







How Brutal Kangaroo Works

Hacking has been a problem for computer users at least since the beginning of the Internet. The practice has evolved from crimes committed by people toiling away in their basements to instruments of state policy and acts of civil disobedience, depending on who is doing it. Cyber war is a real thing and is going on in the shadows, with only some of it being reported in the media.One of the methods network administrators use to try to secure systems is to place the most sensitive information and functions on closed systems, not connected to the Internet. The theory is that hackers cannot get at closed systems. It turns out, thanks to some helpful revelations from Wikileaks(1) the CIA has that covered with a bit of malware called Brutal Kangaroo.

The way Brutal Kangaroo works is that it is introduced to a computer system that is connected to the Internet. Then, when someone extracts some data on a data strip or thumb drive from the connected computer to one that is part of a closed system, some malware rides with it. The closed system is thus infected and will begin to perform the tasks that the CIA wants, such as gathering data for later extraction or some other malicious function.

Stuxnet was used to infiltrate Iranian closed computer systems using a method similar to Brutal Kangaroo. Stuxnet was used to destroy Iranian nuclear centrifuges by spinning them far beyond their design parameters, substantially delaying Iran’s nuclear bomb program.

Software such as Brutal Kangaroo places lots of power in the hands of the CIA that should be the cause of, if not concern, at least scrutiny. In a world in which cyberwar is a real thing, we should want our side to have the capability to compromise the computer systems of an enemy. We can only hope that the CIA has enough oversight that it does not abuse this power.