Stuxnet and the Paradigm Shift in Cyber Warfare

A Brief History of the Stuxnet Worm Including Its Targets, the Initial Findings, Possible Creators of the Worm and Its Effects

3 of 4 1 | 2 | 3 | 4 View on one page

Even disregarding these items, Israel may still be considered one of the primary candidates for the creation of the worm. With its troubled history in the geographical area and its desire that Iran not have a nuclear program, it seems to be a likely candidate based on motive alone. Another piece of the puzzle that seems to indicate Israel is its secretive Dimona complex in the Negev desert. The New York Times posted articles stating, according to confidential experts, the Dimona complex was responsible for testing the Stuxnet worm on P-1 centrifuges identical to those at the Natanz nuclear facility.9 The Israeli chief of staff, General Gabi Ashkenazi, also took credit for the Stuxnet worm as part of his achievements at his retirement ceremony.10 

The New York Times, among other news organizations, states that the Dimona complex and its possible use of P-1 centrifuges leads to a U.S. connection. The United States obtained P-1 centrifuges after Libya gave up its nuclear program in late 2003 and sent them to the Oak Ridge National Laboratory in Tennessee. The Oak Ridge National Laboratory is part of the Department of Energy, which cooperated with Siemens in early 2008 at its Idaho National Laboratory. The cooperation allowed the Idaho National Laboratory to test out vulnerabilities in Siemens computer controllers used in industrial machinery throughout the world.11 

However, there is also evidence that points away from the U.S./Israeli connection to Stuxnet. Security expert Jeffery Carr wrote a white paper titled "Dragons, Tigers, Pearls and Yellowcake: Four Stuxnet Attack Scenarios" in which he discusses varying motives that the creators of Stuxnet could have had in releasing it. His four theories include; sabotage of countries rich in rare-mineral mining operations, the use of Stuxnet as eco-terrorism by groups such as Greenpeace to target nuclear facilities, corporate sabotage of Siemens by competitors such as French nuclear corporation Areva, and sabotage by China in an effort to increase oil imports.12 The white paper serves to take a look at possibilities surrounding the creation of Stuxnet that have not been widely explored in popular news media.

It is the opinion of the author, though, that as much evidence seems to point to the United States and Israel, eco-terrorists or China, it is important to look at other possibilities as well. In cyberspace it is easy to make evidence seem to point in one direction when it was either created to do so or simply misinterpreted. The key is to understand there is evidence out there, and we must be thinking critically to anticipate what is next both from the creators of Stuxnet and others that have the same capabilities.

Effects on Cyber Community

To properly look at the effects of Stuxnet as a paradigm shift in cyber warfare, we must not only look at the damages Stuxnet caused, but the effects that it has had on the cyber community. The first part of the community to look at specifically would be Iran, as it suffered the most direct effects of Stuxnet. Since the detection of Stuxnet, the Iranian government has tried to bolster its cyber security and monitoring. The Iranian government launched its first cyber police unit in January 2011, stating that it will be tasked with patrolling and monitoring the Internet for purposes of countering spies and misuse of public and private information.13 Unfortunately, a side effect of this move to try to protect its networks is that the cyber police have also been tasked with subverting social networks. The social networks are the same ones that were used to organize protests during the disputed presidential election of 2009. These cyber police units were ultimately delegated much more power over the freedom of speech through the Internet in Iran.

Another approach Iran is taking is the recruiting of hackers to launch a cyber warfare campaign against Iran's enemies. Brigadier Gen. Gholamreza Jalali, who leads the Iranian Passive Defense Organization, states that its mission is "to fight our enemies with abundant power in cyberspace and Internet warfare."  The hackers recruited by Iran are being offered very generous salaries to aid in the cyber warfare campaign.14 One group, calling itself Iran's Cyber Army, has already taken credit for attacks launched against websites of the opposition party in Iran. 

Since the Stuxnet attack, Iran has also looked to increase its IT presence in the international community. Iran made claims of creating a supercomputer that, if true, will rank in the Top 500 list of the world's most powerful computers.15 This is no small achievement for Iran and shows its desire to compete on an international scale in the cyber warfare and IT realm.

The United States government is also on edge regarding the Stuxnet worm and the effects it will have due to the attack. Stuxnet re-emphasized and undoubtedly informed many for the first time, that even large and powerful nations are not immune to cyber-attacks and can become targets. President Obama has pushed for a large increase in cybersecurity research in the 2012 federal budget, going as far to say that the need for an increase in the science and technology sector is a new Sputnik moment for the United States. The budget would increase cybersecurity research and development by 35%, bringing the total to $548 million in 2012.16

3 of 4 1 | 2 | 3 | 4 View on one page
Show Comments
Hide Comments

Join the discussion

We welcome your thoughtful comments.
All comments will display your user name.

Want to participate in the discussion?

Register for free

Log in for complete access.


No one has commented on this page yet.

RSS feed for comments on this page | RSS feed for all comments