Government role in Stuxnet could increase attacks against U.S. firms
U.S. painted a target on its back, analysts say in wake of report
Computerworld - A New York Times report on Friday about the U.S government's extensive involvement in the Stuxnet attacks against Iran is sure to trigger a sharp increase in state sponsored cyber attacks against American businesses and critical infrastructure targets, security experts warn.
The dramatic report in The Times described how President Obama, and his predecessor President Bush, had overseen the development of a secret and highly sophisticated U.S cyber campaign to disrupt and degrade Iranian nuclear capabilities.
The story, which quotes several unnamed sources, describes how Stuxnet was designed by security experts in Israel and the United States to disable centrifuges used to purify uranium at Iran's Natanz nuclear facility.
It talks about how Obama decided to accelerate the cyber attacks -- codenamed "Olympic Games" by the Bush Administration -- even after being informed that Stuxnet code had accidentally become public in the summer of 2010 and had begun attacking industrial control systems in other countries as well.
The Stuxnet attacks temporarily took out nearly one-fifth of the 5,000 centrifuges that Iran had operating at Natanz in 2010 and caused considerable delay to the program.
The attacks marked the first time that a computer worm was used to cause physical damage to property, prompting many to call Stuxnet the most sophisticated piece of malware that had ever been crafted.
The Times' story confirms what many security experts have been openly hinting at for several months now about U.S. involvement in Stuxnet. Alan Paller, director of research at the SANS Institute, said the revelation dramatically alters the cybersecurity landscape.
The public airing of the U.S. involvement in Stuxnet is going to make others bolder about launching similar attacks against the country using the same kind of tactics and cyber weapons, he said. "We are now going to be the target of massive attacks," Paller said.
"For a long time everything has been under the radar," he said. "No one was really sure that the U.S. was practicing this kind of activity. The U.S. has acted like it was an innocent victim" of state sponsored attacks by other countries, he said.
"But behavior will change when there's no longer an argument" about the U.S sponsoring cyber attacks on other nations, he said.
The one positive fallout from Friday's news is that it will force U.S businesses and critical infrastructure operators to pay more attention to securing their defenses. It is not longer a question of if, but when other nations are going to come after U.S. cyber assets, Paller said.
"We now as a nation have painted a huge target on our back," said Mike Lloyd, chief technology officer at security vendor RedSeal Networks. By choosing to develop and use cyber weapons such as Stuxnet, the U.S. has basically exposed its own companies and networks to the same kind of threats, Lloyd said.
"One of the clear lessons from history is that people in conflict tend to use what their opponents have used," he said. Friday's disclosure should drive home to everybody how cyber weapons are in fact being used to settle political conflicts around the globe, Lloyd said.
"You got to realize this kind of fight is going on and that it will be coming to you soon," he said. What's worrisome is that unlike Iran, where the targets of such attacks were state-owned, most critical infrastructure in the U.S. is privately owned and defended, he added.
Ironically, the ability of hostile entities to attack U.S. targets may only have been bolstered by Stuxnet.
- DOJ's charges against China reframe security, surveillance debate
- Hacker indictments against China's military unlikely to change anything
- U.S. to formally accuse Chinese military of hacking
- Cyberattacks could paralyze U.S., former defense chief warns
- The NSA blame game: Singling out RSA diverts attention from others
- Jury still out on FISA court
- Suspected China-based hackers 'Comment Crew' rises again
- Chinese hackers master the art of lying in wait
- Spy court OK'd all U.S. wiretap requests it received in 2012
- Groups denounce FBI plan to require Internet backdoors for wiretaps
- Transforming Information Security: Future-Proofing Processes This report provides a valuable set of recommendations from 19 of the world'd leading security officers to help organizations build security strategies for...
- The Evolution of Corporate Cyberthreats Cybercriminals are creating and deploying new threats every day that are more destructive than ever before. While you may have more people devoted...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- Establish Cyber Resiliency: Developing a Continuous Response Architecture Many enterprises fail to proactively prepare the battlefield for a data breach by only leveraging outdated techniques that focus on the perimeter or...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Cybercrime and Hacking White Papers | Webcasts