Is Stuxnet The First Shot In A Cyberwar?

By Ken Presti
June 01, 2012 6:42 PM ET

Page 2 of 3

If these capabilities are known to exist, nCircle’s Storms wonders why the government is not doing more to protect key infrastructure in the United States. But, he also tells CRN that cyberweapons also carry with them a unique obstacle to defense.

“If you proactively develop defenses to prevent your own cyberweapons from being used against you, then it's very likely that those defenses will eventually leak onto the Internet, as well. So building the defensive component will often mitigate the effectiveness of the weapon in your own hands. It's a very difficult position if you're going to dabble in this kind of warfare.”

The international ramifications of this report can also be quite profound, given that the United States has been an outspoken critic when corporate intellectual property is illegally exploited by foreign nationals.

“On the one hand this gives the Chinese and the Russians the justification to point the finger at the United States and call us hypocritical,” said Richard Bejtlich, chief security officer of Mandiant, an Alexandria, Virginia-based consultancy. “But because Stuxnet is used against nuclear weapons program, I see that as a legitimate target.”

Bejtlich points out that our relationship with Iran has been marked by a variety of different types of sanctions plus a U.S.-led drumbeat in support of international economic pressure that could lead to Iranian retaliation. But Bejtlich stops short of the term “cyberwar,” in favor of “cyber conflict” as the more fitting alternative.

“I've worried about the Iranians because as we tighten the vice around them, it could inspire the Iranians to retaliate,” Bejtlich told CRN. “Do they have the capability to respond with a cyber attack? I tend to look at what their patriotic hackers can do, and we've seen the government's actions against dissidents in Iran, using different cyber exploits. So while I don't worry about Iran being an immediate threat for cyber attack, I do see them developing that capability.”

In addition, there is at least circumstantial evidence to suggest that the Flame worm that has been in the news for the past several days is, in effect, a technological cousin of Stuxnet. In the circumstances surrounding Flame, the targets have been almost exclusively focused in East Asia.

NEXT: Will This Cyberwar Impact The Channel?

<< Previous | 1 | 2 | 3 | Next >>

To continue reading this article, please download the free CRN Tech News app for your iPad or Windows 8 device.

Related: Videos | Slide Shows | Comments

SHARE THIS ARTICLE

More Security

Comments by Vanilla

Recent Articles

	Head-To-Head: Symantec Vs. McAfee In Endpoint Protection McAfee and Symantec are archrivals with a firm grip on the North American security market. CRN pits both vendors' endpoint security products against each other and names a winner.
	The 8 Steps Behind The Massive $45M Cyber Bank Heist More than $45 million was stolen from banks in the U.S. and 19 other countries in a scheme that law enforcement is calling an international conspiracy to drain millions from bank accounts using stolen debit cards and PIN numbers. Here's how they did it.
	Name Of The Game: Top 10 States For Identity Theft A Federal Trade Commission report provides statistics on identity theft and fraud complaints in 2012. Learn which state has the dubious distinction of having the most victims.
	More Slide Shows