Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!samsung!zaphod.mps.ohio-state.edu!unix.cis.pitt.edu!dsinc!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw From: brunnstein@rz.informatik.uni-hamburg.dbp.de (Klaus Brunnstein) Newsgroups: comp.virus Subject: (No) Viruses in Irak's EXOCET? Message-ID: <0013.9101151325.AA04099@ubu.cert.sei.cmu.edu> Date: 15 Jan 91 10:23:00 GMT Sender: Virus Discussion List Lines: 94 Approved: krvw@sei.cmu.edu French press (La Liberation) and media reported (Jan.10) in some details that computer viruses could be planted, either in advance or afterwards, in French EXOCET rockets to influence their performance such as to misguide them. Following a report of the German Press Agency (dpa), German media (on Jan.11) were full of reports about "viruses in Hussein's rockets". According to dpa, (unnamed) French computer scientists said: - manufacturers of war material usually implant, "for mere commercial reasons", viruses in exported war electronics to provoke, after some time, faults and "profitable repair work"; - though Irakian weapon computers are "hermetically cut-off from the outside world", computer viruses could be implanted e.g. via "weather data"; - moreover, the built-in computers contain programs which may be triggered remotely; the control system of (French-built) EXOCET rockets could be switched-off from French ships; the only problem would be the mass of weapon computers to be switched-off simultaneously. As usual in events related to malicious code, truth is mixed up with misunderstandings, errors and impossibilities: - the implementation of weapon software makes self-reproducing programs (=viruses) impossible; moreover, it is very im- probable, that such systems may be (re-)programmed remotely; French "experts" with such arguments are non-trustable; - on the other hand, other aspects of "malicious code" may well be present in weapon computers; at least in the test phase, rockets can be destroyed by triggering a self- destruction system remotely; following the well-established principle "never change a running program", such "backdoors" (the proper name for this type of malicious code) could survive the test version; - moreover, French system analysis might well have foreseen scenarios in which to defend against French-made rockets (e.g. EXOCETS); French warships might remotely influence the EXOCET control systems if this remains unchanged by the (Irakian) users of such technology; with equivalent probab- ility, other Western weapon control systems could contain similar self-protection mechanisms (e.g. US' Hawk missiles having been captured in Kuweit) ; - finally, it is well-published (even in non-military period- icals) that and how electronic countermeasures (ECM) may mislead weapon electronics. Some interesting questions following from such "possibilities": - May Irak detect, influence or adapt such weapon software? As software technology is not well-enough developed in Irak (and most part of the Arab world), they probably must rely on foreign experts (as they evidently do in other Hi-Tech areas). - If French EXOCET rockets are remotely controllable: why did the French not warn their "friends" who suffered severe losses through their weaponry (e.g. UK in Falkland crisis, or US in the Iran crisis, see accident of USS STARK)? Did they at least now warn and properly equip their allies in the Arabian desert? For "RISK experienced" experts, it is not surprising that misinformation lives best in threatening situations (such as at the Gulf); apart from general attitudes of newsmedia, computer scientists who nominate their technological constructs (e.g. "self-reproducing programs") in such inadequate terms as "viruses" (see also: "intelligence" etc) are highly responsible for misinterpretation and misunderstanding by less well informed media people and the public! On the other side, authorities and the public only in such threatening circumstances become aware of riskful assumptions inherent in contemporary computer systems. Such unfortunate experience may lead to the cynic assumption that risks may best be conceived by (hopefully: moderately) "ex post" experiencing them, rather than analysing and avoiding them "ex ante". Postscriptum: computer "viruses" may nevertheless play a role in "Operation Desert Shield". There are (yet unconfirmed) news that several thousands PCs (5000?) have been infected by ordinary "computer viruses". This would not be a surprising experience as the soldiers had to "vaste" ample waiting for Jan.15; in the absence of other possibilities for spending free time, computer games (usually a source of "virus" infections) may have played a major psychological role, maybe with some impact on their "ordinary functional behaviour".