Stuxnet is the name of a Windows worm. Again, the popular press portrayed it as likely to be the product of Israeli efforts to sabotage Iran's nuclear industry.
With your knowledge of computer systems and security of networked systems, do you believe these stories? Are the claims justified? Is this a kind of modern-day warfare? Have your say in the comments.
Here's one of the best resources I could find on Stuxnet, Symantec's technical dossier:
ReplyDeletehttp://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_stuxnet_dossier.pdf
As to whether or not I believe the theories behind such attacks, I'm still on the fence (although it's quite fun to read :P)
ReplyDeletePersonally I think cyber-warfare is the next step in the evolution of international conflict. With computer technology as cheap as it is, it is easier for even the least afluent nations to invest in the training (or purchase) of capable programmers. Considering how integrated technology is in our lives today (even most modern thermostats are computer-controlled), there are significantly more targets to aim for in order to disrupt many aspects of a nation's operations.
Interesting times these are :)
I agree with Vince: whether or not the theories are true regarding the targeted countries, this sort of attack--a highly sophisticated attack on computer infrastructure--feels like it could easily becoming a choice tactic of future conflicts.
ReplyDeleteI'm naturally skeptical about the accusations made by media and involved parties (more in the case of Stuxnet), though there are some interesting aspects to Stuxnet that could (though not necessarily do) suggest a regional aspect to the worm. The use of the infection marker that could suggest a date in Iranian history, in particular, is interesting though not conclusive in any way (as the Symantec document points out, "Attackers would have the natural desire to implicate another party."). The geographic distribution as displayed in Symantec's specifications does seem to suggest development and initial deployment in a specific geographic region; again, though, this could suggest many things while not offering many conclusions. Media need conclusions for their stories, however, even if the evidence is more circumstantial than anything else.
I think it's most important that we, as computer scientists, do exactly what we're doing right now: stay informed and up to date on the technological AND social implications of these attacks. If this is the future of technological espionage, it's imperative that technical knowledge not be buried in the face of circumstantial accusations.
As to whether or not I believe the theories behind such attacks, I'm still on the fence (although it's quite fun to read :P)
ReplyDeletePersonally I think cyber-warfare is the next step in the evolution of international conflict. With computer technology as cheap as it is, it is easier for even the least afluent nations to invest in the training (or purchase) of capable programmers. Considering how integrated technology is in our lives today (even most modern thermostats are computer-controlled), there are significantly more targets to aim for in order to disrupt many aspects of a nation's operations.
it could be a thermostat issue