The Stuxnet Virus

Given that Iran was the main target of the Stuxnet virus's strikes, many people were shocked. In particular, Nathanz-area subsurface plants were the target of the attacks. The Stuxnet virus's complexity stems from the fact that it was undetectable and had a mechanism for erasing itself (Mueller & Yadegari, 2012). However, because the virus changed the way that motors rotated, it interfered with the performance of normal activities. The alteration in procedures makes industrial control system operating a big anguish. The Iranian industry involved had adopted a backbone program known as IR-1 which initially originated from Europe, more so Israel, owing to its design. Upon its release in June 2009, Stuxnet received greater attention after two years through Wikileaks cables. The contribution made by Stuxnet mainly assisted in advancing the nuclear plants in Iran. Perhaps by altering the original codes, the customised version, IR-1 proved to be self-destructing after the programming logic controllers in Iran got attacked (Skormin, Nykodym & Antonakos, 2012).

The controlled systems installed in Nathanz plants came from Neda manufacturers who specialised in Siemens S7 PLCs. Despite taking advantage of the Siemens S7 PLCs, it is not clear the period when the first attack by Stuxnet took place (Langner, 2008). For this reason, the specialists were unable to identify the issues with cascades. Stuxnet achieved what it was engineered to perform. The primary means through which the Stuxnet virus spread was through local area networks but, later the contractors working at Nathanz carried the virus to their secondary clients. Hence, the virus largely spread throughout the globe but, its origin remains unclear.

Was the use of Stuxnet an Act of Cyberterrorism?

Stuxnet had an actual attack code which signifies it was a potential cyber terrorism threat to other industries across the world. More so, the program aimed at sabotaging Iranian nuclear program and the masterminds behind it are the Mujahedeen-e-Khalq. The group is among the listed terror groups by the United States. Stuxnet took advantage of the vulnerabilities presented by the WinCC Step 7 software. Further, Stuxnet remained undetected despite being malware. However, according to Ralph Langner, Stuxnet is mostly likely to be a program of a national government as it had detailed coding aiming at PLC components (Hristova, Schlegel & Obermeier, 2014). The move by Iran to develop its nuclear plants has received condemnation over the past years, and the people of Iran tend to bear the heaviest burden.

Despite all these claims, Stuxnet still precipitated the network virus war which worked as spyware. Important to note is that the program had the capability to change operations of critical infrastructure without detection. For this reason, the program has set a new ground for the arms race and in particular affecting industrial facilities. Cyberterrorism ranges from money laundering, collecting personal information, and sending spam emails among other activities which amount to some damage extent. The “zero-day” exploits being a common feature of Stuxnet enabled the malicious program to interrupt the operation of PLCs (Barzashka, 2013).

Cyberterrorism comes in handy when it comes to high-value infrastructure, and the Iranian nuclear program was one of such infrastructure. The aim could have been to derail the infrastructure put in place or at the same time delay its launch. Thus, the damage done on by Stuxnet on the Nathanz plant was a cyber terrorism attack.

Potential Disaster in Case It Occurs on US Infrastructure and the Justification for Using Stuxnet on Iran

Concerning the critical US infrastructure such as the power grid, supervisory control and data acquisition (SCADA) systems used are highly vulnerable to attack. The programing languages utilized in these systems enable computers to interact, and without the required security measures, a similar attack such as the Stuxnet virus is possible. Moreover, it will be difficult to restore the systems to normality in the case of a disaster. The code for Stuxnet gave it the capability to cause physical damage which might spread to affect even the public (Zhioua, 2013). Unlike the traditional warfare such as bombing, an attack similar to Stuxnet virus on the US infrastructure will have a cascading effect causing an enormous disaster.

The use of Stuxnet on Iranian uranium plants was not appropriate as it destroyed their centrifuges and further delayed their nuclear program. Instead of using an armed conflict, the U.S. resorted to using a self-destructing mechanism which degraded PLCs. The move to slow down the Iranian plans shows that it was indeed a cyber-attack. On the other hand, the worm designed to destroy centrifuges in Nathanz did not fully accomplish its mission as it managed to spread to other facilities (Flåten & Lund, 2014). Hence, the resulting damage was likely to be more than anticipated affecting non-targeted services. Similarly, if the damages caused on Iran led to retaliation through terrorism means that the United States citizen would become victims. Other countries if affected by Stuxnet would also seek revenge which would eventually compromise the policies and strategies of the United States (McMinn, Butts & Rios, 2011). Hence, it was not appropriate to use Stuxnet on Iran.

Should Cyber Attacks be Acts of War on Certain Countries?

The question of whether cyber-attacks are "acts of war" remains a problem as a justification for a digital act may lack clear cut lines. Moreover, the factors involved in a cyber-attack are numerous which generates strategic uncertainty. On the other hand, substantiating a cyber-attack is only possible when there is physical damage to the critical infrastructure (Shakarian, 2011). The definition of critical infrastructure gives us the perception that it only entails capital-intensive assets but, the scope is bigger than that as it includes anything that keeps the economy running. Considering the Constitution and its provisions for critical infrastructure, it is evident that the impact a cyber-attack has on the critical infrastructure amounts to an “act of war” to a country.

The United States government has tasked some organisations to respond to security threats. Cyber-attacks being one of the threats requires the government to use diplomatic, economic, informational, and military intervention in eliminating these risks. For this reason, the government uses immense resources to prevent cyber-attacks and to target such an institution or its infrastructure is an "act of war" (Knoepfel, 2014). However, the response of a cyber-attack will only necessitate military intervention if other means have failed. The limitation contributing to the complexity of the issue of cyber-attacks is the sophistication of hackers. They are capable of concealing their locations which become a problem in tracking them down. Similarly, it becomes difficult to monitor the frequency of cyber-attacks closely. Hence, owing to the nature of cyber-attacks and the damage they can cause to the critical infrastructure of a state, they are “acts of war” to the targeted countries.

References

Barzashka, I. (2013). Are Cyber-Weapons Effective? Assessing Stuxnet's Impact on the Iranian Enrichment Programme. The RUSI Journal, 158(2), 48-56.

Flåten, O., & Lund, M. S. (2014). How Good are Attack Trees for Modelling Advanced Cyber Threats? Norsk informasjonssikkerhetskonferanse (NISK), 7(1).

Hristova, A., Schlegel, R., & Obermeier, S. (2014, June). Security assessment methodology for industrial control system products. In Cyber Technology in Automation, Control, and Intelligent Systems (CYBER), 2014 IEEE 4th Annual International Conference on (pp. 264-269). IEEE.

Knoepfel, S. (2014). Clarifying the International Debate on Stuxnet: Arguments for Stuxnet as an Act of War. In Cyberspace and International Relations (pp. 117-124). Springer Berlin Heidelberg.

Langner, R. (2008). Transcript of "Cracking Stuxnet, a 21st-century cyber weapon". Ted.com. Retrieved 20 January 2017, from https://www.ted.com/talks/ralph_langner_cracking_stuxnet_a_21st_century_cyberweapon/transcript?language=en

McMinn, L., Butts, J., Robinson, D., & Rios, B. (2011, October). Exploiting the critical infrastructure via nontraditional system inputs. In Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research (p. 57). ACM.

Mueller, P., & Yadegari, B. (2012). The Stuxnet Worm. Département des sciences de l’informatique, Université de l’Arizona, http://www. cs. arizona. edu/~ collberg/Teaching/466-566/2012/Resources/presentations/2012/topic9-final/report. pdf.

Shakarian, P. (2011). Stuxnet: Cyberwar revolution in military affairs. MILITARY ACADEMY WEST POINT NY.

Skormin, V., Nykodym, T., Dolgikh, A., & Antonakos, J. (2012, April). Customized normalcy profiles for the detection of targeted attacks. In European Conference on the Applications of Evolutionary Computation (pp. 487-496). Springer Berlin Heidelberg.

Zhioua, S. (2013, July). The Middle East under Malware Attack Dissecting Cyber Weapons. In Distributed Computing Systems Workshops (ICDCSW), 2013 IEEE 33rd International Conference on (pp. 11-16). IEEE.