Connect with us

Technology

Stuxnet: a New Era in Global Security

Alexandra Goman

Published

on

Stuxnet was a malware which affected an Iranian nuclear facility (along with couple of other industrial sites across the world). It was found in 2010 but it took quite a while to actually discover it. What is particular about it is the fact that it crossed the line between cyber and physical domain, showing that it was possible to use a code to damage a critical infrastructure.  Before it, a general debate in national / global security on how a critical infrastructure can be targeted and damaged through the information system has only been theoretical.  After Stuxnet it was evident that cyberspace could be exploited and used to launch cyberattacks in order to cause physical damage. So what actually happened?

On June 17, 2010 Sergey Ulazin from a small security company in Belarus received a help-request for technical support from a customer in Iran. Arbitrary BSODs (a stop error after a system crash) and computer reboots were reported. After careful examination and a regular check for system malfunction, it was discovered that a malware infection was probably involved (The Man Who Found Stuxnet – Sergey Ulasen in the Spotlight). Having a stealthy nature and strange payload, it was later named Stuxnet, according to the file-name found in the code. A computer worm infected at least 14 industrial sites in Iran along with the uranium-enrichment plant in Natanz.

It carried genuine digital certificates (they guarantee that you can trust a file) from recognized companies, and it was well-developed and direct. The malware was able to determine the target it was looking for. In case, it was not, it did nothing and moved on to another system. This “fingerprinting of the control systems” proved that it was not just an average malicious program, but a targeted malware that meant to destroy.

Although Stuxnet relied on a physical person to install it (via USB flash drive), the worm spreads on its own between computers with Windows operating system. It affects other machines, regardless of the connection to the Internet though a local computer network. It could also infect other USB flash drives and jump into other computers through it. Moreover, it proliferates very quickly.

Once the worm infects a system, it waits, checking if necessary parameters are met. As soon as they are, it activates a sequence that causes industrial process to self-destruct. Symantec, a software company that provides cyber security software and services, conducted a thorough analysis of Stuxnet and found that Iran, Indonesia and India were the most affected countries in the early days of infection. The nuclear facility at Natanz was one of the most affected.

Furthermore, the principle is that this malware identifies a target, then records the data and finally decides what normal operations are. After this, it plays pre-recorded data on the computers of the personnel so that they think that the centrifuges are running normally, when in fact they are not. In the end, it erases itself from the system so that it cannot be traced and/or found.

The International Atomic Energy Agency inspected the Natanz facility and confirmed (International Atomic Energy Agency (2010)) that the centrifuges were malfunctioning and producing less than 20% of enriched uranium. However, at that time, the reason for that was unknown. The most detailed damage assessment came later from the Institute for Science and International Security in Washington. It claimed that Stuxnet destroyed 984 centrifuges. However, Iran has not provided such a number, and the IAEA failed to give precise information on the damage.

Stuxnet crossed this line where a code infects software or digital programs, what it actually did, it affected the physical equipment. This has brought a new technological revolution. Before, viruses were used by cyber pranksters and minor rowdies to cause a system to crash on computers of innocent victims. But state-to-state attacks and a cyberwar were not discussed and were not thought of, as it was something out of science fiction scenarios. Stuxnet has changed this perception, and opened a new era in global security.

A former chief of industrial control systems cyber security research said that Stuxnet was “the first view of something … that doesn’t need outside guidance by a human – but can still take control of your infrastructure. This is the first direct example of weaponized software, highly customized and designed to find a particular target.” It is not hard to imagine that similar malicious programs can be developed in the future and used to achieve a military and/or political goal.

Many believe that the cyberattacks on Iran nuclear facility were meant to slow down Iran nuclear program. However, enrichment recovered within a year, and did not permanently damage nuclear program. Some experts also say that it had no effect on nuclear program whatsoever and the whole situation around Stuxnet was over-hyped by the media. Others are also saying that evidence on the malware has been inconclusive and Stuxnet may have, in fact, helped in speeding up Iranian nuclear program. The media reaction towards cyberattacks may have been exaggerated because of the secrecy around cyber issues but in end Stuxnet has made a good story.

As to the parties involved, the attack was not tied to a specific name and/or a country. Yet, it widely believed to be launched by U.S. and Israel. The sophistication of the program required considerable amount of resources, including extensive financial support and skilled specialists. This is why many security companies and experts agree on attributing the complex malware to one or more states. Among them is Kaspersky Lab, a multinational cyber security company, who says that the attack was launched with a specific motivation in mind. The attackers wanted to access industrial control systems which monitor and control infrastructure and processes of the facility. (Similar systems are used in power plants, communication systems, airports, and even military sites). Moreover, such an attack required significant amount of intelligence data so Kaspersky Lab is convinced that it was likely supported by a nation state.

Although the identity of the attacker is still unknown, many experts in international politics believe that the attack was clearly politically-motivated and aimed to slow down the development of Iran’s nuclear program. The United States and Israel both deny their involvement in Stuxnet, however, some leaked information (WikiLeaks, CBC interview with a former CIA director Michael Hayden etc.) suggests that the claims might have some credibility. Regardless the claims made, it is important to highlight that no country officially declared that it launched an offensive cyberattack.

All in all, Stuxnet has revolutionized the way we look at malicious digital programs and boosted a debate about cyber tools used for political purpose. After all, we are living in a highly digitalized world where we are dependent on technology. Military is no exception. Digital technologies are widely being incorporated into military planning and operations. Modern nuclear and conventional weapons systems rely and depend on information systems for launching, targeting, command and control, including technologies that govern safety and security. It is clear that future military conflicts will all include a digital aspect and cyber technologies. Stuxnet was just an early version of software that could potentially destroy an industrial site, specifically a nuclear facility. If malware actually achieved its goals, consequences would have been disastrous and could cause an international crisis.

 After all, as experts once have said, “Major concern is no longer weapons of mass destruction, but weapons of mass disruption” (Cetron and Davies, 2009).

Use your ← → (arrow) keys to browse

Specialist in global security and nuclear disarmament. Excited about international relations, curious about cognitive, psycho- & neuro-linguistics. A complete traveller.

Continue Reading
Comments

Technology

Are You Aware Of Your Children’s Online Activity?

Published

on

child privacy mother

There’s a big, wide, scary, often strange world out there, and it’s the task of any individual to grow into an adult and begin to contend with it. However, most responsible parents understand that showing the raw facts of life, or being introduced to bad influences is simply not suitable for a young child. They must learn slowly, with care, and appropriately to the degree we’re able to foster that environment. Parents cater to this by controlling what friends their children make, or what hours they may be allowed to spend time with them.

However, a growing cause for concern is the fact that many parents fail to keep their children safe online. The internet may as well be its own world, and it reflects our reality, both the good and the bad, the trustworthy and the terrible. This means that as a parent, it’s important to stay aware of your child’s online activity. If you can do that, you can better control the content they see, what they’re allowed to access, and the influences they are moved by.

Use Worthwhile Content Filters

It’s important to use the best content filters and parental controls you can. Some offer you access to limit internet time, while others help you block certain websites or content from being seen. With the best cyberbullying safety services, you can also ensure that your children are equipped to handle the unfortunate likelihood of encountering abuse online. The more you can engage in good habits now, and regulate their usage, the less likely they are to come to harm within the wild west that is the online world.

Understand The Trends

Understand the trends that occur and know how to deal with them. For instance, you might block access to certain apps or sites, but your child’s friend’s parents may not have the same philosophy. If you know the trends through paying attention to what they’re saying, you will be able to assess if they’re healthy or not. For instance, TikTok is now seen as a negative influence on many young children due to how poorly they moderate their content, and how limited content filters are in place. When you make decisions to help them stay secure, you are in effect limiting the vulnerable pathways in which they could become less safe.

Stay Alert

It’s important to say, but stay alert. If you notice your child is finding it hard to engage with social media, or they follow a risky YouTuber, you are within your right to restrict access or to observe more closely. It’s a tough job, but ultimately you cannot completely banish your child from the internet for the entirety of their childhood. It’s best to help them build healthy habits now and also know how to stay safe online than to pretend it doesn’t exist. To that end, you’ll be making the right choices.

With this advice, we hope you can better stay aware of your children’s online activity, and manage it as appropriately.

Prev postNext post
Use your ← → (arrow) keys to browse

Continue Reading

Technology

How does Technology Affect the Working Environment?

Published

on

Technology-in-2019

Throughout history, machines and technology have changed the way that we work across nearly every industry. From the industrial era, all the way through to the modern age, it would seem that technology has improved working conditions significantly. The impact that it has had is immense. Some of the main changes can be found below.

Speed and Efficiency

Workers in this day and age are far more productive than they have ever been. The impact that technology has had on work, both in communication and manufacturing has increased the rate of production and the speed at which business can occur. Tech in the workplace has also helped workers to become far more efficient. What once took hours can now take minutes. Messages can be sent to clients across the world and proposals and payments can also be transferred instantly. Support for workers can also be found online.  For example, personal injury claim legal help can be obtained online and you can file a claim within minutes.

Working Together as One

Team coordination really has never been easier. When you look at online communication tools and technology you will soon see that people can now work together much more closely. Collaboration is also much simpler to achieve. Even when colleagues are not able to be in the same workplace physically, teams can hold meetings through video technology. They are also able to work on the same documents through file-sharing platforms such as Google Drive and this is fantastic to say the least.

Technology and Office Culture

Everyone knows that tech in the workplace is changing. Beer is available on tap in some workplaces and others are offering video games as a means for their team to relax at the end of a hard day. Open offices are also a trend. The mere idea of creating a better company culture can now be used to lure workers who are in-demand and this doesn’t look to be going away anytime soon. Technology in the workplace has also made it much more possible to work remotely. Companies need to create incentives to try and keep their workers happy and to also keep them drawn into the office.

Live where You Work

One of the biggest impacts of tech in the workplace is the workplace itself. Most jobs require you to clock in and work on-site but there really are so many open positions for those who telecommunicate, and people can now work from home more than ever before. Of course, with so many changes being made it’s not hard to see that so much is being done to try and help support this movement and some companies have even put in the effort to try and make sure that they give their teams the chance to work from home permanently. Only time will tell what the future holds, but right now it looks like tech has had a huge impact on the workplace and the effects are going to be felt for years to come.

Use your ← → (arrow) keys to browse

Continue Reading

Business

Quotes To Get Your Boss To Take Cyber Security Seriously

Published

on

cyber security

There is no denying that data security is something that all businesses need to take seriously today. Unfortunately, there are many companies out there who are failing to do so. This is because they have the “it won’t happen to me attitude.” However, many companies have closed after a data breach. Therefore, to save the future of your business and your job, try to convince your boss with these quotes…

We are going to start with a quote from the founder and CEO of Blue Lava, Inc, Demitrios ‘Laz’ Lazarikos, who talks about implementing a modern program on cyber risk. From privileged access management services to network segregation, we need to stay ahead of the times with our strategy.

“A modern cybersecurity program must have Board and Executive level visibility, funding, and support. The modern cybersecurity program also includes reporting on multiple topics: understanding how threats impact revenues and the company brand, sales enablement, brand protection, IP protection, and understanding cyber risk.”

If your boss thinks he or she is above the law, William Malik, VP and Research Area Director for Information Security at Gartner has a great quote on the matter…

“A business will have good security if its corporate culture is correct. That depends on one thing: tone at the top. There will be no grassroots effort to overwhelm corporate neglect.”

Chairman of the Ponemon Institute, Dr. Larry Ponemon, has spoken about insider attacks. Insider attacks – whether malicious or accidental – are the most common. However, they’re not being taken as seriously as they should…

“We discovered in our research that insider threats are not viewed as seriously as external threats, like a cyberattack. But when companies had an insider threat, in general, they were much more costly than external incidents. This was largely because the insider that is smart has the skills to hide the crime, for months, for years, sometimes forever.”

While some business owners do implement cyber security controls, there seems to be a lack of thought behind the strategy that is implemented, and this is what Dr. Chris Pierson, CEO at Binary Sun Cyber Risk Advisors has said on the matter…

“What we should actually be doing is thinking about what are our key controls that will mitigate the risks. How do we have those funneled and controlled through the team that we have, how do we work through that in a well-formatted, formulated process and pay attention to those controls we have chosen? Not a continual, add more, add more, add more.”

One of the biggest problems with data security is that a lot of business owners believe it is nothing more than an IT issue. Steven Chabinsky, Global Chair of Data, Privacy & Cybersecurity at White & Case LLP, has put this into perspective…

“Thinking of cybersecurity solely as an IT issue is like believing that a company’s entire workforce, from the CEO down, is just one big HR issue.”

So there you have it: some of the most compelling quotes out there regarding cyber security today. We hope these will help you to convince your boss that it’s critical!

Use your ← → (arrow) keys to browse

Continue Reading

Trending