Stuxnet: Dissecting a Cyberwarfare Weapon - Assignment Example

Stuxnet Virus Stuxnet: Dissecting a Cybewarfare Weapon Introduction Cyber warfare has been seen as a fictional concept over many years but after Stuxnet was discovered, cyber warfare has become a matter of concern particularly at a higher technological level. A few years ago, Stuxnet virus that targeted an Iranian nuclear program raised the attention of many technologists. Although nobody is sure of it origin, most computer scientists and researchers believe USA, Israel or Jordan would have created it. Many viruses had existed before Stuxnet’s discovery, but it hit the papers due to its unique and powerful capability. Counterterrorist described the unique virus as a computer worm, and they estimated that it had been launched in 2009 (Ralph, 49). Stuxnet did its first major damage in Iran by terminating the country’s nuclear program. Over the years, it has spread out to many computers all over the world. Due to this, it was classified as the first ever cyber-weapon. Analysis of Stuxnet: Dissecting a Cyber warfare Weapon Stuxnet was a strong computer virus since it was not lined up to any confidentiality. Unlike other computer viruses that erase or steals any information, Stuxnet main aim was destroying a military target (Ralph, 49). According to Ralph Langner, the virus was aimed at industrial controllers as opposed to the common misconception that it was aimed at SCADA systems. Another unique feature of the Stuxnet was that it did not require any internet access like other viruses. The fact that the virus attacked performance machines rather than information and confidentiality made it a hard nut to crack especially to people in charge of cyber security. Distribution of the virus occurred through USB sticks and local networks. After entry in a computer, its focus was on controllers especially from Siemens. The program had the ability to download program codes for other programs in the machine it got into. Stuxnet mainly focused on getting two Siemens controller codes (417 and 315). Upon identifying a matching target, it loaded a code that was structured in many sub-functions. It loaded the codes by injecting the code into its executive loop (Ralph, 50). The 417 and 315 codes consequently injected codes into the 100-ms timer, and it achieved its mission by limiting the performance of the legitimate code. Upon attack, the 315 code stopped working while the 417 code kept running but was sequestered from the real I/O and presented with a fake process image (Ralph, 50). To counter this attack, Microsoft developed a program that would be used in security patching. However, it did not deliver the anticipated results since it only affected the dropper part of Stuxnet that was different from the digital warhead. The Microsoft anti-virus was designed for software, but Stuxnet was a product feature and hence could not solve the problem (Ralph, 51). Most Industrial controllers are not designed with anti-virus software’s and hence Stuxnet is unstoppable. It takes advantage of the controller’s not being able to sign digital codes that would otherwise ensure that all codes are from legitimate stations. The only available solution was Iran getting a new set of machines with ability to sign digital codes so that they could continue manufacturing their weapons. Conclusion and reflection from the Article From this article, cyber weapons appear to be a problem that has potential of deteriorating. The Stuxnet attack has triggered more militarism and preparation for war and maybe could even lead to world war III. Countries with stronger technologies fight the technologically weaker nations and thus increase enmity among them. Despite having the negative effects, Stuxnet can also be viewed as creating a positive impact technologically since the next inventions are automated machine controller systems. Technology has made lives simpler and tasks easier but cyber insecurity is drawing the advancement behind. Cyber insecurity takes forms such as hacking, computer viruses and network outages and has become a threat to the modern technology. Improvement in technologies such as digital applications is being exploited by counter inventions of viruses. Increment of exploitation cases has led to the introduction of cyber security/information technology security, which refers to any activities aimed at protecting computer, networks, programs and data from unapproved access, alteration or damage (Winterfeld and Jason 5). Institutions such as corporations, banks, hospitals, businesses and military camps have a lot of confidential information that is transmitted between computers and across networks. In the last decade, cases of cyber-attacks have increased, and hence, such institutions require coming up with methods to protect their information from cyber-attack. Government institutions such as the military, that play a crucial role regarding the security of the country, should improve on cyber security in order defend national security (Rosenzweig 94). Latest Cyber-attacks and digital spying in countries such as Iran have shown the extent of sophistication in the modern cyber-attacks. A worldwide summit held in Geneva concerning cyber security identified that cyber-attacks are a top threat to security and is a terrorist using a tool. Cyber security begins with a personal computer whereby a computer user should be able to protect their computer from malicious software in the internet. The steady increment in the number of personal computers in many countries has aggravated the problem of cyber security. People with ill motives intentionally develop most of the threats to computers and their networks. Knowledge on cyber security is hence important to single persons, institutions and governments for them to be able to protect their information and digital belongings from cyber attacks Understanding cyber security requires that the computer user understands the different forms of attacks and their mode of action. Upon having a clear understanding of the forms and modes of action of cyber-attacks, they have to device security measures, systems or software’s that can prevent an attack from occurring (Winterfeld and Jason 25). The market provides various forms of internet security systems that differ in complexity and effectiveness. The computer user should be guided on the security system to use depending on the risk of threat they are exposed to. Cyber security systems deal with a large number of threats, which could be in the form of malware, spyware or computer viruses. The threats differ in terms of seriousness with some being able to destroy an entire software or operating system. Some computer viruses enable hackers to obtain information from other computers and can use it as blackmail or for their personal gain. Cyber security systems may be expensive to install, but they offer a great form of security to personal and confidential information and hence are paramount. Many companies have developed antiviruses and hence, a computer user has a wide range of options to choose from and prevent an attack. Apart from installing the relevant cyber securities, every computer user should keep their securities updated since complicated threats are developed every day and the competition between the cyber securities and cyber-attacks will keep getting stiffer (Rosenzweig 127) Cyber warfare Cyber warfare is defined as a coordinated and intentional digital attack to the government or to a group of people. It involves one nation trying to get to the other nations computers in order to cause damages and disruption through technology gurus. Such an action prompts the other government to revenge by doing the same to the attacker and hence starting a cyber-war between the two countries. Cyber warfare targets crucial government units such as the military. A country requires high understanding on the relationship between networks and infrastructure in order to protect itself from cyber-attack. On the other hand, every country requires high technology ability in order to attack another country. Cyber warfare is, therefore, the use of cyber expertise to achieve military or political objectives through the cyberspace (Andress and Steve 8). The extent of a cyber-attack depends on the means employed by the attacker and the vulnerability of the attacked person. Cyber warfare leads to enmity between countries and often causes cyber terrorism. Cyber terrorism is defined as a method of gaining information through the internet in order to carry out an attack on an institution, a government or a country. It involves disruption of normal activities so that the attacked person can fear the attacker. Most cyber-attacks/ cyber terrorism are politically stirred and are organized over long periods since a lot of information and technology is needed. Defensive and offensive Cyber warfare strategy Cyber warfare is expected to increase in the 21st century and hence every country should possess both defensive and offensive cyber techniques. In order for a country to be offensive, they require to have consolidated networks and govern their networks through high-end personnel in technology. Such personnel should be able to device methods of attack as well as device methods to prevent the country from attacks. As a defensive mechanism, each network and sub-network should contain its security barrier, which will offer protection from attackers. A quality network with less probability to attack should be proliferated with firewalls and intrusion detection systems that will be exclusive to network managers (Andress and Steve 33). Although defensive mechanisms are the best offensive mechanisms, every country should develop a troop of IT gurus that will constantly research on the weaknesses of enemy countries, and capitalize on them in case a country desires to attack another. Studying systems of enemy countries is very crucial since it reveals the vulnerable areas of the enemy. By revealing the vulnerable areas, the attacking country can develop strategic cyber weapons targeting the weak points. Careful studies can help the attacker embeds codes in the networks of the target and can be used against a target in the future Preventing cyber warfare Cyber warfare has become a global concern issue due to the rising numbers of cyber-attacks implying that the available technologies for prevention of cyber-attacks are not 100% dependable. Methods such as edge-based security have proven quite successful, and they offer approximately 80 % immunity to cyber-attacks (Andress and Steve 59). It is important that countries and organization make use of such technologies and integrate them with analysis of attacker behaviors in order to detect any attack before it happens. Another effective method is learning form the already happened attacks. Cyber warfare is a trend that keeps advancing and hence an understanding of the solved attacks can lay a guideline towards prospecting future attacks and devising methods to prevent them from happening. Works Cited Andress, Jason, and Steve Winterfeld. Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners. , 2014. Internet resource. Ralph Langner, "Stuxnet: Dissecting a Cyberwarfare Weapon," IEEE Security & Privacy, vol. 9, no. 3, pp. 49-51, May-June 2011, doi:10.1109/MSP.2011.67 Rosenzweig, Paul. Cyber Warfare: How Conflicts in Cyberspace Are Challenging America and Changing the World. Santa Barbara, Calif: Praeger, 2013. Print. Winterfeld, Steve, and Jason Andress. The Basics of Cyber Warfare: Understanding the Fundamentals of Cyber Warfare in Theory and Practice. Rockland, MA: Elsevier Science, 2013. Internet resource. Read More