Governments and Viruses: the Stuxnet Worm
While
many of the computer viruses that circulate through the web can be explained as
the work of scammers or lone individuals looking for profit, some viruses are
used to by governments to achieve political ends. One virus that is believed to
be more than just a random attack on random computers was Stuxnet. The Stuxnet virus
was uncovered in 2010 and, while it was by definition just another Internet
worm, it is believed to have had a very specific target, industrial
facilities in Iran, and more specifically the virus “could disrupt the
centrifuges used to enrich uranium”.
A uranium centrifuge
When Stuxnet was analyzed after being identified, it was
found to be a sophisticated and targeted piece of malware that was likely written
by one or more nation states for the purposes of targeting the Iranian nuclear
program. The worm would infect the systems,the system in this case being an industrial control software by Siemens, and it would also make a note of
the name and location of the computer, as well as a time-stamp of when the computer
was infected. The analysis discovered that five “industrial processing facilities”
in Iran were the computers that ere infected and then spread the virus for the majority of reported
Stuxnet infections.
The virus went through numerous variations and had
repeatedly infected several of the facilities, with a different variation of
the virus in each infection. The virus was found to have been inserted into the system less than 24 hours after being written, and was found in
systems that weren't connected to the Internet, thus meaning that the probable
method of infection was via USB drive from someone inside the facility.
While some portions of the virus weren't all that advanced,
it did exploit several holes in the windows operating system that, before
Stuxnet’s discovery, were completely unknown and thus unpatched, and as a whole, was a rather sophisticated piece of malware
This case brings up the questions of whether a government
should be able to release a virus geared toward a specific set of goals, or
whether computer viruses should be a method of espionage at all. It also raises
the question of whether they fully understand what a virus like that could do
if one of those systems was connected to the Internet and spread the
virus to many corporate systems of that type, thereby possibly crippling some
very important industries.
Stuxnet was discovered in 2010, its one of those viruses which was made to target the industrial sector. people who built viruses or hackers or intruders I guess they have one thing in mind which is personal gain and they are driven by curiosity. Viruses causes our computer and our date to be at risk for their gain and destroying our boundaries. these hackers look for that weakness so they can enter and succeed in their goal. stuxnet is an infectious virus if it spreads it could destroy the company and put their data at risk. Siemens have released a tool to protect the system and they also advice to upgrade the system and codes/passwords. today we have so many different tools to protect us from viruses like stuxnet. All it takes is a simple step "Awareness".
ReplyDeleteI wrote a blog about this as well. I found it very interesting that a country's government could be responsible for creating a virus. If the purpose of this virus was to protect against some kind of threat, then I would be supportive of a government creating it. However if the purpose of a government created virus is for anything other than worldwide safety then it is unacceptable. I would like to think that if Stuxnet was created by the U.S., they did it for the purpose of national security.
ReplyDelete