Stuxnet: Cyberwar Revolution in Military Affairs

Shakarian, Paulo

Stuxnet: Cyberwar Revolution in Military Affairs

Active / Technical Report | Accession Number: ADA546439 |

Open PDF

Abstract:

On June 17th, 2010, security researchers at a small Belarusian firm known as VirusBlockAda identified malicious software malware that infected USB memory sticks.1 In the months that followed, there was a flurry of activity in the computer security community - revealing that this discovery identified only one component of a new computer worm2 known as Stuxnet. This software was designed to specifically target industrial equipment. Once it was revealed that the majority of infections were discovered in Iran,3 along with an unexplained decommissioning of centrifuges at the Iranian fuel enrichment plant FEP at Natanz,4 many in the media speculated that the ultimate goal of Stuxnet was to target Iranian nuclear facilities. In November of 2010, some of these suspicions were validated when Iranian President Mahmoud Ahmadinejad publically acknowledged that a computer worm created problems for a limited number of our nuclear centrifuges. 5 Reputable experts in the computer security community have already labeled Stuxnet as unprecedented,6 an evolutionary leap,7 and the type of threat we hope to never see again.8

Author(s):

Shakarian, Paulo

Author Organization(s):

MILITARY ACADEMY WEST POINT NY

Descriptive Note:

Journal article

Supplementary Note:

Published in Small Wars Journal, p1-10, April 15, 2011.

Pagination:

0011

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution:

Approved For Public Release

Distribution Statement:

Approved For Public Release; Distribution Is Unlimited.

RECORD

Collection: TR

Identifying Numbers

Monitor Series:

USMA

Subject Terms

Joint Capability Areas:

JCA_7_Protection; JCA_6_Net Centric; JCA_6.4.3_Respond to Attack Event; JCA_6.4.1_Secure Information Exchange; JCA_6.4_Information Assurance; JCA_7.1.2_Prevent Non-kinetic Attack; JCA_7.1_Prevent; JCA_3.2_Engagement; JCA_3_Force Application; JCA_3.2.2_Non-Kinetic Means; JCA_8_Building Partnerships; JCA_8.2_Shape; JCA_5_Command and Control; JCA_7.2.1_Mitigate Lethal Effects; JCA_7.2_Mitigate; JCA_8.2.4_Leverage Capacities and Capabilities of Security Establishments; JCA_5.3_Planning; JCA_6.1.1_Wired Transmission; JCA_6.1_Information Transport; JCA_5.3.2_Apply Situational Understanding; JCA_1.2_Force Preparation

Modernization Areas:

Cyber

Communities of Interest:

Cyber

Descriptor(s):

*CYBERWARFARE, REPRINTS, INDUSTRIAL EQUIPMENT, COMPUTER VIRUSES, COMPUTER PROGRAMS, DATA PROCESSING SECURITY

Field(s)/Group(s):

Computer Systems Management and Standards

Keyword(s):

STUXNET, COMPUTER WORMS

Report Date:

2011 Apr 15

Creation Date:

2011 Aug 17