John Velarosa
Professor Ingram D. Rogers
1106CSIA3014041
August 3rd 2011
The Stuxnet Virus
The Stuxnet Virus
Abstract:
What diplomacy could not achieve, sanctions could not silent, and for which a military option was not viable, a cyber attack quietly accomplished.
Kim Zetter an investigative reporter with Wired Magazine online calls Stuxnet, “a piece of software that would ultimately make history as the world’s first real cyberweapon.” (Zetter, 2011, sec. 1)
In his article, Is “Stuxnet” the best malware ever? Gregg Keizer of Computer World says:
“The Stuxnet worm is a "groundbreaking" piece of malware so devious in its use of unpatched vulnerabilities, so sophisticated in its multipronged approach, that the security
…show more content…
or Israel, that Israeli intelligence tested aspects of the worm using centrifuges identical to Iran's at Israel’s Dimona complex. Even Siemens the German company cooperated with Idaho National Laboratories in the US to identify the vulnerabilities of computer controllers that the company sells to operate industrial machinery around the world. Not too long afterwards, those very vulnerabilities were exploited by Stuxnet.
2. Why a Cyber Attack?
Cyber warfare requires intellect not military might and a country does not have to be a military superpower to wage a cyber attack. Cyber attack tracks are much easier to cover and are easily attributable to another entity. While cyber attacks are only recently been declared by our military and political leadership as acts of war, compared to an actual physical military attack on another country life can go on as usual for most of the citizens on both sides of the conflict without the slightest idea that their country is at war. It does not cost billions of dollars to run or manage and is hardly a long-term commitment of hundreds of thousands of troops and the logistics to support them and their equipment at the front lines. In case of Iran, a cyber attack was the most viable option available to global powers because the Iranian regime did not hesitate to make threats against the United States and Israel should it have been attacked militarily to make it stop trying to produce nuclear
The most recents detections of how cyber warfare is inevitably coming was the accusations of Russia hacking the the Democratic National Committee and former Secretary of State Hillary Clinton’s email’s releasing damaging evidence against them which ultimately lead to Donald Trump being named the President of The United States (Diamond, 2016). The effects of cyber warfare have leaked over in to televise series, forming shows such as CSI cyber, and the gaming world, Call Of Duty Infinite Warfare. Neglect regarding cyber security can: undermine the reputation of both the government and elected officials; force unacceptable expenditures associated with the cost of cleaning up after security breaches; cripple governments' abilities to respond to a wide variety of homeland security emergency situations or recover from natural or man-made threats; and disable elected officials' ability to govern (Lohrmann, 2010). Classified information such as overseas operators and attacks, missile locations, response plans and weaknesses, and much more cripples America’s ability to defend itself from enemies both foreign and domestic. To combat cyber terrorism is the Cybersecurity Information Sharing Act, or CISA. In an article titled “Why Cybersecurity Information Sharing Is A Positive Step for Online Security” it is discussed that under CISA, the Department of Homeland security will have more responsibility for domestic cybersecurity. CISA’s fundamental purpose is to better enable cybersecurity information to be shared between the private and public sectors (2016). The sharing of threat information between public and private sectors can give the the United States a head start by allowing them to share information rapidly and more often to combat enemy threats while still providing safety for privacy and civil
Ralph Langner’s article on the Stuxnet worm discusses the hardware, distribution and targets of the attack. He also goes into detail regarding the outlook of future attacks and what we can do to prevent them.
In a documentary by Admiral Vern (2002), “the events of September 11, 2001 tragically illustrated that the promise of peace and security in the 21st Century is fraught with profound dangers”. The US foreign policies and interest in key geographic regions of the world sparks controversies resulting in state funded cyber attacks, cyber espionage and terrorism against the United States and its allied nations. When several attempts to cripple the United States and its allied nations through negotiations failed, enemy states and nefarious groups have shifted their focus to cyber attacks and cyber espionage. According to Gady (2016), “China continues cyber espionage against the United States”. Drezner (2014), “Washington and Beijing hardly agree on everything, but they agree on the big things, like maintaining an open global economy, reducing the likelihood of a military confrontation, and tackling climate change”.
China is responsible for cyber espionage against the U.S. resulting in significant damage to the U.S. economy. The Commission on the Theft of American Intellectual Property found that, China is responsible for up to 70% of incurred losses of the U.S. (Navarro 2016). The Center for Strategic and
Pfleeger, S. Pfleeger, and Margulies (2015) outline possible examples of cyber warfare between Canada and China (p. 844). According to Pfleeger, S. Pfleeger, and Margulies (2015), “the Canadian government revealed that several of its national departments had been victims of a cyber attack…” (p. 844). Eventually, the attack was unofficially traced to a computer in China (p. 844). Cyber warfare can be used negatively and positively. It is evident that China was seeking to gain protected information form Canada. Although a purpose of cyber warfare, it is not a conventional way of obtaining information. Additionally, cyber warfare can be used to collect intelligence on an enemy. Anyone seeking to gather intelligence on another individual or group can launch a cyber attack that gains access to protected files. This could be used to help future militant operations or expose critical information. Lastly, cyber warfare can be used to test systems internally. Acting with no malicious intent, “insiders” can utilizing cyber warfare tactics to attack their own cyber security barriers in order to test the strength of their systems. Seeking to expose the vulnerabilities in a system that contains important assets without actually harming the assets provides the system a diagnosis of what needs to be strengths and fixed. Identifying the problem or threats before an actual attack can ultimately save the protected
The plan to launch cyber warfare on the Iranians began after a negotiation took place between the Europeans and The United States. This was due to Iran’s plan to continue their production of uranium. “Iran resumes uranium enrichment at Natanz after negotiations with European and American officials flounder.” (Gates, 2012). Our nations armed forces, CIA, and NSA worked together to create a classified cyber-attack to be launched on “Iran’s nuclear enrichment program” (Gates, 2012). The United States fear of nuclear weapons from Iran was the only motive for the cyber-attack, and was continued once President Obama came into office.
One of the most widely cited paper on the definition of Cyber-terrorism is Denning’s Testimony before the Special Oversight Panel on Terrorism (Denning, 2000). Here, Denning makes the following statement:
Year Zero began with the detection of the Stuxnet malware, allegedly developed by the United States, who partnered with Israel. This malware was released in order to damage Iranian machines and “mess with Iran’s best scientific minds.” Stuxnet proved that the United States was willing to do whatever it took to develop these forms of offensive capabilities which are needed to “dominate the cyber battlespace.” This attack was used to send Iran’s nuclear program back almost two years. I think that what made Stuxnet dangerous was that it was nearly impossible to detect, developers had “zero days” to fix or patch damage that had already been done. The computers used to transfer the malware were not connected to the Internet, they jumped the “air gap” by allowing the malware to be transferred through portable devices, leading to an even more traumatic cyberattack.
Two of the common known attacks on computing systems are the deployment of computer viruses and malware.
For thousands of years warfare remained relatively unchanged. While the tactics and weapons have changed as new methods of combat evolved, men and women or their weapons still had to meet at the same time and place in order to attack, defend, surrender or conquer. However, the advent of the of the internet has created a new realm of combat in which armies can remotely conduct surveillance, reconnaissance, espionage, and attacks from an ambiguous and space-less digital environment. Both state and non-state actors have already embraced this new realm and utilized both legal and illegal means to further facilitate their interests. What complicates cyber security further is as states attempt to protect themselves from cyber-warfare, private
In the previous five years, cybersecurity has turned into the most looked for after calling around the world. More than 90 percent of respondents to an overview directed by the Ponemon Institute (2011) detailed being a casualty to cyberattacks amid the most recent year, costing all things considered more than $2 million for each association. This number keeps on ascending as the two programmers and security devices progress. As indicated by PwC, roughly 33% of all U.S. organizations are as of now utilizing digital protection (Lindros and Tittel, 2016).
Cyber-attacks are common in the defense industry, but in January 2010, a sophisticated, advanced persistent threat hacked into the commercial sector forever changing the face of cyber security. Dubbed “Operation Aurora” by McAfee, the attack targeted specific high profile corporations to obtain valuable intellectual property. Google, Yahoo, Juniper Networks and Adobe Systems were also among the victims of this highly coordinated cyber heist. By manipulating computer codes the attackers were able to exploit the Microsoft Internet Explorer vulnerabilities to gain access and obtain valuable sensitive information from over thirty high profile companies. Operation Aurora proves that the world is entering into a high-risk era where
A lot of opinions and meanings has been given to the word “Cyberterrorism”. Some of these meanings and definitions varies. In this light, Gordon and Ford (2003) are concerned that when 10 people define cyberterrorism and nine of the given answers are different, and these 10 people represent different government agencies tasked with safeguarding national assets and infrastructure, then it becomes a critical issue.
Cyber warfare is a battle without causalities, a war waged only by written words, fought digitally by those who are bent at disrupting the infrastructure of a nation built on sweat, labor and concrete. Digital battles that are being fought not for money, not for a simple website defacement proclaiming you are the most ‘l33t hax0r on the interwebs’. One of the most major, yet under reported example of this; a lowly worm named Stuxnet. A worm, by the most mundane of definitions, is a self-replicating program, usually malicious, and whose
Imagine if you were an employee of a large credit card corporation such as Visa or MasterCard. You can make up to $90,000 a year but all of a sudden your bank account was $0.00 along with all your coworkers, bosses and the company stock dropped to zero. There would be panic, chaos and disorder due to everyone losing their money. The culprit of such a chaotic situation was a result of a cyber-attack by a hacker. The cyber attacker hacked into the system and caused the databases to transfer all of the money into some bank accounts elsewhere. This is just one example of cyber terrorism and all the damage it is can do to people lives. Businesses corporations are usually not targets of terrorism, but government databases usually are targeted. Cyber terrorist often try to hack into government databases and steal information that would be valuable to America but dangerous in the hands of terrorist. Through cyber-attacks information for nuclear weapons, shut down codes or other government secrets can be gained by a number of terrorist organizations. “ cyber-attacks on our nation private sector and government networks have increased dramatically in the past decade” ( www.fbi.gov) This increase in attacks means that there is a higher chance that terrorist can shut major power grids and leave millions without power or disrupt the stock market to cause mass panic in the