CYBER TERRORISM: THE STUXNET WORM

Cyber terrorism: The stuxnet worm

Cyber terrorism: The stuxnet worm

Introduction

Stuxnet is a computer worm that affects computers running Windows, revealed in June 2010 by a security company based in Belarus named VirusBlokAda. The 1st worm identified was the spyware that reprograms industrial systems in particular systems, SCADA control and monitoring of processes. It may affect critical infrastructure such as nuclear power plants. Stuxnet is capable enough to reprogram the PLC and conceal the transformations. It is also the first worm known to include rootkit PLC reprogrammable systems.

The European digital security company Kaspersky Labs Stuxnet described in a press release as "a working prototype of a weapon and frightening cyber lead to the creation of a new global arms race." Kevin Hogan, an executive at Symantec, said that 60% of computers contaminated with the worm in Iran, suggested that industrial facilities could be the goal. Kaspersky concludes that the attacks could only occur "with the support of a sovereign nation, "turning to Iran in the first goal of an actual cyber war (Jonathan, 2010).

Discussion

Stuxnet is not just a new virus or a malicious worm, it opens a network virus war and a new era of cyber-terrorism. Perhaps we all know that the creating viruses is a cybercrime that manufactures malicious program which steal money, send spam or collect personal privacy data, but perhaps this is the first time a Virus will destroy buildings, cause the destruction of power plants, factories and other industrial systems and even kill people. Stuxnet has attracted the attention of a large number of malicious programs researchers in the past year. Its arrival even interfered with Iran's nuclear program implementation process. It's a huge threat to the establishment of four on the windows system “zero-day exploits”, and some “anti-detection” trick to avoid the detection of anti-virus software. By infecting the PLCs, it controls procedures to modify the machine and to change its execution behavior. This paper will discuss The stuxnet working principle of its life cycle.

The most likely target of the worm (according to corroborate media like BBC and the Daily Telegraph) could be of high value infrastructure, belonging to Iran and control systems of Siemens. Media as India Times suggest that the attack may have delayed the launch of nuclear plant Bushehr. Iranian sources have described the attack as "electronic warfare" but minimized the impact of damage to their facilities. Some U.S. media as the New York Times have attributed their authorship to the U.S. and Israeli intelligence services (Jonathan, 2010).

History

In mid June 2010 a company reported its existence as “VirusBlokAda” which has dated some of their components in June 2009. The worm contains some elements compiled on February 3, 2010, according to its time stamp. Although the initial attack appears to focus on Iran, since then the infection has been expanding in different countries. According to security firm Symantec, in August 2010 the main infected countries were:

Country

Number of infected computers

Iran

62.867

Indonesia

13.336

India

6.552

USA

2.913

Australia

2.436

Great Britain

1.038

Malaysia

1.013

Pakistan

993

Germany

15

In September it was announced in the newspaper New York Times that the worm's code contains a reference to a file named ...