Cyber and Counter-Intelligence: was this the world's first malware sighting?

In January 1982, President Ronald Reagan approved a CIA plan to sabotage the economy of the Soviet Union through covert transfers of technology that contained hidden malfunctions, including software that later triggered a huge explosion in a Siberian natural gas pipeline, according to a new memoir by a Reagan White House official.

At the time, the United States was attempting to block Western Europe from importing Soviet natural gas. There were also signs that the Soviets were trying to steal a wide variety of Western technology. Thomas C. Reed, a former Air Force secretary who was serving on the National Security Council at the time, describes the episode in At the Abyss: An Insider's History of the Cold War.

"In order to disrupt the Soviet gas supply, its hard currency earnings from the West, and the internal Russian economy, the pipeline software that was to run the pumps, turbines, and valves was programmed to go haywire, after a decent interval, to reset pump speeds and valve settings to produce pressures far beyond those acceptable to pipeline joints and welds," Reed writes.

This is a wonderful Cold War example of cyber intelligence and counter-intelligence Statecraft.  It is not a pure cyber story, because the Internet did not exist then.  But it is illustrative of classic intelligence and counterintelligence.  In the early 1980s, the Soviet Union, through its network of clandestine operatives, was attempting to steal some valuable software from the U.S

Bill Casey was CIA Director at the time.  He got wind of the Soviets’ mission and the technologies they were attempting to acquire in the West and developed a counterintelligence strategy.  He arranged for the software to be difficult, but not impossible, to be stolen, so eventually the Soviets were able to steal this valuable intellectual property and install it on their pipelines.  For a time, the software worked perfectly.  Then, several months later, satellite images confirmed that the pipelines were blowing up.

The CIA had re-programmed the software, sabotaged the pipelines, and turned the tables on the KGB!

This operation was successful because the CIA had actionable intelligence.  They knew the enemy’s intentions and could anticipate the enemy’s actions.  The CIA could not only defend against the theft of intellectual property but turn the attempted theft of intellectual property into a disaster for the enemy.

This is just one example of intelligence and counter-intelligence tradecraft which can apply to the cybersecurity realm.