last byte CACM_TACCESS_one-third_page_vertical:Lay
Viruses were not a legacy I sought.
Inevitably, someone would invent
them; the idea requires only a simple
biological analogy. But once it would
escape into the general culture, there
would be no way back, and I didn’t want
to make my professional life around it,
lucrative as it might be. The manufac-
turers of spray-paint cans likely feel the
Consider that our cities will get
smart and be able to track us with cam-
eras on the street and with microwaves
that read the chips in our phones,
computers, even embedded beneath
our skin. The first commercial use will
likely be to feed advertising to us, as in
the 2002 Steven Spielberg film Minority
Report. We’ll inevitably live in an arms
race against intrusive eyes, much as we
guard against computer viruses today.
Stuxnet, the virus known to have
invaded Iran’s nuclear facilities, is apparently the first malicious code deliberately designed to disrupt targeted
industrial processes, mutating on a
schedule to avoid erasure, interrogating the computers it invades, and sending data back to its inventors. Stuxnet
is able to reprogram Siemens-manu-factured programmable logic controllers and hide the changes it introduces
into them. Commands in Stuxnet code
increase the frequency of rotors in
centrifuges at Iran’s Natanz uranium-enrichment plant so they fly apart. Yet
much of Stuxnet’s code is unremarkable, standard stuff, lacking advanced
Still, it’s a wholly new thing—a
smart virus with a grudge—
evolving, self-aware, self-educating, craftily fulfilling its mission. Expect more
to come. Countries hostile to the U.S.
could likewise launch malware attacks
against U.S. facilities, using Stuxnet-like code to attack the national power
grid or other critical infrastructure.
Though seldom discussed, U.S.
policy has traditionally been to lead in
technology while selling last-genera-tion tech to others. Thus we are able to
defeat our own prior inventions, along
with sometimes deliberately installed
defects we might exploit later.
[COntinueD FROM P. 112]
it’s a wholly new
virus with a grudge—
Stuxnet looks like a kluge with inventive parts. It does not hide its payload well or cover its tracks. It will not
take much effort to greatly improve
such methods (with, say, virtual ma-chine-based obfuscation and novel
techniques for anti-debugging), whatever the target. Once major players use
them in nation-state rivalries, they will
surely leak into commerce, where the
stakes are immense for all of us. If Stux-type, untraceable malware becomes a
weapon of commerce, our increasingly
global commercial competitiveness
will take on a nastier edge.
Meanwhile, if living in space becomes routine, the related systems will
demand levels of maintenance and control seldom required on Earth. Consider that the International Space Station
spends most of its crew time just keeping the place running—and potentially
can be corrupted with malware. So can
many systems to come, as our environment becomes smarter and interacts
with us invisibly, around the clock. Increasing interconnection of all systems
will make smart sabotage a compelling
temptation. So will malware that elicits
data from our lives or corrupts systems
we already have, in hopes we’ll be compelled to replace them.
Now think beyond these early stages.
What secondary effects could emerge?
Seeds of mistrust and suspicion travel
far. But that’s the world we’ll live in,
with fresh problems we’ll be able to
attack but only if we’ve thought them
Gregory Benford ( firstname.lastname@example.org) is a professor
of physics at the university of California, Irvine, and a
novelist, including of Timescape, winner of the 1980
nebula and british science Fiction awards.
© 2011 aCm 0001-0782/11/0300 $10.00
This quarterly publication is a
quarterly journal that publishes
refereed articles addressing issues
of computing as it impacts the
lives of people with disabilities.
The journal will be of particular
interest to SIGACCESS members
and delegrates to its affiliated
conference (i.e., ASSETS), as well
as other international accessibility