Stuxnet and U.S. Incident Response Case Study

Exclusively available on IvyPanda Available only on IvyPanda

Stuxnet refers to a malicious computer worm discovered in 2010 and alleged to have been established by both the U.S. and Israel to target Iran’s nuclear system. The alarm developed through finding the worm within the U.S. terrain in the industrial and energy-producing amenities. The purpose of the Stuxnet is to monitor and acquire data of a Supervisory control and data acquisition (SCADA) software contained in large infrastructure systems (Baezner & Robin, 2017). The nuclear facility for Iran might have acquired the burden of the cyber mega weapon Stuxnet considered to be fabricated by the United States. However, the state of America was worried about its propagation to the capacity of the homeland (Haizler, 2021). A firm response team was deployed to tackle the infection based on the homeland security reports.

We will write a custom essay on your topic a custom Case Study on Stuxnet and U.S. Incident Response
808 writers online

The United States-CERT is a collaboration between the Homeland Security Department and the public and private sectors. The function of US-CERT is to guard the infrastructure of the nation by coordinating opposition against cyber-crime nationwide. US-CERT has the accusation of defending the state’s internet setup by managing the protection against and reaction to cyber violence. It performs numerous roles, including assessing and mitigating cyber threats, disseminating data on cyber threats, and organizing events (Bertino & Islam, 2017). US-CERT works with government agencies, industry, and the scientific community. The US-CERT coordinates directly with the United States government on the issues of cybersecurity for citizens, businesses, and institutions.

Addressing and controlling the digital malware threats is the primary directive of the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). This organization has worked together with the industrial control system to diminish nasty cyber action based on the acute setup resources (Bertino & Islam, 2017). The Stuxnet issued multiple advisories on how to minimize the Stuxnet malware that also infected the system in the U.S. Its self-replicated band spread through numerous methods various means, which include;

  • Removable drives are exploiting a susceptibility allowing auto-execution.
  • Local area network (LANs) using the Window Print Spooler vulnerability.
  • Server Message Blocker (SMB) gives shared access to files and printers by leveraging a Microsoft Windows Server Service vulnerability.
  • Copying and running network log.
  • Replicating Siemens’ industrial software applications, namely Step7.

The ICS-CERT provides a detailed overview of the incidents caused, highlighting the leading complications connected to cybersecurity. Stuxnet was reported to exploit an aggregate of four different Microsoft susceptibilities, whereby two were vulnerable to individual duplication while the other two provided an escalation of initially known vulnerabilities. Alternate sites are feasible for an organization that utilizes ICS technologies since the ICS-CERT, with the aid of the SOC team, provides services to customers referred to as a constituency. This aid is established according to organizational, geographical, technical, and contractual boundaries (Baezner & Robin, 2017). The team delivers public programs, including threat awareness training and vulnerability evaluations, that have an effect on the core function of incident detection and response.

The highest level of planning determines the total information of the security level. The strategies and concerns of contingency planning talk about the consequences on the security aims of the information obtained. The information system has to consider high availability and reluctance option in the design. The possibilities include reductant load balance systems fully at the alternate site, data mirroring, and offsite database replications. The lower impact information system may use a less expensive contingency option to tolerate downtime to recover facts.

The contingency type of planning can be actual, and it involves joining security gearshifts initially in developing information systems and maintaining the rules continuingly. The FIPS 199 security category determines the type of control that applies to a particular system since not all commands use a specific approach (Trautman & Ormerod, 2017). The available information systems as security targets are classified as low-impact and do not require alternative processing sites. In comparison, the information systems with a protection target for availability are classified as having the newest effect, with only a first improvement of the control of the system. The security categorization FIPS199 allows for the four C.P. Security tailoring of NIST SP 800-53, the only security baselines available. The monitoring of the environment is the only one and requires the devices and technology supporting the information system.

There are ways that encourage compliance with C.P. controls within an enterprise. NIST SP 800-53 enables compensatory security to have comparative information system safety to conform with C.P. control purpose. A company should use a compensatory security control rather than C.P. control, provided the rationale is provided (Haizler, 2021). There are two forms of preparation, each with its own set of characteristics. Continuity planning takes part duty on its own, and it involves the capacity to endure acute purposes and progressions. Contingency planning is applied to statistical schemes providing the procedure required to solve either a portion or whole chosen facts in advance or a new position.

1 hour!
The minimum time our certified writers need to deliver a 100% original paper

In conclusion, technology has brought benefits and drawbacks, either by enhancing how man conducts operations or threatening man’s existence. The U.S. protection services, aimed at hindering the distribution of malicious software, have proven to be exceptionally efficient in enhancing cybersecurity. Still, there is an opportunity to improve the world’s fight against cybercrimes to attain proper information safety. There should be worldwide awareness from the individual level to company sectors to sensitize and put forward measures to enhance information security for such crimes.

References

Baezner, M., & Robin, P. (2017). CSS Cyberdefense Hotspot Analyses, 4, 1-16. Web.

Bertino, E., & Islam, N. (2017). Computer, 50(2), 76–79. Web.

Haizler, O. (2017). The United States’ cyber warfare history: Implications on modern cyber operational structures and policymaking. Cyber, Intelligence, and Security, 1(1), 31-45.

Trautman, L. J., & Ormerod, P. C. (2017). Industrial cyber vulnerabilities: Lessons from Stuxnet and the internet of things. University of Miami Law Review, 72(3), 761-826.

Print
Need an custom research paper on Stuxnet and U.S. Incident Response written from scratch by a professional specifically for you?
808 writers online
Cite This paper
Select a referencing style:

Reference

IvyPanda. (2022, June 27). Stuxnet and U.S. Incident Response. https://ivypanda.com/essays/stuxnet-and-us-incident-response/

Work Cited

"Stuxnet and U.S. Incident Response." IvyPanda, 27 June 2022, ivypanda.com/essays/stuxnet-and-us-incident-response/.

References

IvyPanda. (2022) 'Stuxnet and U.S. Incident Response'. 27 June.

References

IvyPanda. 2022. "Stuxnet and U.S. Incident Response." June 27, 2022. https://ivypanda.com/essays/stuxnet-and-us-incident-response/.

1. IvyPanda. "Stuxnet and U.S. Incident Response." June 27, 2022. https://ivypanda.com/essays/stuxnet-and-us-incident-response/.


Bibliography


IvyPanda. "Stuxnet and U.S. Incident Response." June 27, 2022. https://ivypanda.com/essays/stuxnet-and-us-incident-response/.

Powered by CiteTotal, essay citation creator
If you are the copyright owner of this paper and no longer wish to have your work published on IvyPanda. Request the removal
More related papers
Cite
Print
1 / 1