Thursday, January 20, 2011

On Point : Stuxnet

Yesterday's On Point discussed the Stuxnet worm. The guests were very much in favor of deploying the worm, and weren't shying away from calling it a weapon of war. They thought that it was a good alternative to a physical attack (airstrike). A few callers questioned the attack on the grounds that we have no declaration of war against Iran and that the attack was a covert operation. The host pointed out that the recipient of the attack can reverse engineer the "bomb," and potentially point it back at us. At least one caller amplified that theme. The guests responded that we are already under attack daily, and that we better be prepared for threats that can emerge very quickly. This kind of cyber attack may not be confined to computer networks. For example, one of the guests mentioned that enemies have surveyed our electrical grid for vulnerabilities. If I remember correctly, the Y2k disaster scenarios included failure of certain types of programmable controllers, perhaps similar to the ones targeted by Stuxnet, that are widely deployed in all kinds of industrial settings.

The stuxnet worm included four different attack scenarios using four different Windows zero day bugs. To me it seems that is a real grey area. The white-hat security researchers look for bugs in order to fix the OS; black hats find holes that they can exploit for profit. The "gray hats" are apparently at work finding holes that they can exploit to harm enemies.

Here is a link to the discussion.

Update: 2011-01-26
Slashdot reported recently that cybercriminals are finding that Windows is "tapped out" and are gearing up to attack other platforms. Whether that is really true, or not is debatable. (My WAG is that the Windows field is still ripe and there are easy pickins' for the taking.) However, others have already noted that a successful attack against unix (and its variants) would definitely be worth something to bad guys because the core of online sites are hosted on a unix-variant platform.
I thought this AC comment was on the mark.

Update: 2011-03-15
On the Media picked up the discussion. The point is made that it is "Hiroshima moment" in warfare. Stuxnet is a new type of weapon that was developed to target a specific enemy. It is the first salvo in the age of cyber-warfare.

No comments:

Post a Comment