Stuxnet Worm Could Turn
Jun 4, 2012 10:41 AM PT
In 2010, IT security researchers took note of a new virus that was bouncing from country to country via the Internet. They dubbed it "Stuxnet," including it among the countless worms that are released each year.
In one key respect, however, Stuxnet turned out to be quite different: It was reportedly created by the U.S. and Israeli governments as part of a systematic attack against Iran's nuclear enrichment facilities.
Stuxnet's origins weren't widely publicized until last week, when The New York Times ran an article describing the U.S. cyberweapons program, based on the forthcoming book, Confront and Conceal: Obama's Secret Wars and Surprising Use of American Power, written by David Sanger.
When Stuxnet made its way into the wild instead of being confined to its intended target, the Obama administration had considered shutting the program down, according to the paper. It was still causing damage to the facilities' operations, though, so the administration decided to continue its cyberattack.
This report of the U.S.' engagement with Iran is significant. The U.S. only recently admitted to developing cyberweapons, and it has never acknowledged using them. Now, Sanger's book suggests that Stuxnet is part of a far larger operation, and will surely become a focal point in international diplomacy.
Indeed, Russia has been pushing the issue of banning cyberwarfare for some time but to little avail, in large part because it has had little proof that such operations were being conducted.
The White House did not respond to our request to comment for this story.
The Argument Against
In short, there's likely to be a backlash resulting from this disclosure, not only around the world but also in the U.S. For starters, it is unclear whether Iran's nuclear aspirations were permanently disabled by the worm.
Supposedly, the country has ceased its nuclear weapons program, but there have been indications that it might have enough intact material to restart.
Another objection to cyberwarfare is that such weapons can easily turn into "friendly fire" -- that is, get out of control and affect U.S. or allies' computer infrastructures.
Such reasoning, though, is too simplistic, especially when information about the subject is understandably scarce, said Andrew Storms, director of security operations for nCircle.
"Like it or not, cyberattacks are the face of modern warfare, and that changes everything," he told TechNewsWorld.
"The technical and secretive nature of information warfare makes it almost impossible to assess the impact and ramifications of Stuxnet and other nation state-sponsored cyberattacks," said Storms. "We simply don't have access to enough information."
It is important to note that some of the people making claims the U.S. "lost control" and was "naive" have their own agendas, Phil Lieberman, CEO of Lieberman Software, told TechNewsWorld.
Many of these claims are being made by standalone "security experts" with a stake in furthering their reputations rather than weighing the pros and cons of the strategy, he said.
"On balance. this was a well-thought-out strategy with a clear understanding about genies getting out of bottles," remarked Lieberman.
"Consider that all other kinetic solutions had deep and serious consequences and limited effectiveness," he continued. "Those that question the strategy have a very limited view of the world and even less stake in the safety of the western populations and western interests of the world."
The Problem With Containment
Still, containment is clearly an issue, even if the virus writers -- i.e., the U.S. Government -- tried hard to avoid collateral damage, Storms pointed out.
"Malware control is probably the most important technical challenge, and it's also the most difficult," he explained. "The challenge of control increases over time, because so many malware variables are constantly changing and are outside the control of malware writers."
A Civil Liberties Issue?
There is another way such viruses could get out of hand, Leonid Shtilman, CEO of Viewfinity suggested: if they fall into the wrong hands, they can be used for spying on citizens and establishments.
"It is hard to believe that people who create viruses have a bulletproof solution for confining the target," he told TechNewsWorld. "It seems very difficult if not impossible to protect against this virus on U.S. soil and use it for gathering intelligence in a foreign country only."