What would you think if your country was responsible for a computer worm? It appears that could be the case with a worm discovered in 2010 that is believed to be connected to the United States and Israel.
Stuxnet, a computer worm discovered in Iranian industrial sites, is a worm created specifically to seek Siemens software. Siemens Step7 is a program designed to program industrial control systems that operate equipment. Once the worm is installed, it can spy on the systems and even affect the equipment the Siemens software is controlling.
The effects of this could be devastating. The virus was found in 14 Iranian sites, one of which being a uranium-enrichment plant. If the worm was able to control the systems in place, a major nuclear accident could occur.
The Stuxnet worm is incredibly complex. It is designed to be transmitted via USB flash drives, meaning a person could transmit the virus simply by using a flash drive on two separate computers. It is also able to spread to computers via networks with shared printers, a common practice with internet connection sharing networks. Stuxnet also makes itself appear credible to antivirus software, being signed with a digital certificate. This feature shocked the antivirus community since their automated-detection programs are not able to identify a fake digital certificate.
But why would someone want to spy on and control Iranian industrial systems? Sure, information gathered from this sort of spying could be sold to an interested party. However this is not likely. Kaspersky Lab, a leading antivirus company, was responsible for finding the virus. After analyzing the code, it was clear to Kaspersky that "...Stuxnet had been specifically designed to subvert Siemens systems
running centrifuges in Iran’s nuclear-enrichment program. The Kaspersky
analysts then realized that financial gain had not been the objective.
It was a politically motivated attack. 'At that point there was no doubt
that this was nation-state sponsored.'"
Experts believe that the size and sophistication of the worm indicates a nation-state sponsor. The authors have not officially been identified, however "...leaks to the press from officials in the United States and Israel strongly suggest that those two countries did the deed."
Although it is not confirmed that the U.S. was involved in the creation of Stuxnet, the speculation brings up an interesting debate. What do you think about a government being involved in the creation of a computer virus?
Personally, I think it depends on the circumstances. If a country was able to use the information gathered from this virus for good then it seems okay. By good, I do not mean good for one country. By good I mean for the world as a whole. If there is a threat of a country creating nuclear weapons with the intent of using them and this virus could somehow prevent that threat, then it would benefit the whole world by preventing a major nuclear war. On the other hand, if a country is using this to causing another country's nuclear facilities to malfunction and cause a nuclear disaster, then it is absolutely not okay.
Source:
http://spectrum.ieee.org/telecom/security/the-real-story-of-stuxnet
Is there any positive that can come from this?
ReplyDeleteI agree if it benefits a nation to avoid a turmoil a war and the entire world from a war and a nuclear disaster then it is ok to use the information to protect the citizens of that nation and their neighbors.
ReplyDelete