend upon morality of organizations or group of people or even an individual due to absence of the fear.

The number of attacks or attempting attacks by hackers is limited by time and number of cyber soldiers to be working with in a group for a mission. The number of attempting attacks or attacks by AMCWs isn't limited. AMCWs can attempt to attack countless times until succeed or repeating attacks unless all AMCWs are detected and eliminated or malfunctioned. AMCWs grow in number as many as needed from a single copy released by a mouse button, and spread into many different locations and launch attacks for various entries or for targets if already arrived at a destination where targets are located. Single mouse click brings enormous effects that are not comparable to the result brought by manual operations of cyber soldiers.

One mouse click could result pouring bombardments on every targeted adversaries' government or military computers for every month or even every day on the existing security system under which the governments, military, and businesses are being operated.

CYBER REFUGEES

Adversaries are relatively anyone who disagrees or is rival or uncooperative with another can become adversaries. Use of AMCWs can damage adversaries by destroying and altering data or obtaining secretive and valuable data.

Use of AMCWs would not be restricted to defence and surveillance against State adversaries, terrorist, gang, drug cartel, etc. Conflicts between political, religious parties/factions nations, illicit groups, businesses, etc. for law enforcement, defense, offense or on their particular interests. Businesses may enter cyberspace intelligence rivalries, and role of AMCWs would be important. An executive of a U.S. company said "If we're willing to do dirty tricks for the defense part of national security, then why aren't we able to do dirty tricks for the economic part of national security?". 12

Are AMCWs necessary? Should R&D on AMCWs and and trades of them be banned? AMCWs may be somewhat an unfavorable tool for our societies that desire cooperation than confrontation, and morality than wickedness. Can any authority effectively stop producing computer viruses and other intruding computer organisms? AMCWs are a type of organisms that are much more complicated than the conventional viruses that we have already seen. Since there is no way to prevent some nation and organization from developing AMCWs or AMCWs generating tools and selling them, there least must be defense means available. How do we defend or detect AMCWs intruding into private space? The vulnerabilities won't be gone away, may be never, though there would be some means to defend effectively within some degree.

Refugees of cyberwar are those civilians who wedged between nations, businesses and other organizations waging cyberwars with AMCWs and can not defend themselves, are forced to disconnect from computer networks or is unable to use their computers due to fear of attacks, violation of privacy, or denial of services. Those civilians would not be access to sophisticated defense tools to protect their computer systems from being intruded by AMCWs and silently using their computer resources as temporary staying harbors and their privacy is being intruded. Even the wars or conflicts and all the technologies are too complicated to comprehend for those civilians, cyber refugees.

CONCLUSION

Great threats and vulnerabilities that have not been known are the cyber attacks by AMCWs. AMCWs are organisms such as computer viruses that have cruise ability, desgined for or usable in cyber conflicts, wars or spyings. Despite interests in military applications of computer viruses, there has been no progress in its application. It is due to the absence of critical element in a viruses. No conventional computer viruses have capability to autonomously travel to destinations (organizations or computers), where targets may be located. This property made offensive use of computer virus ineffective. However, application of the property, cruise, to a computer program, i.e. computer virus or worm, will allow new era to begin in cyberspace. AMCWs are new and would be severe threats ever known in cyberspace.

Since AMCWs are a type of computer organisms, AMCWs inherit properties of computer organisms. The major properties of computer organisms that are inherited are untraceability, reproduction. New critical property is cruise and another very likelihood property is purchasability. AMCWs or AMCWs generators would be purchasable the way arms are traded legally or even illegally. The AMCWs or AMCWs generators will be ready to be usable by pressing a mouse button after specifying a destination and missions. A nature of AMCWs, untraceability, that eliminate risks of consequences that offender, aggressor, or criminal may face after disclosure of their identity is untraceability. It prevents identifying the one who launched AMCWs. No one would be able to prevent one time friend nations from sending AMCWs on behalf of their economic benefit. And no one would be able to identify who has send the AMCWs, unlike hacking, computer viruses tend not or rarely leaving trail. Reproduction, mobility and cruise properties make AMCWs powerful and superior means over manual operations of cyber attacks. AMCWs can change shapes into large number of different shapes and travel to different locations and launch attacks to intrude or to obtain/destroy/manipulate data, which is target, if already successfully intruded.

These natures that AMCWs can have make AMCWs ideal offensive and defensive tools. Failure to respond to these real threats will be that we will witness frequent attacks, even every day, and disruptions and damages by AMCWs that was launched by mouse buttons of someone who can not be found. One's vulnerabilities are adversaries' opportunities in cyber conflicts. Equally, adversaries' vulnerabilities are opportunities for one who could attack and take advantage of the vulnerabilities.

Information systems are vulnerable by attacks of autonomous mobile cyber weapons, AMCWs. The attack is real threats by which we may become cyber refugees. Many or some naive and powerless citizens and employees may become pawn or refugees in cyber battles.

The novel property of computer virus cruise will revolutionize the way we wage wars and spyings in cyberspace, and will create vulnerabilities and opportunities.

GLOSSARY

cyber weapon
a computer program that is used by cyber soldiers for battle or spying in cyberspace.
ACW
abbreviation of autonomous cyber weapon, a program that is autonomous but mobile is designed for cyberwars.
AMCW
abbreviation of autonomous mobile cyber weapon, a computer organism that is autonomous and mobile, especially capable of cruising and designed for or usable in cyber conflicts, wars or spyings. Computer viruses or worms are consider mobile, however, they're not practical and have no significant threat as weapons, thus programs that don't have property cruise are excluded from AMCWs.
cyber soldier
a person, especially with hackers skills and knowledge, who engages in wars, conflicts and/or spayings in cyberspace. Weapons for the soldiers are computer programs that aid activities of cyber soldiers, such as critters.
cybership
a computer organism that has cruise property is capable of effectively moving from a source to specifically defined destinations.
cruise
a behavior of a virus that moves toward defined destinations along the best route. It is the most efficient movements from a source to a defined destination.

UNIX a registered trademark of AT&T Laboratories.

MS-DOS a registered trademarks of Microsoft Corporation.

MacOS a registered trademarks of Apple Corporation.

More Glossary from http://sungmooyang.org/glossary.html

REFERENCES

Notes

1 A study of on ease of penetration (or tolerance) by computer attackers was discussed, see [SC]. The study on how intrusion could effect ATCCS (Army Tactical Command and Control System)'s functions, command and control by hackers was discussed at [Schwartau 94]. The study is known to be originated from "RFP No: DAAL01-93-R-2900, Closing Data:28 Sep 92. U.S. Army Labcom, Fort Monmouth, NY 07703-5601". Interesting point was that the study used a software to simulate hackers attacks. Focus of study was on what's effect of ATCCS's function after break-in into the computer system than tolerance of intruding. See [Schwartau 94]. This study, like other studies, wasn't aware of attacks by autonomous cyber weapons, i.e. cyberships, but cyber soldiers, i.e. hackers. AMCWs, for example, can attempt to attack in large number of time from many difference locations. Also see [SC].

2 See [ Waller 95] for Inforwar games and infowar officers in U.S.

3 U.S. government had sought military application of computer viruses. Study on military application of computer virus was carried out by a military contract in 1990. The contract was specifically to study feasibility of carrying out computer virus into adversary by air. Half a million dollar was known to be granted for the study project. See [Schwartau 94] Page 253-254. According to Brendan O'Loghlin, Australian air vice marshal, at the Infomation Warfare Conference held by National Computer Security Association in 1996, computer virus could be used to disrupt adversaries' information systems. (Source: Defense News magazine, September 8-15 issue.)

4 See [Libicki 95]

5 See [Yang 96]

6 A computer virus needs a target program, stored on rewrittable storage mediums and execution by an interpreter or a processor, whose instruction set or language and the form of the program are known to the virus. Also see [Yang 96 O]

7 The military application of computer viruses may have long been sought, however, the biggest problem for the application was believed to be the inability to cruise from source to destination. The recent research showed the feasibility of cruise. It means AMCW is possible or virus with cruise ability can become AMCW. See [Yang 96]

8 See [Yang 96 O] for more about computer programs.

9 See [Toffler 93] page 108-117 for more about robot and military use.

10 See [Spafford 88]

11 See [SC] and [Waller 95] for vulnerability of information security by hacking.

12 Robert Kohler , an executive of TRW Inc., also, said that "We consider ourselves in an economic war, and we consider that we're not getting all that much help," "The other countries have clearly gone through this thought process and decided it's a good idea.", according to Reuter (WASHINGTON), 23 September 1995.

[Back to index] [Comments (0)]
deenesitfrplruua