|
|
| Fig. 1: Graphic displaying how Stuxnet modifies the information flows between PLC, Step7, and the operator interface. [5] (Source: Wikimedia Commons) |
The first two decades of the 21st century have brought with it the Information Age. Computers, the internet, and a vastly more connected world makes possible instantaneous communication of information to any spot on the globe. [1] With the great benefits this interconnectedness has brought us come never before seen threats. Specifically, the threat of cyberweapons. The threats this term describes rise above those posed by the lone-wolf hacker that Hollywood often portrays.
The word cyberwar can be broken down and analyzed as its two roots, cyber and war. The UN defines "cyber" as, "The global system of systems of Internetted computers, communications infrastructures, online conferencing entities, databases and information utilities generally known as the Net." Sun Tzu then defines war as, "of vital importance to the State. It is a matter of life and death, a road either to safety or to ruin." [2] Inherently, cyberwar is a term reserved for well funded and deliberate attacks by state actors. Cyberweapons are unconventional, and in that sense tough to fear. They are not bombs dropped from the sky, they are not guided missiles, hence, they are far from the canonical definitions of war. For many years, this meant that both politicians and the public underestimated the immense harm that these cyberweapons are capable of. In recent years, cyberweapons have began to manifest as a legitimate way to conduct war. The first institutional sign of this in the United States was the founding of the U.S. Cyber Command (USCYBERCOM) in 2009. [3] One of the infamous coordinated attacks thought to have resulted from this investment was Stuxnet. Stuxnet, the first of its kind, was a virus used to attack Iranian nuclear facilities. Stuxnet will be used through the rest of this paper as a case study to argue for greater investment in the defense of the United States nuclear infrastructure.
While the general public sees a cyberweapon as a means to steal bank information or account credentials, Stuxnet was an example where the weapon traversed from the cyber realm to the physical one, causing immense strategic destruction along the way. First discovered by the Russian computer security firm Kaspersky Labs in 2010, Stuxnet was identified as a worm. In other words, a virus that once planted both replicates and spreads by itself. [4] The virus was designed to infect windows operating systems, and once in place, search for Siemens Step7 software. This is software commonly used to monitor and control industrial systems, such as a programmable logic controller (PLC.) In this case, Stuxnet was looking for the PLCs responsible for controlling Iranian nuclear enrichment centrifuges. [4]
Once in place, the advanced malware uses the information collected about normal operations of the facility to spoof healthy operations of the centrifuges (Fig. 1). In reality, the malware is spinning centrifuges at a rate far above their bounds of their operational limits. While doing this, Stuxnet would display on the monitors of plant operators the normal operational information that it had collected in its espionage phase. The operation resulted in the destruction of an unkown, yet thought to be significant amount of Irans nuclear enrichment centrifuges. [4]
Stuxnet is the first time that a cyberweapon has been used to physically destroy a vital national interest. It has formally opened a pandoras box, and ushered in a new means of waging war. It would be naive to assume that the United States has adequately defended its vital infrastructure, especially infrastructure built before the rise of information age from external attacks just like stuxnet. On October 11th, 2012 Secretary of Defense Leon Panetta stated in an address that "The collective result of these kinds of attacks could be a cyber Pearl Harbor; an attack that would cause physical destruction and the loss of life. In fact, it would paralyze and shock the nation and create a new, profound sense of vulnerability." One thing is for certain, while the United States was developing Stuxnet, foreign adversarys abroad were not lying dormant.
© Frank Voris. The author warrants that the work is the author's own and that Stanford University provided no input other than typesetting and referencing guidelines. The author grants permission to copy, distribute and display this work in unaltered form, with attribution to the author, for noncommercial purposes only. All other rights, including commercial rights, are reserved to the author.
[1] M. Castells, "Introduction to the Information Age," in Media Studies, 3rd Ed., ed. by S. Thornham, C. Bassett, and P. Marris (New York University Press, 2009), p. 152.
[2] J. Andress and W. Sinterfeld, Cyber Warfare, 2nd Ed. (Elsevier, 2014).
[3] T. M. Chen, "Stuxnet, the Real Start of Cyber Warfare?," IEEE Network 24, 2 (2010).
[4] D. Kushner, "The Real Story of Stuxnet," IEEE Spectrum 50, 48 (2013).
[5] N. Falliere, L. O. Murchu, and E. Chien, "W32.Stuxnet Dossier," Symantec Corp., February 2011.
