Introduction
Cyber security is one of the major concerns of governments in the contemporary world. President Obama calls cyber threat “one of the most serious economic and national security challenges” (as cited in Bodenheimer, 2012, n.p.). Cyber-attacks can take down financial systems, government systems, banking systems and power grid (Bodenheimer, 2012).
Stuxnet is a cyber-worm which has confirmed various researchers’ opinion that cyber wars are people’s nearest future. Farwell and Rohozinski (2011) note that Stuxnet infected more than 60 thousand computers (over 50% of them in Iran). This breach of security is regarded as one of the most serious as it could have led to catastrophic outcomes.
Type of Breach
This virus is far from being an average cyber worm It had a complicated code which targeted PLC (programmable logic controllers). It is necessary to add that PLCs are integral parts of important industrial systems which are controlled by potent security systems (Brown, 2011). This virus was designed “to penetrate and establish control over remote systems in a quasi-autonomous fashion” (Farwell and Rohozinski, 2011, p. 24).
It did not require the use of the Internet. USB sticks were devices used for the spread of virus. Stuxnet targeted Siemens equipment and Windows operating systems. Notably, if some of the major requirements were not met, the virus did not operate and even self-removed within a particular time.
How the Breach Occurred
Notably, Stuxnet “destroyed supposedly secure equipment” without being detected for months (Nicol, 2012, p. 71). The virus was discovered in July 2010 (Brown, 2011). It was discovered at the Bushehr power plant. The virus was also traced in Indonesia, India, China, the United States and some other countries. The cyber worm destroyed about 1,000 Iranian nuclear centrifuges (Bodenheimer, 2012). Many researchers believe that this cyber worm could not be a product of a hacker as it is a sophisticated virus.
The major peculiarities of the worm (which confirm the viewpoint that the virus was created by a group of hackers who had the necessary equipment) are as follows. It is estimated that “10,000 man-hour of programming time” was necessary to write Stuxnet (as cited in Bodenheimer, 2012, n.p). The virus uses four Microsoft Windows security vulnerabilities. The use of all four vulnerabilities is unprecedented. Finally, it is acknowledged that to develop Stuxnet, Digital Certificates were stolen.
The Stuxnet ‘ceased’ control over the plant and “bumped” the speed of centrifuges up to about “1,000 miles per hour, past the point where the rotor would likely fly apart” (Nicol, 2012, p. 71). What is more, the virus affected control systems which indicated that everything was fine. It is necessary to point out that official Tehran announced that there was a cyber-attack, but analysts agree that the government did not reveal exact level of damage.
Losses of Confidentiality, Integrity, and Availability
Clearly, Stuxnet shows that cyber threat is real. Cyber-attacks can result in really serious and even devastating aftermaths. The virus revealed vulnerability of industrial systems which heavily rely on software. Pfleeger and Pfleeger (2006) single out three major aspects of computer-related systems when speaking of cyber security: confidentiality, integrity and availability.
It is important to note that in case of Stuxnet the three aspects prove to be vulnerable. Thus, there was no need to undermine the three aspects. The virus was available online and it could penetrate personal computers of those who have access to the systems.
People who had access could bring the virus to the plant (without noticing it) while using USB sticks. Therefore, it is possible to note that Stuxnet passed over the three major aspects which are addressed while designing security systems. The virus did not require the Internet. More so, the virus did not operate unless a number of requirements were met. Therefore, the cyber worm was difficult to detect until it was too late.
It is important to add that the code of Stuxnet is now available online. Nicol (2012, p. 72) notes that such “less technologically sophisticated groups” as al Qaeda are unlikely to make use of the virus. However, non-state actors in China or former Soviet Union as well as in the USA can modify the cyber worm to adjust it to another target. Thus, it is crucial to work out particular tools to prevent re-occurrence of the virus.
Technological Improvements
The case with Stuxnet shows that it is not enough to address the three major aspects of computer-related systems. One of the easiest and, maybe, most efficient ways to secure industrial software is to make sure employees cannot use USB sticks at their working places. This rule should apply to all employees including top management as the virus can penetrate any computer which has access to the Internet or already has the virus which is inactive. Thus, the plants (or any other strategic facilities) should be equipped with computers (or similar equipment) which do not even have outputs for USB sticks. Of course, users should not ignore possible threats coming from the Internet. Strategic objects should have specific networks and systems which are isolated from the World Wide Web.
More so, there should be several systems operating. In fact, such objects should not rely on computer-related systems only. When it comes to power safety, employees should be able to check whether all processes are taking place properly.
It is important to note that these measures alone are insufficient to ensure security at such strategic objects as power grids. Each strategic object should have a sufficient security system which should periodically check software as well as hardware. The security system should also be updated regularly. Of course, the system should be capable of detecting and neutralizing such cyber worms as Stuxnet (the code of the cyber virus is already available).
Apart from this, the case with Stuxnet shows that security measures should not be confined to software (and users only). Companies producing hardware should also address the problem. Thus, Siemens as well as other companies should make sure their products are not vulnerable to such cyber worms as Stuxnet (or other known cyber viruses).
Conclusion
On balance, it is possible to note that Stuxnet has shown that cyber wars are real. The cyber virus has shown that objects relying on software as well as certain hardware are vulnerable as any security system can fail to detect a new cyber threat. Therefore, people should reconsider efficiency of existing security systems. Perhaps, people should not rely on computer-related systems so much. Clearly, people should take action. IT specialists should analyze the code of the cyber virus and work out efficient security systems. Stuxnet has shown that this attention to security is not the responsibility of users only as hardware producers should also make sure their products are not vulnerable to various cyber threats.
Reference List
Bodenheimer, D.Z. (2012). Cyberwarfare in the Stuxnet age: Can cannonball law keep pace with the digital battlefield? The SciTech Lawyer, 8(3). Web.
Brown, G.D. (2011). Why Iran didn’t admit Stuxnet was an attack. Joint Force Quarterly, 63, 70-73.
Farwell, J.P. & Rohozinski, R. (2011). Stuxnet and the future of cyber war. Survival, 53(1), 23-40.
Nicol, D.M. (2012). Hacking the lights out.Scientific American, 305(1). Web.
Pfleeger, C.P. & Pfleeger, S.L. (2006). Security in computing. Boston, MA: Prentice Hall.