Stuxnet: Joint Operation Nets Victim

Tuesday, January 18, 2011 @ 06:01 PM gHale

By Gregory Hale
The news hit the streets this past weekend the newest and strongest clues point toward Stuxnet being an American-Israeli project to sabotage the Iranian’s nuclear program. While the U.S. and Israel were names previously bandied about, no one really knew for sure they were the masterminds behind the scheme.

Now that we know, what is scarier: not knowing who was behind the Stuxnet attack or actually knowing our government and the Israeli’s invented the nasty worm?

It would be naive to say this was the first time a government worked on this type of clandestine attack. After all, cyber warfare has been around for quite a while. However, this really hit home for the manufacturing automation sector because now any copycat across the globe worth his or her salt can pick up on the parameters of the worm and run with it.

This was more than a warning shot across the bow. It was a pure indicator of a new-age Cold War. As people, governments, and industries rely more and more on automation, more systems become open targets.

It has been a while, but surely everyone remembers what went on during the Cold War. It was the continuous state of political conflict, military tension and economic competition after World War II between the Communists and the Western World.

While military forces never officially clashed directly, they showed conflict through military coalitions, strategic conventional force deployments, extensive aid to states deemed vulnerable, the space race, proxy wars, espionage, propaganda, conventional and nuclear arms races, among others.

Along those lines Stuxnet seems to fall in line as the perfect act of sabotage because it hurt, destroyed or crippled its intended victim — in this case nuclear sites in Iran – and there were no human casualties. Very clean.

Surely The New York Times did a great job reporting on and writing the story uncovering the likely culprits behind Stuxnet. But if you want to add a little intrigue to the story, just ask yourself if you really think the Israeli or U.S. government would let the information out if they didn’t want the entire world to know they have the capability to take on anyone when it comes to cyber warfare?

Yes, this is cyber warfare and yes there will be casualties.

The blueprint is now there for others to follow and the potential for other well-funded entities like governments, corporations, interest groups or whatever else is out there to jump in and take over or hold for hostage a nuclear plant, a power grid, a water system or any other form of infrastructure.

Right now, it looks as though we know where the attack came from. Does that mean the good guys knocked off the bad guys and we can continue to move forward and not worry anymore?

To the contrary. Every manufacturer out there needs to step it up even more than they already have. They need to know their systems inside and out. They need to watch and understand all points of entry. A solid and evolving cyber plan needs to be in place. This wasn’t a case of good conquering evil. It is a case of the public learning how any automation system can fall victim to an attack.

The Iranian nuclear program may have suffered a setback, but that does not mean others won’t pick up on this attack and launch something of their own.

The Stuxnet story is now coming to a close, but there is great potential for plenty of more sequels to come.

Talk to me: ghale@isssource.com.