DID YOU KNOW? DTIC has over 3.5 million final reports on DoD funded research, development, test, and evaluation activities available to our registered users. Click HERE
to register or log in.
A Cyberworm that Knows no Boundaries
The report that a sophisticated cyberworm called Stuxnet had been planted on the computers of an Iranian nuclear facility and had damaged processing equipment sent a tremor across many governments and industries. Although many computing technology experts had knownthat such an attack was theoretically possible and that less-capable versions had been demonstrated, Stuxnet served notice on the world that a threshold had been crossed. The event raised numerous questions about the ability of the U.S. government and commercial firms to defendtheir networks against assaults by worms, viruses, and other malware. This paper explores some of the issues raised by sophisticated yet virulent malware, including the nature of these threats, the vulnerabilities they exploit, and the characteristics that make defending against them so difficult, especially the knotty problems posed by organizational and legal restrictions. It also provides a brief assessment of where U.S. defensive capabilities stand and what needs to be done to improve them. Although this paper considers cyberspace from a U.S. military perspectivethat is, as a so-called warfighting domain the considerations presented here translate easily to a broader view of cyberspace as a global commons.
Approved For Public Release