Quick Takes / by Ben FrankelSkullduggery on a massive scale

Published 11 October 2010

Stuxnet, the malware which attacked more than 30,000 computers used in industrial control systems in Iran, including that country’s nuclear weapons facilities, represents a new class and dimension of malware; it can reach into the physical world, allowing attackers to run motors so fast they burn out, to turn off alarms and safety cut-offs, open effluent valves and activate pumps — in the words of Paul Marks, it allows attackers to “carry out industrial sabotage and skullduggery on a massive scale”

In Monday’s issue of the Homeland Security NewsWire we run two stories which convey the same message: cyberwarfare is no longer a theoretical possibility, but a reality.

  • Dr. Udo Helmbrecht, executive director of ENISA (European Network and Information Security Agency), the main EU cybersecurity body, says that “Stuxnet is a new class and dimension of malware…. The attackers have invested a substantial amount of time and money to build such a complex attack tool. The fact that perpetrators activated such an attack tool, can be considered as the ‘first strike’ against major industrial resources. This has tremendous effect on how to protect national [cyber and critical infrastructure] in the future” (see “Experts: Stuxnet ‘a game changer’,” 11 October 2011 HSNW)
  • The U.S. National Security Agency, worried about Chineses spying, earlier this year warned AT&T that if the company were to go ahead with its decision to purchase equipment for a next-generation phone system from China’s Huawei Technologies, then AT&T would lose all of its U.S. government business (see “NSA threatened AT&T over buying phone gear from China,” 11 October 2011 HSNW)

Paul Marks, the New Scientist’s chief technology correspondent, agrees that we are on the threshold of a new phase in warfare:

Is cyberwarfare (a) one of the biggest threats of the 21st century or (b) an elaborate hoax designed to extract money from gullible governments? Stuxnet, the computer worm running rampant in Iran’s nuclear facilities, tells us the answer.

For Marks, Stuxnet proved a straightforward proposition: “a few lines of malicious computer code can trip electricity grids, burn out power-station generators, pollute water supplies, and sabotage gas pipelines. That cyberattacks can become real-world attacks is no longer a matter of conjecture.”

 

Note that Stuxnet represents a paradigmatic shift in information warfare (IW). Previous digital attacks by one party to a conflict on another were aimed at the digital assets of the other side. Thus, in April 2007, following measures by the Lithuanian government that many in Russia took to be hostile to the interests and sensibilities of the Russians living in Lithuania (the “near abroad”), the Web sites of several Lithuanian government departments were taken down by sustained cyberattacks from Russia. Similarly, in August 2008, Russian hackers took down Web sites of the government of Georgia during the short war between the two countries.

Stuxnet was different — but it had a predecessor. On 6 September