Government role in Stuxnet could increase attacks against U.S. firms
U.S. painted a target on its back, analysts say in wake of report
Computerworld - A New York Times report on Friday about the U.S government's extensive involvement in the Stuxnet attacks against Iran is sure to trigger a sharp increase in state sponsored cyber attacks against American businesses and critical infrastructure targets, security experts warn.
The dramatic report in The Times described how President Obama, and his predecessor President Bush, had overseen the development of a secret and highly sophisticated U.S cyber campaign to disrupt and degrade Iranian nuclear capabilities.
The story, which quotes several unnamed sources, describes how Stuxnet was designed by security experts in Israel and the United States to disable centrifuges used to purify uranium at Iran's Natanz nuclear facility.
It talks about how Obama decided to accelerate the cyber attacks -- codenamed "Olympic Games" by the Bush Administration -- even after being informed that Stuxnet code had accidentally become public in the summer of 2010 and had begun attacking industrial control systems in other countries as well.
The Stuxnet attacks temporarily took out nearly one-fifth of the 5,000 centrifuges that Iran had operating at Natanz in 2010 and caused considerable delay to the program.
The attacks marked the first time that a computer worm was used to cause physical damage to property, prompting many to call Stuxnet the most sophisticated piece of malware that had ever been crafted.
The Times' story confirms what many security experts have been openly hinting at for several months now about U.S. involvement in Stuxnet. Alan Paller, director of research at the SANS Institute, said the revelation dramatically alters the cybersecurity landscape.
The public airing of the U.S. involvement in Stuxnet is going to make others bolder about launching similar attacks against the country using the same kind of tactics and cyber weapons, he said. "We are now going to be the target of massive attacks," Paller said.
"For a long time everything has been under the radar," he said. "No one was really sure that the U.S. was practicing this kind of activity. The U.S. has acted like it was an innocent victim" of state sponsored attacks by other countries, he said.
"But behavior will change when there's no longer an argument" about the U.S sponsoring cyber attacks on other nations, he said.
The one positive fallout from Friday's news is that it will force U.S businesses and critical infrastructure operators to pay more attention to securing their defenses. It is not longer a question of if, but when other nations are going to come after U.S. cyber assets, Paller said.
"We now as a nation have painted a huge target on our back," said Mike Lloyd, chief technology officer at security vendor RedSeal Networks. By choosing to develop and use cyber weapons such as Stuxnet, the U.S. has basically exposed its own companies and networks to the same kind of threats, Lloyd said.
"One of the clear lessons from history is that people in conflict tend to use what their opponents have used," he said. Friday's disclosure should drive home to everybody how cyber weapons are in fact being used to settle political conflicts around the globe, Lloyd said.
"You got to realize this kind of fight is going on and that it will be coming to you soon," he said. What's worrisome is that unlike Iran, where the targets of such attacks were state-owned, most critical infrastructure in the U.S. is privately owned and defended, he added.
Ironically, the ability of hostile entities to attack U.S. targets may only have been bolstered by Stuxnet.
- DOJ's charges against China reframe security, surveillance debate
- Hacker indictments against China's military unlikely to change anything
- U.S. to formally accuse Chinese military of hacking
- Cyberattacks could paralyze U.S., former defense chief warns
- The NSA blame game: Singling out RSA diverts attention from others
- Jury still out on FISA court
- Suspected China-based hackers 'Comment Crew' rises again
- Chinese hackers master the art of lying in wait
- Spy court OK'd all U.S. wiretap requests it received in 2012
- Groups denounce FBI plan to require Internet backdoors for wiretaps
- Step Out of the Bull's-Eye Learn about the evolution of targeted attacks, the latest in security intelligence, and strategic steps to keep your business safe.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- What Does it Take to Deliver a Superior Customer Experience? The Two Top-Rated Online Retailers, B&H Photo and Crutchfield Electronics, Share Their Secrets Discuss practical CX tools and service methods such as contact center agents and the use of realtime speech analytics to help contact center... All Cybercrime and Hacking White Papers | Webcasts