Looking at Stuxnet for Insight into Cyber Warfare
The Stuxnet worm was (and still is) a devastating virus. It uses multiple vulnerabilities, and advanced techniques to remain persistent on systems, even after discovery. Symantec put out a really good pdf on this dangerous piece of malware. According to Symantec, this powerful back door was 0-day for a year before it was even discovered!! But what really gets to me, is what kind of motivation prompts a bug like this?? Looking at the evidence, over a 2/3s of the outbreaks occurred in Iran. For a virus, that seems pretty focused. Also considering all of the special systems knowledge that went into its design, and the advanced security techniques used in its application, only a few, powerful parties could have created a script like this. I'm obviously not alone on this thought. But, if this is one of the first global examples of a Cyber Warfare excursion, then whats next? There must be teams out there, if we have a Cyber Command to stop them. Beyond looking at attacks that have already taken place, I predict attacks like this will become a prominent way for governments of the future to hinder opposition while keeping good public relations. These types of excursions can be great for applying pressure to a weak country, say North Korea, without prompting them to use physical forces and losing innocent lives, in South Korea. I see a definite trend for the future.