While many cyber threats are launched in a race for money, information, or public notice, some cases are less glamorous and are, in fact, discreet due to the nature of their end goal. In 2009 the USA and Israel banded together to prevent Iran from producing more uranium (Stuxnet, 2017). The computer worm program was named Stuxnet, and unlike most other hacking software, it was designed to result in physical damage to the target (Stuxnet, 2017). It was a complex operation, as the factories used Industrial Control System (ICS) with no external connection, not unlike Distributed Control Systems (DCS) (Radvanovsky and McDougall, 2019). Therefore, the only way to perform the cyber attack was through a direct USB connection. The USB drive contained three modules that operated together to progress the worm and evade detection, searching for specific Siemens Step 7 software on the controlling computers. Although it was a success, the worm was eventually unintentionally released online, leading to unintended damage to other machines. It raised some ethical questions about the program and whether the reason behind the cyber attack justified the collateral damage and political involvement (Baylon, 2017).
As the countries enter more and more technologically advanced communications for everything, from personal computers to factory operations, cybersecurity technology cannot catch up sufficiently fast. ICS and DCS allow for extra protection, but Stuxnet is one of many examples of such protections being bypassed (Assenza et al., 2020). Anonymous cyberattacks might be tempting for organizations and countries that wish to stay unnoticed. While examples like Stuxnet are rare due to growing tensions between some countries, they are likely to become more common (Trautman and Ormerod, 2017).
References
Assenza, G., Faramondi, L., Oliva, G., & Setola, R. (2020). Cyber threats for operational technologies.International Journal of System of Systems Engineering, 10(2), 128-142.
Baylon C. (2017). Lessons from Stuxnet and the realm of cyber and nuclear security: Implications for ethics in cyber warfare.Ethics and Policies for Cyber Operations. Philosophical Studies Series, 124, 213-229.
Radvanovsky, R. S., & McDougall, A. (2019). Critical infrastructure: Homeland security and emergency preparedness (4th ed.). Boca Raton, FL: CRC Press.
Stuxnet. (2017). Stuxnet: NJCCIC Threat Profile.
Trautman, L. J., & Ormerod, P. C. (2017). Industrial cyber vulnerabilities: Lessons from Stuxnet and the Internet of Things. U. Miami L. Rev., 72, 761.