Introduction
For long, the world has suffered the effects of kinetic warfare whose principles, according to Parks and Duggan (2011), are well documented. However, the advances in technology, witnessed in the 21 st century, are responsible for a paradigm shift from the discourse of kinetic warfare to cyberwar, whose principles require additional exploration because of the differences between the real world and cyberspace. The 21 st century is defined by technological advances in military weaponry of different countries worldwide, evidenced for instance, by the latest stance between the US and North Korea that led to parading of military might by the latter in defiance of the former’s threats for military action due to its nuclear programs (Herman, 2017). The potential of kinetic war breaking out between the two and their respective allies heightens fears of mass casualties. What if there was an alternative to derail North Korea’s nuclear programs, would it eliminate the need for military confrontation? One may argue that the answer to this question is definitely, yes, but Chen (2010) posited that cyberwar also has the potential to bring any technology dependent society to its knees. Cyberspace represents the best alternative for such virtual cyberwar as evidenced by the Stuxnet incident, where a highly sophisticated windows-based computer virus was used to “bomb” the Iranian nuclear program (Michaletos, 2010). The attack, suspected to be carried out by the US and Israel, is heralded as a starting point to a new era in cyberwarfare. The virus, the first digital weapon of geopolitical significance, depicts a paradigm shift in the manner wars are fought. Chen (2010) observed that the prospects of cyberwar have seen governments scramble teams of elite hackers with objectives to infiltrate and take down computer networks of enemies. Stuxnet influence on these developments is immense. This paper examines details of the Stuxnet incident and suggests recommendations in relation to future implications.
Description of the Incident in the Case
The Stuxnet worm is speculated to have used contaminated hardware to try and cripple the Iranian nuclear program. The incident occurred in 2010, when the Iranian nuclear facilities were brought down by a secretly deployed virus with unrecognizable computer code, changing the global perception of warfare. According to Beaumont (2010), the Stuxnet incident has some similarities to the recently revealed 2008 cyberattack on the US base in the Middle East. Memory sticks were found scattered in the washroom at the base that offered support for the Iraq war. It is theorized that the perpetrator, an undisclosed foreign intelligence agency, counted on human fallibility to deliver warfare from the worm infected memory sticks. The theory was that one of the soldiers would pick the stick and against regulations, plug it into the military computer, thus delivering the self-propagating virus to the system of the US military central command (Centcom). Stuxnet is also suspected to have used contaminated hardware to attack the Iranian nuclear facilities.
Delegate your assignment to our experts and they will do the rest.
According to Beaumont (2010), Iranian authorities have confirmed that Stuxnet affected 30,000 of its computers, and suspects the attack to be an act orchestrated by a state, using intelligence operative to deliver the sophisticated virus. The primary target, as per the computer experts, was a Simien’s manufactured control system Iran uses in its nuclear facilities. The Iranian authorities confirmed the presence of the worm on laptops at its Bushehr nuclear reactor, which was due to go online in a month, causing the process to be delayed. Iran refutes the argument that the worm infected the main central system at the reactor or caused the delay. However, reports have emerged that Stuxnet disabled centrifuges at the Iranian nuclear facility, illustrating the potential physical distraction from cyberwarfare.
According to Chen (2010), the incident ushered in a new era in cyberwar, a situation exacerbated by the fact that every nation has the capability to wage one on its enemy because they do not need to be a superpower; all it takes is computers and software. The principle that differentiates cyberattacks from nuclear attacks is that: “If we can do it to them, they can do it to us” (Grossman, 2017). According to Grossman (2017), only a handful of countries would have the expertise to write Stuxnet, but once it is out there in cyberspace, any party can copy and reuse it to inflict cyberattacks of varying magnitudes depending on the systems targeted. Beaumont (2010) observed that the Iranian authorities confirmed failure of enemies to damage the country’s nuclear systems through computer worms, and that the systems have been cleaned. It has led to experts concluding that Stuxnet was a limited a limited act of cyberattack. However, the incident has generated significant levels of fear and concern, with the US taking measures simulate what an all-out cyberwar would look like and asses its readiness to deal with it (Beaumont, 2010).
Perpetrator and Target of the Attack
To date, not party has come out to claim responsibility for the Stuxnet attack or shed light on what the target was. So far, conclusions drawn from the incident have been based largely on reports from the Iranian authorities. According to Grossman (2017), Alex Gibney 2016 movie, Zero Days, sheds more light into who the perpetrator was and the target. Based on individual accounts of concerned NSA officers, Stuxnet could be explained beyond what was known in relation to its functionality. Whigham (2016) observed that in an interview with a German magazine Der Spiegel, a former NSA contractor and whistleblower, Edward Snowden, alleged that the US and Israel created Stuxnet with Iranian nuclear centrifuges its target for destruction. It is argued that the incident represents the first cyberattack by a country on another, hence why it is heralded to have ushered in a new era in cyberwarfare. According to Grossman (2017), the gist in Gibney’s Zero Days is that the Israelis modified Stuxnet code in 2009 with the intention of making it spread more aggressively, and that it will get noticed. However, the ultimate outcome is that the project failed in all accounts, leading to identification of the perpetrators, but the Iranian nuclear program continued. Reports have emerged supporting these assertions of perpetrator and target.
According to Whigham (2016), “it is now known that the Stuxnet worm was commissioned by the US under the Bush administration and then again under Obama reign.” The revelation is based on years of controversy on the potential of the US or Israel bombing the Iranian nuclear program given they have been allies in the Iraq war. However, it is alleged that the actual attack was carried out by Israel’s foreign intelligence agency (The Mossad) operatives. According to William, John, and David (2011), the Stuxnet attack was carried out by a broader US-Israel component of cyber campaign against Iran codenamed “Olympic Games.” The alleged involvement of Israel follows the assessment from a Mossad official immediately after the attack that Iran’s sudden technical incapacitation could delay its acquisition of nuclear weapons by several years. The assertions are corroborated by evidence posited by Stark (2011) accounting for the journalists’ visit to the Mossad facility (The Hill) in January of 2011 following an invitation from the outgoing chief. According to Stark (2011), Dagan, the outgoing head of Mosssad, was passionate about an alternative to kinetic warfare because the use of bombs will not only fail to end the Iranian nuclear program, but will also heighten the possibility of conventional war with Iran and its allies. The Mossad was more concerned with delaying the Iranian nuclear program and to that end, developed Stuxnet and deployed it, damaging over a thousand centrifuges and the Iranian Natanz uranium enrichment facility at Bushehr.
Motivations of the Perpetrator
Based on evidence from Stark (2011), one can argue that Stuxnet attack was more of an experiment than actual destruction of Iranian physical infrastructure at the nuclear facility. The argument is corroborated by James Lewis’, an analyst at the Center for Strategic and International Studies in Washington, observations that “militaries will now have cyberwar capable arsenal.” Five countries are cited to already have the capability, including Russia and China, but it is alleged that the US, Israel, and the UK also had the motivation to use Stuxnet on Iran (Beaumont, 2010). The Stuxnet incident is proof that cyberwar has come off age and is already influencing military strategies. The US and Israel’s motivation to use Stuxnet on Iraq was informed by the ability of the malicious computer worm to target and cause damage to industrial computer systems. Experts observe that Stuxnet was the first ever cyberattack on computer systems not connected to the internet, which justifies it potential of ushering in a new dawn in cyberwar.
According to Whigham (2016), Stuxnet targets “industrial control systems that are used to monitor and control large scale industrial facilities like power plants, railroads, gas pipelines, dams, waste processing systems and similar operations.” Concerns have been raised that cyberattacks used on such physical systems do not remain in cyberspace, but their effects spill over to the real world with devastating outcomes. Consequently, Stuxnet has been termed by some experts to have Hiroshima-like consequences for humanity. However, the motivation to mount the attack on Iraq can be perceived to be a high level experiment, with Iraq presenting the best case study at the time because of its continued defiance to cease its nuclear programs. This is corroborated by the fact that no perpetrator has claimed responsibility to date, and the worm was designed to be self-destructive, erasing itself in 2012 to limit the scope of the damage.
In addition, it has been established that President Obama after consultation with the Pentagon, chose to deploy an updated version of the virus that temporarily took out over 1,000 of the 5,000 centrifuges used by the Iranian facility to purify uranium. From the perpetrators point of view, one can argue that Stuxnet was successful because it achieved its objective of temporarily sabotaging and hence delaying the Iranian nuclear program. Nevertheless, it provided a rude awakening to all stakeholders in respect to the potential of cyberwarfare, forcing them especially the US, to rethink their defensive strategies. According to Chen (2010), Stuxnet is a classic example of “any David taking on a Goliath,” and it is the industrialized countries that should be more concerned.
How the Incident Came to Light
“For every clever method and tool being developed to hide information in multimedia data, an equal number of clever methods and tools are being developed to detect and reveal its secrets” (Wang & Wang, 2004). This is how Stuxnet came to light. According to Whigham (2016), once introduced into the system, Stuxnet virus turned itself on after 13 days, rewriting protocols causing centrifuges to either slow down or speed up, destroying themselves in the process. The sophisticated nature of the virus made the sabotage possible without detection by the monitoring systems at the facility. However, an error in programming caused the virus to escape, spreading throughout the internet and infecting computers worldwide. According to Michaletos (2010), Stuxnet was first discovered in July 2010 by a Belarus based security firm, VirusBlokAda.
The discovery was an outcome of follow-through investigation of a complaint by a customer in Iran who reported: a stuck machine rebooting over and over again (Kim, 2010), and largely owed to unwavering dedication of experts at Symantec, an Israel based global largest antivirus company (Stark, 2011). The malware was christened Stuxnet by forensic experts who investigated it, based on a filename on its code. Fidler (2011) observed that Stuxnet presence was brought to light when concerned emerged of its unbridled proliferation on the internet and the potential of collateral damage exceeding that experienced at the Iranian nuclear facility. After the capabilities of Stuxnet were revealed, investigations were promptly launched to ascertain its origin, leading to identification of the worm as cyberwarfare used by the US-Israel operative on Iranian nuclear facilities.
Recommendations and Analysis
Experts established that Stuxnet was designed specifically to target Supervisory Control And Data Acquisition (SCADA), systems for controlling and monitoring industrial processes. The virus, using a reprogrammable logic controller, spies on and reprograms industrial systems and has the capability to hide its changes making detection difficult. Fidler (2011) posited that there is a consensus about Stuxnet being the first cyberattack used to effect physical destruction. Unlike previous cyberattacks targeting stealing of individual identities for fraud, Stuxnet represented a significant threat because of its potential for physical destruction and subsequently, calamities. A foreboding footage in Gibney’s Zero Days has a statement by Michael Hayden, a former CIA and NSA director: “This has the whiff of August 1945. Somebody just used a new weapon and this weapon will not be put back in the box” (Whigham, 2016). This is the predicament facing the world as a result of the Stuxnet incident. Therefore, appropriate steps must be taken to prevent the potential of the world drowning in a calamitous cyberwar.
Governments and private sectors must invest resources in testing the vulnerability of their industrial systems to cyberwar attacks and institute appropriate measures to counter any potential attacks. Stuxnet was successful because it exploited a weak point in industrial software developed by Siemens, step 7, which was used to run industrial centrifuges at the Iranian nuclear facility. The spread of cyberwarfare through the internet makes it accessible to different parties who may modify it for other detrimental uses, and thus should be curbed. Enactment of legislation with legal provisions on development and use of malware with the potential for cyberwar is necessary to deter perpetrators. However, the Stuxnet incident set a precedent for cyberattacks, which experts argue that will be employed again, especially given the need to avoid conventional war. Constant vigilance of industrial systems is of paramount important to ensure such cyberattacks are detected and thwarted as early as possible to avoid the potential of catastrophic outcomes where industrial systems used by the public are targeted.
References
Beaumont, P. (2010, Sep). Stuxnet worm heralds new era of global cyberwar. The Guardian. Retrieved 17/04/2017 from: https://www.theguardian.com/technology/2010/sep/30/stuxnet-worm-new-era-global-cyberwar.
Chen, T. (2010). Stuxnet, the real start of cyber warfare?[Editor's Note]. IEEE Network , 24 (6), 2-3.
Fidler, D. P. (2011). Was stuxnet an act of war? decoding a cyberattack. IEEE Security & Privacy , 9 (4), 56-59.
Grossman, W. M. (2017, January). Zero Days, film review: Stuxnet, secrecy and the new era of cyber war. ZDNet. Retrieved 17/04/2017 from: http://www.zdnet.com/article/zero-days-film-review-stuxnet-secrecy-and-the-new-era-of-cyber-war/.
Herman, S. (2017, April). North Korea denounces US, displays massive military might. Voice of America News. Retrieved 17/04/2017 from: https://www.voanews.com/a/north-korea-denounces-united-states-naval-armada-approaches/3811235.html.
Kim, Z. (2011, July). How digital detectives deciphered Stuxnet, the most menacing malware in history. Wired Threat Level Blog . Retrieved 17/04/2017 from: http://www.wired.com/threatlevel/2011/07/how-digital-detectives-deciphered-stuxnet.
Michaletos, I. (2010, Dec). Stuxnet marks the starting point for a new era of real Cyber warfare. World Security Network. Retrieved 17/04/2017 from: http://www.worldsecuritynetwork.com/Cyber-Security/ioannis-michaletos-1/Stuxnet-marks-the-starting-point-for-a-new-era-of-real-Cyber-warfare.
Parks, R. C., & Duggan, D. P. (2011). Principles of cyberwarfare. IEEE Security & Privacy , 9 (5), 30-35.
Stark, H. (2011, August). Mossad's miracle weapon: Stuxnet Virus opens new era of cyber war. Spiegel TV Online . Retrieved 17/04/2017 from: http://www.spiegel.de/international/world/mossad-s-miracle-weapon-stuxnet-virus-opens-new-era-of-cyber-war-a-778912.html.
Wang, H., & Wang, S. (2004). Cyber warfare: steganography vs. steganalysis. Communications of the ACM , 47 (10), 76-82.
Whigham, N. (2016, July). Alex Gibney film gives chilling insight into the world of state sponsored cyber warfare unleashed by Stuxnet. News.com. Retrieved 17/04/2017 from: http://www.news.com.au/technology/online/security/alex-gibney-film-gives-chilling-insight-into-the-world-of-state-sponsored-cyber-warfare-unleashed-by-stuxnet/news-story/a7063ae03dcb5cd6ed2a576d6a8ea9dc.
William J. B., John, M., & David, E. S. (2011, January). Israel tests on worm called crucial in Iran nuclear delay. New York Times .