Was stuxnet an act of war?

• Authors: Jansons Jānis
• Languages of publication: EN

Abstracts

EN

Modern societies live in the complex and fragile information environment, in which data processing and exchange grow exponentially. Different digital computerized systems support most of key infrastructures like financial systems, power and water supplies, air traffic management, public and military communications. To increase accessibility to those systems in the information domain, it requires interoperability and interconnectivity which makes them complex to maintain and vulnerable to cyber-attacks/intrusions. The Internet is an ownerless, ubiquitous and open to all information exchange domains which can shape the international relations through the cyber domain and there is no internationalentity that can control and affect the data flow. Each country has its own legislation to react and influence local users through Internet service providers and only close cooperation among the states can help to identify and prevent illegal activities against other states as well as support foreign countries during investigations. The paper will uncover how cyber weapon was used to influence state struggling, becoming a nuclear power for the first time. It is divided into two parts to explain the essence of the act of war and cyberspace to understand the environment where Stuxnet was applied. Next it will focus on impact and reaction of Stuxnet in order to analyse its utilization within cyberspace.

Keywords

EN

Cybersecurity; Internet; Stuxnet; Act of war

• Publisher: Wydawnictwo Naukowe Akademii WSB
• Journal: Security Forum
• Year: 2017
• Volume: 1
• Issue: Volume 1 No. 1/2017
• Pages: 109-121

Contributors

author

Jansons Jānis

References

• Albright D., Brannan P., and Walrond C., 2010, Did Stuxnet Take Out 1,000 Centrifuges at the Natanz Enrichment Plant? Preliminary Assessment (online) Available at http://isis-online.org/isis-reports/detail/did-stuxnet-take-out-1000-centrifuges-at-the-natanz-enrichment-plant/ (accessed 07.02.2016).
• Baker J.W., 2015, Iran: The Cyber Nation – Timeline of Every Hack. (online) Available at http://xpatnation.com/iran-thecyber-nation-timeline-of-every-hack/#.y77h98T7y (accessed 10.02.2016).
• Blas J., 2012, The oil price reaction to an Iranian strike. (online) Available at http://www.ft.com/intl/cms/s/0/e977f55cf780-11e1-ba54-00144feabdc0.html#axzz41DLBucjD (accessed 12.02.2016).
• BNN, 2014, SP: Kremlin-financed internet trolls operate in Latvia (online) Available at http://bnn-news.com/sp-kremlin-financed-internet-trolls-operate-latvia-122404 (accessed 25.11.2015).
• Brecher A.P., 2012, Cyberattacks and the Covert Action Statute: Toward a Domestic Legal Framework for Offensive Cyberoperations. (online) Available at http://repository.law.umich.edu/cgi/viewcontent.cgi?article=1081&context=mlr (accessed 01.03.2016).
• Broad W.J., Markoff J., and Sanger D.E., 2011, Israeli Test on Worm Called Crucial in Iran Nuclear Delay.
• Broadhurst, R., etc., 2014, Organizations and Cyber crime: An Analysis of the Nature of Groups engaged in Cyber Crime. (online) Available at http://www.cybercrimejournal.com/broadhurstetalijcc2014vol8issue1.pdf (accessed 08.11.2015).
• CBSNews, 2012, Gen. Hayden: Stuxnet virus “Not an act of war”. (online) Available at http://www.cbsnews.com/news/genhayden-stuxnet-virus-not-an-act-of-war/ (accessed 04.02.2016).
• Cella M., 2015, Paris Attacks Called ‘Act of War’ (online) Available at http://www.usnews.com/news/articles/2015/11/14/paris-terror-attacks-by-isis-called-act-ofwar(accessed 11.01.2016).
• Coker M., and Sonne P., 2015, Ukraine: Cyberwar’s Hottest Front. (online) Available at http://www.wsj.com/articles/ukrainecyberwars-hottest-front-1447121671 (accessed 25.11.2015).
• Fidler, D.P., 2011, Was Stuxnet an Act of War? Decoding a Cyberattack (online) Available at http://ieeexplore.ieee.org/xpl/login.jsp?tp=&arnumber=5968088&url=http%3A%2F%2Fieeexplore.ieee.org%2Fxpls%2Fabs_all.jsp%3Farnumber%3D5968088 (accessed 02.02.2016).
• FromDev, 2014, 100+ Free Hacking Tools To Become Powerful Hacker, (online) Available http://w w w.fromdev.com/2014/09/free-hacking-tools-hacker.html (accessed 06.11.2015).
• Garcia E.C., 2010, Regulating Nation-State Cyber Attacks in Counterterrorism Operations. (online) Available at https://www.hsdl.org/?view&did=10513 (accessed 08.11.2015).
• Geest, D.S., 2015, Cybersecurity and the dividing nature of global competing ideologies. (online) Available at http://www.hscentre.org/global-governance/cybersecurity-dividing-nature-global-competing-ideologies/ (accessed 06.11.2015).
• Gibson, W., 1984, Neuromancer. New York: Berkley Publishing Group.
• Global Research, 2015, Turkey’s Blockade of Russian Naval Vessels’ Access to the Mediterranean, Russia’s Black Sea Fleet Completely Cut Off. (online) Available at http://w w w.globalresearch.ca/turkeysblockade-of-russian-naval-vessels-access-to-the-mediterranean-russias-blacksea-fleet-completely-cut-off/5492688 (accessed 13.02.2016).
• Godwin J.B., Kulpin A., Rauscher K.F. and Yaschenko V., 2014, The Russia-U.S. Bilateral on Cybersecurity – Critical Terminology Foundations, Issue 2. EastWest Institute and the Information Security Institute of Moscow State University.
• Goodin D., Puzzle box: The quest to crack the world’s most mysterious malware warhead (online) Available at http://arstechnica.com/security/2013/03/theworlds-most-mysterious-potentiallydestructive-malware-is-not-stuxnet / (accessed 06.02.2016).
• Gorman S., and Barnes E.J., 2011, Cyber Combat: Act of War, http://www.wsj.com/articles/SB10001424052702304563104576355623135782718 (accessed 13.02.2016).
• Graves, K., 2010, Certified Ethical Hacker study guide. (online) Available at http://ir.nmu.org.ua/bitstream/handle/123456789/133057/768e0fbfd4fe2971f189aecf8c038201.pdf?sequence=1 (accessed 07.11.2015).
• Grisham, L., 2015, Timeline: North Korea and the Sony Pictures hack. (online) Available at http://www.usatoday.com/stor y/news/nation -now/2014/12 /18/sony-hack-timeline-interview-north-korea/20601645/ (accessed 07.11.2015).
• Halliday J., 2010, Stuxnet worm is the ‘work of a national government agency’ (online) Available at http://www.theguardian.com/technology/2010/sep/24/stuxnet-wormnational-agency (accessed 05.02.2016).
• Harrison L., Little A., and Lock E., 2015., Politics: The Key Concepts London: Routledge.
• Iasiello, E., 2015, Russia’s Propaganda Trolls Make an Impact in Cyberspace. (online) Available at http://darkmatters.norsecorp.com/2015/0 8/27/russiaspropaganda-trolls-make-an-impact-incyberspace/ (accessed 09.11.2015).
• Katz Y., 2010, Stuxnet may have destroyed 1,000 centrifuges at Natanz. (online) Available at http://www.jpost.com/Defense/Stuxnet-may-have -destroyed-1000-centrifuges-at-Natanz (accessed 07.02.2016).
• Keizer G., 2010, Why did Stuxnet worm spread? (online) Available at http://www.computerworld.com/article/2516109/security0/why-did-stuxnet-worm-spread-.html (accessed 05.02.2016).
• Kirchner S., 2009, Distributed Denial-of-Service Attacks under Public International Law: State Responsibility in Cyberwar. (online) Available at https://www.researchgate.net/publication/251287009_Distributed_Denial-of-Service_Attacks_under_Public_International_Law_State_Responsibility_in_Cyberwar (accessed 15.12.2015).
• Kovacs, N., 2015, What is the Difference Between Black, White and Grey Hat Hackers? (online) Available at http://community.norton.com/en/blogs/norton-protection-blog/what-difference-between-black-white-and-grey-hat-hackers (accessed 07.11.2015).
• Küntzel M., 2015, Germany and a Nuclear Iran (online) Available at http://jcpa.org/article/germany-and-a-nuclear-iran/ (accessed 12.02.2016).
• Langner R., 2010, The short path from cyber missiles to dirty digital bombs. (online) Available at http://www.langner.com/en/2010/12/26/the-short-path-fromcyber-missiles-to-dirty-digital-bombs/ (accessed 14.02.2016).
• Langner R., 2013, To Kill a Centrifuge (online) Available at http://www.langner.com/en/wp-content/uploads/2013/11/To-killa-centrifuge.pdf (accessed 05.02.2016).
• Lewis J., 2013., Hidden Arena: Cyber Competition and Conflict in Indo-Pacific Asia (online) Available at http://csis.org/files/publication/130307_cyber_Lowy.pdf (accessed 14.12.2015).
• Lyons K., 2015, Iran nuclear talks: timeline (online) Available at http://www.theguardian.com/world/2015/apr/02/iran-nucleartalks-timeline (accessed 12.02.2016).
• McAfee, 2013, The Economic Impact of Cybercrime and Cyber Espionage (online) Available at http://www.mcafee.com/mx/resources/reports/rp-economic-impactcybercrime.pdf (accessed 09.11.2015).
• McMillan R., 2010, Was Stuxnet Built to Attack Iran’s Nuclear Program? (online) Available at http://www.pcworld.com/article/205827/was_stuxnet_built_to_attack_irans_nuclear_program.html (accessed 06.02.2016).
• Microsoft, 2015, Malware Protection Center. (online) Available at https://www.microsoft.com/security/portal/mmpc/shared/glossary.aspx (accessed 15.03.2016).
• Nakashima E., 2011, U.S. cyber approach ‘too predictable’ for one top general. (online) Available at https://www.washingtonpost.com/national/national-security/us-cyber-approach-too-predictablefor-one-top-general/2011/07/14/gIQAYJC6EI_story.html?tid=a_inl (accessed 13.02.2016).
• Nakashima E., 2012, When is a cyberattack an act of war? (online) Available at https://www.washingtonpost.com/opinions/when-is-a-cyberattackan-act-of-war/2012 /10/26/02226232-1eb8-11e2-9746-908f727990d8_story.html (accessed 10.01.2016).
• Omand, D., 2013, Security Europe: The steps needed to protect the EU’s critical infrastructure against cyber-attack. (online) Available at http://europesworld.org/2013/10/01/the-steps-needed-toprotect-the-eus-critical-infrastructureagainst-cyber-attack/#.VjzxylLotjo (accessed 06.11.2015).
• Ottis, R., Lorents P., 2010, Cyberspace: Definition and Implications. (online) Available at https://dumitrudumbrava.files.wordpress.com/2012 /01/cyberspace-definition-and-implications.pdf (accessed 02.11.2015).
• Peachey, P., 2014, Mafia Cybercrime Booming and With It a Whole Service Industry, Says Study. (online) Available at http://www.independent.co.uk/news/uk/crime/mafia-cybercrime-booming-and-withit-a-whole-service-industry-says-study-9763447.html (accessed 08.11.2015).
• Peritz A.J., Rosenbach E., 2009, Covert Action. (online) Available at http://belfercenter.ksg.harvard.edu/publication/19149/covert_action.html (accessed 01.03.2016).
• Rapoza K., 2012, Is It Time For Another Stuxnet Attack On Iran? (online) Available at http://www.forbes.com/sites/kenrapoza/2012/05/28/is-it-time-for-anotherstuxnet-attack-on-iran/#1879269474fb (accessed 06.02.2016).
• Rid T., 2013, Cyber War Will Not Take Place. London: Hurst.
• Rifkind, J., 2011, Cybercrime in Russia. (online) Available at http://csis.org/blog/cybercrime-russia (accessed 08.11.2015).
• Rutledge P., 2013, How Obama Won the Social Media Battle in the 2012 Presidential Campaign (online) Available at http://mprcenter.org/blog/2013/01/how-obama-won-the-social-media-battle-in-the-2012-presidential-campaign/ (accessed 25.11.2015).
• Sangerjune D.E. Obama Order Sped Up Wave of Cyberattacks Against Iran. (online) Available at http://www.nytimes.com /2012 /0 6/01/ world/middleeast /obama-ordered-wave-of-cyberattacksagainst-iran.html (accessed 04.03.2016).
• Saundersaug P.J., 2014, When Sanctions Lead to War. (online) Available at http:// www.nytimes.com/2014/08/22/opinion/when-sanctions-lead-to-war.html?_r=0 (accessed 13.02.2016).
• Scarborough R., 2013, In classified cyberwar against Iran, trail of Stuxnet leak leads to White House. (online) Available at http://www.washingtontimes.com/news/2013/aug/18/trail-of-stuxnet-cyberwar-leak-to-author-leads-to-/?page=all (accessed 04.03.2016).
• Sovereign Intelligence, 2014, THE INSIDER THREAT: Implications for Corporate Security (online) Available at http://www.sovereign-llc.com/wp-content/uploads/2014/09/SI-Insider-Threat-WP.pdf (accessed 23.11.2015).
• Stiennon, R., 2015, There Will be Cyber War: How the Move to Network-Centric War Fighting has set the Stage for Cyberwar. IT-Harvest Press, 2015.
• Strange H., 2013, US raid that killed bin Laden was ‘an act of war’, says Pakistani report (online) Available at http://www.telegraph.co.uk/news/worldnews/asia/pakistan/10169655/US-raid-that-killed-bin-Laden-was-an-act-of-war-says-Pakistani-report.html (accessed 11.01.2016).
• The Telegraph 2011, Iran accuses Siemens over Stuxnet cyber-attack. (online) Available at http://www.telegraph.co.uk/technology/news/8457658/Iran-accuses-Siemens-over-Stuxnet-cyber-attack.html (accessed 13.02.2016).
• Timmerman K., 2010, Computer Worm Shuts Down Iranian Centrifuge Plant. (online) Available at http://www.newsmax.com/KenTimmerman/iaea-stuxnetcomputer-worm/2010/11/29/id/378288/ (accessed 10.02.2016).
• Traynor I., 2007, Russia accused of unleashing cyberwar to disable Estonia. (online) Available at http://www.theguardian.com/world/2007/may/17/topstories3.russia (accessed 25.11.2015).
• Vinogradov D., 2015, Turkey Committed Act of War By Shooting Russian Plane in Syria. (online) Available at http://sputniknews.com/middleeast/20151124/1030684495/russian-plane-turkey-shot-syria.html (accessed 13.02.2016).
• Wheeler A., 2013, The Iranian Cyber Threat. (online) Available at http://phoenixts.com/blog/the-iranian-cyber-threat-part-1-irans-total-cyber-structure/ (accessed 10.02.2016).
• Wiener, N., 1985, Cybernetics: Or Control and Communication in the Animal and the Machine. 2nd ed. Cambridge: The M.I.T. Press.
• Zetter K., 2011, How Digital Detectives Deciphered Stuxnet, the Most Menacing Malware in History (online) Available at http://www.wired.com/2011/07/how-digital-detectives-deciphered-stuxnet/2/ (accessed 05.02.2016).
• Zetter K., 2013, Stuxnet Attack on Iran Was Illegal ‘Act of Force’ (online) Available at http://www.wired.com/2013/03/stuxnetact-of-force/ (accessed 10.12.2015).
• Zetter K., 2014, Hacker Lexicon: What Is a Zero Day? (online) Available at http://www.wired.com/2014/11/what-is-a-zeroday/ (accessed 06.02.2016).

Identifiers

DOI

10.26410/SF_1/17/11