Category Archives: Technology

Government, History, Intelligence, Israel, Lebanon, Middle East, Technology

Hezbollah’s indignant fury

MIDDLE EAST

THE terrifying attacks this week on thousands of pagers operated by Hezbollah across Lebanon is being perceived as the Pearl Harbour of the 21st century.

When the Japanese Navy Air Service bombed Pearl Harbour in 1941, their aim was to knock out America’s air power in the Pacific and prevent the US from joining the Second World War.

But, as history shows, they achieved precisely the opposite. Roused to indignant anger, the American public were instantly committed to the Allied cause – and Japan found itself facing a new and mighty enemy.

The operation carried out against Hezbollah and the Lebanese was spectacular on its own merits (despite the wickedness of the attacks) – with at least nine fatalities and more than 3,000 seriously injured.

Yet its wider significance is certain to resonate in the months and years to come.

If Israel, like Imperial Japan before it, thought this massive attack would serve to dissuade Hezbollah’s fighters from entering a full-scale war with the Jewish state, many should fear they will be disappointed.

Already the Islamists will be plotting their revenge – and Israeli PM Benyamin Netanyahu has been locked in talks at his defence ministry’s HQ in Tel Aviv over how to respond to a potential escalation.

Critically, however, many will be asking how did Israel actually achieve this?

There are several competing theories. The Israelis could have planted old-fashioned booby traps in the thousands of pagers – which are said to have been delivered to Hezbollah fighters only in recent days.

More likely, is that the pagers were pre-loaded with a sophisticated computer virus that caused them to deliberately overheat, resulting in their lithium batteries catching fire.

This is a known risk of the batteries used in many electronic devices – and is part of the reason why airlines refuse to let passengers carry laptops in their checked luggage.

In whatever way Israel carried out the operation, it’s ironic that Hezbollah’s militants only recently swapped mobile phones for pagers in the belief that they were more secure.

Famously, mobiles carry GPS software that allows the devices – and therefore their users – to be tracked anywhere in the world.

A few weeks ago, Hamas’s political chief Ismail Haniyeh was hunted to a guesthouse in the Iranian capital of Tehran – and eliminated. Experts believe his assassination was possible only because his phone was being tracked.

The truth is that Israel excels at precisely this kind of warfare. Decades of facing down hostile neighbours that vastly outnumber its own citizens has led to the embattled Middle East developing a fearsome array of sophisticated military tools, from nuclear missiles and tanks to cyber-weapons.

Combined with this is the ruthlessness of its famed secret intelligence agency, Mossad, in tracking down and eliminating its enemies, from the perpetrators of the Munich Olympics massacre onwards. As we have seen, Mossad always gets its man – or men – in the end.

So, what comes next? If reports are right, and one in 30 of Hezbollah’s fighters have indeed been put out of action due to the pager attack, that will present a severe impediment to the group’s operational capability. The leadership will also be asking questions about how to communicate securely with its fighters in future.

With Hezbollah’s military organisation disrupted, the Israelis might decide to invade a portion of southern Lebanon to create a “buffer zone” that could protect civilians in northern Israel from rocket attacks.

Some experts will have concerns about this “contained” approach. For all the brutal ingeniousness of the pager attack, the consequences for regional security could be dire.

Instead, the pager operation is far more likely to be the prelude to another all-out Israel-Lebanon War – with grim consequences for world peace and stability.

Hezbollah’s allies, Iran and Syria, will inevitably be anxious and worried that Israeli intelligence could do the same to them. But even those Arab countries with diplomatic relations with Israel, such as Egypt and Jordan, must now be asking themselves how safe they really are – and whether or not their communication networks are secure. This will weaken Israel’s ability to build friendships in the region.

And there could be consequences for us, too. Western democracies will already be assessing what this novel form of warfare means for them – and how they might be able to copy Israel’s methods.

History teaches us that no new military technique remains a monopoly of its inventor for long. How long before Putin or Xi Jinping works out how to make millions of iPhones around the world burst into flames in the pockets of their foes?

Standard
Britain, Government, Internet, National Security, Politics, Society, Technology

Put social media bosses in the dock

INTERNET AND SOCIAL MEDIA

Intro: Lies and disinformation on social media is fuelling violence and the breakdown of society

The violent thugs and bigots rampaging through the streets of UK towns and cities in the dreadful days since the Southport killing of three young children deserve severe punishment for their appalling crimes.

The giant businesses that enable the lies and exaggerations that fuel the riots should also be in the dock – as should the people who own them.

For the online anonymity they facilitate allows anyone in the world the chance to say anything they want, however incendiary, and to escape responsibility.

Built into the internet from its inception decades ago, anonymity is hugely profitable for tech billionaires, but the horrendous price for this free-for-all is paid by the rest of us: mostly law-abiding, peaceful people who respect the truth. Internet anonymity is the default setting when you set up an email address or a social media account. You can pretend to be anyone, anywhere.

The anarchy and chaos unleashed after Southport highlights the danger. An anonymous account on X (formerly Twitter) called Europe Invasion first spread the incendiary lie that the suspect in the stabbing case was a Muslim immigrant. That post – completely invented – was viewed a staggering six million times.

We have no idea who is behind Europe Invasion, with its relentless and misleading crimes, and doom-laden commentary about ethnic strife. It gives no contact details or any other explicit clues about its funding, staff, location, or aims.

For those who have spent decades dealing with Russian disinformation, it may well smell and look like a Kremlin propaganda outlet in an attempt to sow dissension and mistrust in Western societies – a Russian tactic for many years.

Moscow has unwitting accomplices. Look at the man in charge of X, Elon Musk. A self-declared “free speech absolutist”, Musk closed the departments responsible for dealing with disinformation when he first acquired Twitter. And he has made it far harder to report abuse. The result has been to intensify the toxic mischief coursing through the veins of our democracy.

When Musk took-over the ailing Twitter platform two years ago, accounts with verifiable owners still benefited from a “blue tick” – an award which prevented pranksters and fraudsters impersonating public figures, mainstream media outlets, and businesses. Not any more.

One of Musk’s first moves was to offer blue ticks to anyone willing to pay for them.

That’s why, at a cursory glance, Europe Invasion looks like a regular media outlet – with the “blue tick” stamp of authenticity for which someone, somewhere, has presumably paid. Musk has also lifted the ban Twitter had imposed on such divisive figures as the far-Right firebrand Tommy Robinson who has been blamed for helping fuel violent disorder with his social media posts.

Musk contributes directly to the toxic atmosphere he has helped create. Adding insult to injury he is now embroiled in a war of words with Sir Keir Starmer saying that “civil war is inevitable” in Britain.

The sensible citizens of our land will conclude Musk is not just the wealthiest man in the world, but also the silliest. He knows nothing about this country – and is not ashamed to show it. But among his 200 million followers there will be many who believe him, with untold consequences for this country’s image abroad, and stability at home.

There is even a greater danger to our national security. The internet is the central nervous system of our civilisation, used in everything from finance to health care and transport.

It is horribly susceptible and vulnerable to carelessness (as we saw recently in the massive global disruption from a faulty software update). Yet it is being attacked by malevolent state actors such as Russia and China.

The reason for our plight is simple: greed. Checking identities costs money. So too does nailing lies, running a proper complaints system, and installing proper security.

For the tech giants, it is far simpler to let chaos rip, and watch the profits roll in.

Yet the answer lies in our own hands – and those of our elected politicians in parliament.

As a first step, our regulators and lawmakers should demand that tech bosses immediately remove material that constitutes incitement to riot. Unless they do that, they are aiding and abetting serious crimes.

The tech giants’ titanic lobbying efforts have cowed politicians for years. Curb the internet and you hamper innovation, the argument goes.

But the price now is too high. An American court has just handed down a landmark ruling that the online search giant Google is a monopoly that systematically crushes its rivals.

We need the same spirit here in the UK, with the media regulator OFCOM and the Competition and Markets Authority (CMA) working together to curb the power of these monstrous companies.

They behave like medieval monarchs, treating us as their digital serfs. It is high time to remove their neo-feudal protections and privileges and make them legally liable for the extraordinary harm they do.

Standard
Cyber security, Economic, Government, Internet, Society, Technology

CrowdStrike: The risk is ours

INTERNET SECURITY

THE bleak lesson from the devastating global computer breakdown on Friday 19 July – which grounded flights, crashed payment systems, crippled NHS surgeries and hospitals, disconnected phone lines, and knocked media outlets off air – could have been even worse. With no end in sight, this malfunctioning has been dubbed the “digital pandemic” and has already incurred colossal costs in time and money.

To those unversed in the intricacies of computer technology, the speed and extent of the disaster are almost incomprehensible. Surely, many will say, computer systems should be designed to avoid crashes on this scale at all costs. We would not accept planes, trains, or automobiles that dysfunction so badly.

But the truth is when it comes to computers, we accept inherent levels of risk that would be utterly intolerable elsewhere. The technology companies’ profits soar and, when things go wrong, we – the digital serfs of this brave new world – must humbly accept the cost and inconvenience that our masters inflict on us.

To appreciate the scale and complexity of the problem, consider this thought experiment.

Imagine if we allowed almost every traffic light in the world to be made by the same manufacturer. Worse, imagine that all of them were made with a remote-controlled switch that turned them to red. And – catastrophically – that a simple error at the manufacturer or one of its suppliers could trigger this switch all over the world.

Traffic would be instantly gridlocked on every continent. To repair these traffic lights, technicians would in many cases have to dismantle them and fiddle around in the works.

That, in crude terms, is the story of CrowdStrike in this computer breakdown and collapse. Most computers in the world use Microsoft – which makes the ubiquitous Windows operating platform, as well as Word, Excel, and the Teams video-calling system. Many Microsoft customers also rely on other software – in this case the Falcon Sensor program provided by the cybersecurity firm CrowdStrike.

Security software protects computers from attack, typically by screening incoming data to ensure that it does not include “malware” – malevolent programs that steal data, freeze computers, or scramble their contents.

To work properly, these programs must operate unhindered on our computers, phones, and tablets. And to protect against new threats, they must update regularly – and automatically. In this current incident, one of the automatic software updates from CrowdStrike contained a simple, devastating error. Automatically installing on computers that run Windows, it crashed affected devices, triggering a page containing Windows’s error message – the so-called “blue screen of death”.

The result: the world suddenly had to switch to cash payments and handwritten boarding passes, while shops were forced to shut, medical appointments cancelled, and aircraft at airports grounded.

It is little comfort that George Kurtz, the co-founder and chief executive of CrowdStrike, says he is “deeply sorry”. Fixing the problem will not just take hours, but days or even weeks. At best, computers will need to be switched on and off again, allowing a new update to install. At worst, affected machines will need hours of specialist attention.

Nor will it be any comfort to furious customers around the world that CrowdStrike’s share price has crashed, knocking £10billion off its £65billion capitalised market value.

It could have been far worse.

This does not appear to have been a cyber-attack by a foreign power. Microsoft systems in countries all over the world, including Russia and China, were affected.

Nor was it the work of cyber-criminals. The faulty update did not scramble our databases, leaving us open to ransom demands from crime gangs in return for a key to recover our information.

Nor – unlike many recent cyber-attacks – did it whisk our most precious private information away to the Chinese Communist Party’s spy services in Beijing.

A far worse – and narrowly avoided – cyber-attack earlier this year could have given our enemies the master key to hundreds of millions of computers around the world, enabling them to wreak deadly havoc. Known in tech circles as the “xy” attack, it involved a little-known but ubiquitous program that compresses data to improve efficiency.

This attack, probably the work of Russian spies, was uncovered and stopped by chance at the last minute. And because in the end the damage was minimal, it attracted almost no public attention.

That was a near-miss. Far worse was the SolarWinds attack, exposed in 2021. Hackers – almost certainly Russian – bugged an update issued by Microsoft for a widely used program. The targets were Western (chiefly American) defence and other government networks. The cyber raid also exposed data from the U.S. Treasury, Justice, and Commerce departments, and thousands of Wall Street’s top companies.

The internet has become the central nervous system of our civilisation. Yet it was never designed or intended for this. It was built to promote academic cooperation and technological innovation, not global security. It is wide open to abuse by pranksters, fraudsters, and rogue states.

A handful of operating systems and software that updates remotely and automatically create a sitting target.

We would hardly accept such a concentration of risk in other walks of life, especially if we had no control over the decision-makers in such systems, and almost no redress if they made mistakes. With most other products and services, you can sue the provider if there’s a malfunction – and gain additional compensation for any damage caused. Not computers.

Unlike other parts of our technological universe, computers, phones, and software are not sold with proper guarantees. The manufacturers can shrug at their products’ shortcomings.

Buried in the terms and conditions are clauses that exempt the manufacturer from almost all liabilities.

One might well ask how on earth we got to such a parlous state of affairs.

One reason is greed: tech giants like their profits. They lobby hard for their privileged status, just as they do for the right to sell our attention to online advertisers – and to resist demands for proper age verification on social media platforms like TikTok.

But a deeper reason is that we have been naïve and complacent in our headlong embrace of new but untrusted technology. We have prized innovation and convenience ahead of security.

These risks, we were told, were the price of admission to the brave new world of computer wizardry. Maybe. But we are paying heavily for it.

In the case of this cyber meltdown, the culprit was carelessness. But suppose the perpetrator had been some rogue regime, perhaps distracting us at a moment of geopolitical tension?

Imagine that this outage had stopped the trains running, frozen all cash machines and, for that matter, turned all our traffic lights to red – or worse, green.

We would have nobody to blame but ourselves.

Standard