Recent Malware Attack and Stuxnex Virus - Case Study Example

Stuxnex Virus Stuxnex Virus There have been numerous conflicts among various countries across the globe basedon conflicting ideas. For a long period, the American government has been against the progress realized by the Iranian on nuclear power. This is because United States of America and its allies do believe that Iran might use its nuclear power plant to make nuclear weapons, which when used, could have adverse effects on the world. Due to the advancement in technology, wars have drastically moved from motor combat to cyber wars. This is evident in the case of the Stuxnet virus, which was used to attack Iranian nuclear power plant (Rosenzweig, 2013). This paper seeks to give an in-depth analysis of the Stuxnex virus. The way the malware originated Stuxnet is a very complex computer virus, which was observed to be specifically designed for industrial appliances attack. In this regard, it would affect the operation of the industrial devices and could lead to failure of the system. According to Ricks (2012), Stuxnet virus was designed and deployed by American and Israel intelligence in a bid to bring down the Iranian nuclear plant. The designing of the Stuxnet virus dates back from the time George W. Bush was the American president, and was accelerated to its completion under Obama’s first term as the American president (Sanger, 2012). The joint project between the American and the Israel intelligence personnel was implemented under the code “Olympic games.” The main target was the Iranian military-industrial complex in a bid to hamper its operations, thus making them incapable on continuing with their development on nuclear weapons (Sanger, n.d.). The first deployment was done in 2008 and 2009, and the targets were Natanz nuclear enrichment. At first, it was thought the failure in the operations of the plant was due to incompetence of the Iranian officials mandated to monitor it. For security reasons, computers for monitoring and controlling the operation of the plant were not connected to the internet. The virus was to be spread using removable devices. When the devices were plugged into the computers, the virus software would record the operations of the Centrifuges, after which it would interfere with the normal operations of the centrifuges; thus, bringing down the plant. This was the only route through which the virus could be introduced to the nuclear plant as the American and Israel intelligence officials did not have access to the plant; workers, who include engineers and maintenance personnel, were used to infect the plant with the virus through their removable devices. The plant did not produce alarm sounds as the devices failed, although from inside the plant, the failure of the operations of the centrifuges could be heard. Due to failure in the operations of the centrifuges, a rumble followed by an explosion on the nuclear plant was experienced. Unexpected, the virus found its way into the internet, which brought a blame game as it had a capacity to do greater harm to the public at large. It was argued that the malware leakage into the internet was a mistake in the code, and was directed to the Israel officials. The way the malware propagated In the initial attack on the Iranian nuclear plant, the virus was spread by the use of removable devices. As the personnel mandated to carry out the maintenance of the plant used the devices to collect data from the computer, which were not connected to the internet, the virus was spread. This was executed without their knowledge since even the security measure implemented in the plant did not detect the virus at an early stage, as the controllers indicated that everything was running smoothly, as expected. The virus had the capacity to spread through the internet; this was experienced when a computer was connected to the internet and the virus spread to other internet users, rather than the intended Iranian nuclear plant attack. This caused an alarm and a blame game between the two parties, who participated in its design, whereby United States of America suspected that Israel had played a part in the failure of the virus program from operating as intended. This is because the virus was designed to be spread through local area networks. The entire virus was designed in two parts; the first part had the capacity to spread the virus from one computer to the other while the second part contained the code for the virus. The code is responsible for causing damage to the industrial appliances. When the virus was released to the internet, various internet security companies undertook investigation to get an in-depth understanding of the operation mode of the virus. Initially, the main computers affected were those of institution closely linked to the Iranian nuclear plant. As time passed, more computers got affected, which caused an alarm from various stakeholders, mainly internet security companies such as Kaspersky. Due to the complexity of the coding done in the design of the virus, it took a considerable period to comprehend the virus program. This is evident from the report released from the Kaspersky’s lab regarding the complexity of coding in the virus design. Statistical evidence on the prevalence of the malware The Stuxnet virus was designed using Microsoft visual studio 2008, as evident in the analysis conducted on the coding of the virus. Microsoft visual studio is a powerful programming tool used in the design of various programs such as viruses and databases. To enhance the performance of visual studio, more advanced programmed have been released. Researches reveal that the preparation of Stuxnet virus was carefully analyzed and implemented by the various persons involved. For example, one analysis indicates the date of compilation as 03/02/2010, which is reviewed from the timestamp. A further analysis of the virus code indicates the presence of Microsoft visual studio 2005, which clearly indicated that the program was prepared by different groups of people. In this regard, specialization, which improves on the product, is evident. Evidence of the use of Microsoft visual studio 2008, is derived from the presence of version 9.0, while evidence of the use of Microsoft visual studio 2005 is portrayed by the presence of version 8.0. Additionally, the compilation of the program was executed on the first day of January, 2009. From the digital signature available, it is evident that previous work on the project had been executed earlier. An analysis of the drivers indicated the presence of two different signatures from JMicron Technology Corp and Realtek Semiconductor Corp. This raises question on whether the signatures were got legally or stolen from the outlined companies (Matrosov et al., nd.). The number of the virus attack among various countries vary, with Iran experiencing the highest number of attacks, and Asia being the leading continent in terms of Stuxnet prevalence (Andreasson, 2011). The high prevalence of the virus in Iran is because it was the country holding the target nuclear plant. The presence of the virus across different countries clearly indicates that the virus had the capacity to spread very fast. To a greater extent, it is evident that the distribution of the virus is highly dependent on the use of antivirus, as well as updating the antivirus software. A narration of a real case study related to the malware attack Malware attacks have become a common phenomenon in the recent past. This is attributed to the advancement in technology as well as the enhanced interest on programming among various persons across the globe. When people do gain the programming knowledge, they may use it constructively in the various departments of engineering and technology industries, or destructively to make viruses for various reasons. For example, phones have become a very important tool in the daily livelihood of many persons across the globe. As technology has been advancing, more complex phones are designed. These phones integrate many functions; thus, enhancing the lives of many individuals. Despite the merits associated with these developments in the mobile phone industry, privacy and security measures may not be effectively implemented. Since phones have become a common tool in the execution of the various business transactions, a failure in the security and privacy of the user’s details may lead to severe consequences. The current smartphones provides a platform, which are accessible to programmers, irrespective of their level of expertise. From previous research, it is evident that smartphone platforms provide an avenue for privacy attack by various programmers. This could have adverse effects on the phone owners, who do not have information that their details are available to other persons (Gritzalis, Tsoumas, Dritsas & Mylonas, nd). Lessons-learned and implications for security administrators The attack of Stuxnet virus on the Iranian nuclear plant clearly indicates that the type of war executed by various countries across the globe have changed, from mortal combat to cyber wars. Technology advancement has been embraced by all and is being used as a fighting tool. Due to this, various questions arise from the virus attack; for example, A) could the attack be avoided, The Stuxnet attack employed a high level programming knowledge, realized by integrating various programming technologies in its design. In this regard, identifying the presence of the virus could not been an easy task among the professionals mandated the control and maintenance of the Iranian nuclear plant. Since the virus was initially designed to be spread through the use of removable devices, it was possible to avoid the attack. In this regard, all centrifuge and other devices that had to be replaced ought to be thoroughly examined for the presence of malware before being used. Through this method, the joint effort of the United States of America and Israel professionals would not have managed to make the attack. B) What can be done to prevent similar attacks from occurring again? The Stuxnet virus attack on the Iranian nuclear plant provides a learning lesson on the security measures needed in order to ensure that all industrial systems are secured. To avoid the occurrence of such an attack in the future, it is necessary to have sufficient staff to carry out a thorough investigation of the presence of malware on all devices used in various industrial processes. Additionally, strict regulation on persons having access to such facilities is necessary; this will ensure that no similar attacks are executed. C) Is the Stuxnet virus attack ethical? The attack of the Iranian nuclear plant by the joint forces of United States of America and Israel can be considered unethical. This is mainly because the attack was executed in bad faith against the Iranian military. In the recent past, there have been accusations of Iran making nuclear weapons, which when used against its enemies, could have adverse effects, such as those experienced in Hiroshima Japan. If there is evidence that Iran has plans of carrying out such massive destruction, then it would be right to bring down their pant; this could be executed for the safety of the citizens at large. Conclusion Stuxnet attack on the Iranian nuclear plant was executed by United states of America in collaboration with Israel. The main aim of the attack on to bring down the plant; the attackers thought that it was used to make nuclear weapons, which could be used for mass attack. The virus was designed using various technological technologies, and aimed to be transmitted through removable devices. Despite this, flaws in the program were detected before it had completed its intended task. This saw the virus being spread through the internet, which brough blame game between the American s and Israelis professionals. References Andreasson, K., J. (2011). Cybersecurity: Public Sector Threats and Responses. Florida: CRC Press. Gritzalis, A., Tsoumas, B., Dritsas, S., & Mylonas, A. (nd.). Smartphone security evaluation - the malware attack case. Retrieved on Feb. 6, 2013 from http://www.aueb.gr/users/amylonas/docs/secryptShort.pdf Matrosov et al. (nd). Stuxnet Under the Microscope. Retrieved on Feb 6, 2013 from http://go.eset.com/us/resources/white-papers/Stuxnet_Under_the_Microscope.pdf Ricks, T. E. (June 5, 2012). Covert Wars, Waged Virally‘Confront and Conceal,’ by David Sanger. The New York Times. Retrieved from http://www.nytimes.com/2012/06/06/books/confront-and-conceal-by-david-sanger.html Rosenzweig, P. (2013). Cyber Warfare: How Conflicts in Cyberspace Are Challenging America and Changing the World. California: ABC-CLIO. Sanger, D. E. (n.d.).A New Age of Cyberwar. Retrieved on Feb. 6, 2012 from https://www.google.co.ke/url?sa=t&rct=j&q=&esrc=s&source=web&cd=9&cad=rja&ved=0CHYQFjAI&url=http%3A%2F%2Fwww.roycecarlton.com%2Fspeaker%2Fdownload-pdf-press-kit%2FDavid-E-Sanger.html&ei=vgUSUfTjMoWr0AXMg4C4CA&usg=AFQjCNGuGwSAx4WwyoVmv4d4L71j9ESiAg Sanger, D. E. (June 1, 2012). Obama Order Sped Up Wave of Cyberattacks Against Iran. The New York Times. Retrieved from http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html Read More