A malware of record complexity made the news in the summer of 2010. Dubbed by companies in the anti-virus industry, Stuxnet, the malware utilized multiple zero-day exploits. Even while the malware eventually became the most complicated malicious code that the technological world had ever witnessed, no one in the arena has a clue about its intention. Most of the experts in the industry were investigating the wrong issue because Stuxnet did not depict the characteristics of any other malware that had happened before. The malware was designed to attack the Natanz fuel enrichment infrastructure, which was the most important of Iran’s nuclear weaponry project. This paper reports on important aspects of the malware, including the origins of the cyber incident, the international policy and relations context of the attack, the effects of the incident on the target, and the reaction of the incident on the target. The author, in their appraisal of the extant studies, establishes that Stuxnet could have been created in a joint project by the US and Israeli to push for the attainment of their foreign policy objectives against the nuclear weaponry project of Iran. Despite confirmed authorship of the code, its objective, mode of attack, and complexity is a new aspect in international relations, which points at the fact that digital warfare could still replace conventional warring without necessarily losing the meaning of war.
Methodology
The current paper is a secondary research that analyzes the extant data on the malware. The choice of this methodology is important in the sense that it is easy to establish from the extant studies all the aspects that the research paper seeks to determine. A study of this type is both time and cost-effective. The author reviews data from ten studies that are obtained from technology journals of repute drawn from different electronic databases. The studies are analyzed to establish similar and different themes that importantly inform the relevant information on the study topic.
Delegate your assignment to our experts and they will do the rest.
The Origins of the Cyber Incidence
Studies do not officially identify the authorship of Stuxnet, yet judging from the complexity, size, and the efforts towards developing the code, one may conclude that it could have been impossible for such a lethal malware to be created without the support of a nation-state (Baezner & Robin, 2017). The only extant information on the authorship of the malware dates back to 2007 when an unidentified individual delivered its sample code to Virustotal, a collaborative anti-virus platform that later turned out as the first strain of the virus as it is currently understood. As much as the anti-virus world did not understand the code at the time, it was found to have a payload designed to severely interfere with the Natanz Fuel Enrichment infrastructure, especially the centrifuge of Cascade Protection System (Gomez 2019a).
While no one has claimed responsibility for developing the code, some forensic examinations of the malware reveal some possible involvements of Israel and the United States. According to Langner (2016), the registry key for Stuxnet was 19790509 for its infection marker. Initially, the technological world did not understand the meaning of the number until the F-Secure Labs from Finland intervened and establish that the code could have meant 9 th of May, 1979 (Langner, 2019). An analysis of the international relations of Iran and other nations in the context of the date was conducted; experts established that it could have been representing the date of the execution of Habib Elghanian, a Jewish-Iranian businessperson. He had been suspected of spying on Iran (Cavelty & Egloff, 2019). Furthermore, the latter study reports the reference to ‘Myrtus,’ which could be a direct reference to the myrtle plant, which is also called Hadassah in the Hebrew language to reference Queen Esther who was a former Jewish Queen of Persia. In affirming a possible involvement of Israel, the US Cyber-Consequences Unit reported that Israel could have chosen to attack Iran’s nuclear resources instead of aerial attacks for lack of enough personnel and military resources compared to Iran (Baezner & Robin, 2017).
Other reports also indicate a possible involvement of the US. According to Farwell & Rohozinski (2018), America started engaging in Stuxnet from the Bush regime and accelerating under the Obama administration. Important WikiLeaks information disclosed the US interest in the nuclear plants of Iran by covert sabotages. The Iranian government confirmed the fears in 2011 by alleging Israeli and American involvement in the process, which Edward Snowden, a whistleblower on most private illegal American operations affirmed.
International Relations and Foreign Policy Issues around the Attack
The Stuxnet cyber-attack scenario is one that highlights the possible use of cyber warfare in handling international relations and shaping the foreign policy objectives of nations around the world. The fact that reviewed literature reports point at the possible involvement of the US and Israel against Iran reveals something important about nature of international relationships, especially in the fact that countries seek to protect their foreign interests through unconventional means and using virtual alliances (Stevens, 2020; ). The case study of the malware reveals possibilities of an American-Israeli partnership to suppress Iranian efforts to build nuclear weaponry that would further compromise the ability of the US allies in the Middle East and elsewhere to defend themselves in the event of international conflicts (Cavelty & Egloff, 2019; Iasiello, 2017). In this case, it is possible that America was using Israel to advance its foreign policy objectives in the Middle East, especially against Iran and its nuclear project.
The Impact of the Incident on the Target
The worm affected more than fifteen nuclear facilities in Iran. One of the commonly spread ideas of its mode of attack is that a random worker initiated their USB drive to infect the software that controlled the nuclear plants. The Natanz nuclear firm was one of the most affected. The plant detected that an issue had been existing with its computer systems in 2010, which necessitated the intervention of the International Atomic Energy Agency that sent inspectors to the facility and discovered that an unusually high number of uranium enriching centrifuges were breaking down while the cause of such breakages could not be established at the time. In 2010, Iranian officials contacted specialized help from Belarus for the examination of their computer systems, which resulted in the discovery of malicious files that had been logged onto the computer systems of Iran (Gomez, 2019b).
As much as Iran is yet to reveal the specific details around the magnitude of the attack, one of the literature reviewed in this short paper reveals that close to 984 uranium-enriching centrifuges were destroyed, which means that it reduced the operational capacity of the nuclear plants by at least 30% (Farwell & Rohozinski, 2018). In the wake of international relations constraints with some of the US allies in the Middle East, Iran escalated its tension with both the US and Israel after discovering that the two nations could possibly have collaborated to orchestrate the attack.
Reaction to the Incident by the Target
Iran, upon discovery that it had been the target in a cyber-attack, resorted to improve the security of its critical infrastructure. One of the reviewed material suggests that the country improved its cybersecurity capabilities significantly to the extent that it can now challenge some of the most established countries in the field, including the US, Israel, and other Gulf Arab countries (Hall, 2019; Gomez 2019a; b). Iran is currently only limited by international law, which bars countries from targeting the economic infrastructure of others through any form, digital or physical. However, officials from the country suggest that the nation has built enough cyber resources to challenge attacks from other countries in an effort to ensure that it pushes with its nuclear program, the latter study reports.
Conclusion
While no one has claimed responsibility for the authorship of Stuxnet, it is thought that it was an Israeli-American joint project to attack the Iranian nuclear plants and jeopardize the target’s ability to develop nuclear weaponry. One of the most important lessons that I have learned from the case study of the worm is the fact that modern warfare has evolved a great deal and now it does not always have to be physical, especially because alliances are possible in the virtual world. Countries can now enforce their foreign policy objectives without necessarily interfering in the operations of their targets physically. In the wake of such a growing threat to cyberwar, it is important that countries around the world build their capacity to protect against destruction to their critical infrastructure, as the case of Iran exemplifies. The fact that some of the attacks, including Stuxnet, are complicated could mean that significant levels of investment now move towards mitigation projects that would lower the chances of attack and not react to events after they have occurred because some of them could be too complex to be discovered. The difficulty of tracking worms increases the chances of destruction.
References
Baezner, M., & Robin, P. (2017). Hotspot Analysis: Stuxnet. CSS Hotspot Analysis . Retrieved from file:///C:/Users/JACK/Downloads/20171016_MB_HS_StuxnetV1_rev.pdf
Cavelty, M. D., & Egloff, F. J. (2019). The politics of cybersecurity: Balancing different roles of the state. St Antony's International Review , 15 (1), 37-57. https://www.researchgate.net/publication/338572624_The_Politics_of_Cybersecurity_Balancing_Different_Roles_of_the_State
Farwell, J. P., & Rohozinski, R. (2018). Stuxnet and the future of cyber war. Survival , 53 (1), 23-40. https://www2.cs.duke.edu/courses/common/compsci092/papers/cyberwar/stuxnet2.pdf
Gomez, M. A. (2019a). Past behavior and future judgements: seizing and freezing in response to cyber operations. Journal of Cybersecurity , 5 (1), tyz012. Retrieved form https://academic.oup.com/cybersecurity/article/5/1/tyz012/5576447
Gomez, M. A. N. (2019b). Sound the alarm! Updating beliefs and degradative cyber operations. European Journal of International Security , 4 (2), 190-208. Retrieved from https://www.researchgate.net/publication/331895770_Sound_the_alarm_Updating_beliefs_and_degradative_cyber_operations
Hall, M. A. (2019). Advanced Persistent Threat Actors and the Challenges of Cyber Attribution (Doctoral dissertation, Utica College). Retrieved from https://search.proquest.com/openview/bf6fd5b998d4467f449872d4fc1c8506/1?cbl=18750&diss=y&pq-origsite=gscholar
Iasiello, E. (2017). Cyberattack: A dull tool to shape foreign policy. In 2013 5th International Conference on Cyber Conflict (CYCON 2013) (pp. 1-18). IEEE. Retrieved from https://www.ccdcoe.org/uploads/2018/10/24_d3r1s3_Iasiello.pdf
Langner, R. (2016). To kill a centrifuge: A technical analysis of what Stuxnet’s creators tried to achieve. The Langner Group . Retrieved from https://www.langner.com/to-kill-a-centrifuge/
Stevens, C. (2020). Assembling cybersecurity: The politics and materiality of technical malware reports and the case of Stuxnet. Contemporary Security Policy , 41 (1), 129-152. Retrieved from https://www.tandfonline.com/doi/full/10.1080/13523260.2019.1675258
