The wo rm made the devices spin so f ast that the

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: t, “Cyberwar: Sabo taging the System,” 60 Minutes, No vember 8, 2009. Stuxnet: A New Era of Cyberwarfare Stuxnet may be the mo st no to rio us kno wn act o f cyberwarf are ef f o rt to date (o ne expert called it “the mo st so phisticated wo rm ever created”).N. Firth, “Co mputer Super-Virus ‘Targeted Iranian Nuclear P o wer Statio n’ but Who Made It?” Daily Mail, September 24, 2010. Suspected to have been launched by either U.S. o r Israeli intelligence (o r bo th), Stuxnet inf iltrated Iranian nuclear f acilities and repro gramed the industrial co ntro l so f tware o perating hundreds o f uranium-enriching centrif uges. The wo rm made the devices spin so f ast that the centrif uges ef f ectively destro yed themselves, in the pro cess setting back any Iranian nuclear ambitio ns. The attack was so so phisticated that it even altered equipment readings to repo rt no rmal activity so that o perato rs didn’t even kno w so mething was wro ng until it was to o late. So me might f ear Stuxnet in the wild—what happens if the co de spread to systems o perated by peacef ul natio ns o r systems co ntro lling critical inf rastructure that co uld threaten lives if inf ected? All impo rtant questio ns, but in Stuxnet’s case the wo rm appears to have been designed to target very specif ic systems. If it go t o nto a no ntarget machine, it wo uld beco me inert. P ro pagatio n was also limited, with each co py designed to inf ect o nly three additio nal machines. And the virus was also designed to self -destruct at a f uture date.M. Gro ss, “A Declaratio n o f Cyber-War,” Vanity Fair, April 2011. Stuxnet sho wed that with co mputers at the heart o f so many systems, it’s no w po ssible to destro y critical inf rastructure witho ut f iring a sho t.T. Butterwo rth, “The War against Iran Has Already Started,” Fo rbes. September 21, 2010. While f ew want to see Iran get the bo mb, what do es the rise o f cyberwarf are mean f o r f uture co mbat and f o r citizen vulnerability, and what might this mean f o r businesses who se pro ducts, services, o r o rganizatio ns may beco me targets? Other threats co me f ro m malicio us pranksters (so metimes called griefers o r tro lls), like the gro up that po sted seizure-inducing images o n Web sites f requented by epilepsy suf f erers.M. Schwartz, “The Tro lls amo ng Us,” New Yo rk Times, August 3, 2008. Others are h ackt ivist s, targeting f irms, Web sites, o r even users as a pro test measure. In 2009, Twitter was bro ught do wn and Facebo o k and LiveJo urnal were ho bbled as Russian-sympathizing hacktivists targeted the so cial netwo rking and blo g acco unts o f the Geo rgian blo gger kno wn as Cyxymu. The silencing o f millio ns o f acco unts was simply co llateral damage in a massive DDo S attack meant to mute this single critic o f the Russian go vernment.J. Schectman, “Co mputer Hacking Made Easy,” BusinessWeek, August 13, 2 0 0 9. And as po wer and respo nsibility is co ncentrated in the hands o f a f ew revenge-seeking emplo yees can do great damage. The San Francisco city go vernment lo st co ntro l o f a large po rtio n o f its o wn co mputer netwo rk o ver a ten-day perio d when a single disgruntled emplo yee ref used to divulge critical passwo rds.J. Vijayan, “Af ter Verdict, Debate Rages in Terry Childs Case,” Co mputerw o rld, April 28, 2010. The bad guys are legio n and the go o d guys o f ten seem o utmatched and underreso urced. Law enf o rcement agencies dealing with co mputer crime are increasingly o utnumbered, o utskilled, and underf unded. Many agencies are staf f ed with technically weak perso nnel who were trained in a prio r era’s crime f ighting techniques. Go vernments can rarely match the pay scale and sto ck bo nuses o f f ered by private industry. Organized crime netwo rks no w have their o wn R&D labs and are engaged in so phisticated develo pment ef f o rts to piece to gether metho ds to thwart current security measures. “Hacker”: Good or Bad? The terms h acker and h ack are widely used, but their meaning is o f ten based o n co ntext. When ref erring to security issues, the media widely ref ers to hackers as bad guys who try to break into (hack) co mputer systems. So me geezer geeks o bject to this use, as the term hack in co mputer circles o riginally ref erred to a clever (o f ten technical) so lutio n and the term hacker ref erred to a particularly skilled pro grammer. Expect to see the terms used bo th po sitively and negatively. Yo u might also enco unter the terms wh it e h at h ackers and black h at h ackers. The white hats are the go o d guys who pro be f o r weaknesses, but do n’t explo it them. Instead, they share their kno wledge in ho pes that the ho les they’ve f o und will be plugged and security will be impro ved. Many f irms hire co nsultants to co nduct “white hat” hacking expeditio ns o n their o wn assets as part o f their auditing and security pro cess. “Black hats” are the bad guys. So me call them “crackers.” There’s ev...
View Full Document

This document was uploaded on 01/31/2014.

Ask a homework question - tutors are online