A project submitted in partial fulfillment of the course:

JUS 405 Cyber Security

Dr. Hsieh

4/22/16

Jalen Kincaid, Theron Peters, Nicholas Poole, Michael Renda, Kyle Snyder, Brandon Sterling, Frederic Sutton, Aaron Terry, Kaitlyn Woodring, Jeffrey Wrbas, Michal Yerushayalimu, Moriah Zachery & Max Zahrobsky.

Group 4

We no longer live in a world with traditional warfare.Nations now resort to any means necessary to bring down the enemy.

In 2009, a cyber virus emerged like no other. Hiding deep within the mainframe of the target it was created to disrupt, the virus unleashed a vicious cyber attack changing the cyber security world forever.

We will also attempt to identify who unleashed this virus and why. Then we will take a look at the aftermath once the virus was removed.

This is the investigation of the virus, known as Stuxnet.

Through this investigation, we will gain a better understanding of it, where it came from, how it was discovered, what the target was, and how it operated.

Introduction

• The Stuxnet Virus was a malicious, undetectable cyber attack on an Iranian nuclear facility. • The goal of this virus was to disrupt and damage

centrifuges within the facilities to slow down the production of uranium enrichment.• The virus achieved this result by raising and lowering

the spin speed of the centrifuges, causing an excess of vibrations resulting in damage.

Virus Discovery

• In January 2010, the United Nations body and the international Atomic energy agency noticed unusual activity happening at the Natanz Uranium Enrichment Facility.

Virus Discovery

• Natanz uranium enrichment facility had to replace an unusual volume of the centrifuges used to enrich uranium.• Mysterious activity started happening with some

of the computers crashing and restarting themselves over again.

What was the Target?• The attack targeted an Iranian Nuclear

Infrastructure.• It targeted the automated control systems

used at the facility.• The mission of attack was to damage the

facilities enrichment centrifuges at the Iranian Uranium enrichment plant in Natanz.

Methods of Operation• Stuxnet was introduced into the Natanz Uranium

Enrichment Facility through a USB flash drive that was inserted a computer by an Iranian double agent.

• Stuxnet was approximately 500 kilobytes in size, which meant that it could be easily transported on most modern storage devices.

• Was able to self-replicate itself and was able to keep recreating itself without interaction from a computer user.

• Stuxnet would examine each computer to ensure it was apart of a Siemens industrial control system. If it wasn’t the virus would do nothing.

• If it were part of Siemens system, it would connect to Internet and download the latest update of the worm and release it.

Removal• Removal requires a Microsoft patch to be installed to reduce the

capability for the virus to spread any further.• Passwords and any other type of access to any significant

information be immediately updated.• An antivirus was made to block the virus the security weapon was

called “VirusBlokAda”.• This has become a major tool for viruses and cyber attacks such as

this.

Aftermath

• Stuxnet has destroyed thousands of centrifuges and greatly delayed Iran’s nuclear program.

• Other programs with similar design are using parts of the code used in stuxnet.

• Aftermath of Stuxnet would also be seen in the world by the arms race that most likely follows the success of such a cyber weapon.

• Ralph Loanger states that stuxnet has “changed global military strategy in the 21st century”.

Who is responsible?

• In the 21st century, Iran has become a big threat to the United States. This threat stems from Iran’s ability to use nuclear power at their will.

• The biggest issue or concern for the Unites States is that Iran could/would use nuclear power in a destructive away against them or other countries.

• For many years, the United States has monitored Iran and their nuclear power with hopes of being able to prevent any catastrophic incident from occurring. Fortunately, technology provided the tools necessary to damage Iran’s nuclear capability.

• Stuxnet was a computer worm that was created with the motives of disabling Iran’s nuclear capability.

Changes in Cyber Security• Since the creation of Stuxnet, there is a high demand for cyber

security officers to work within the department of Homeland Security to protect government systems.

• Being a game changer for security concerning nuclear energy , which caused the government to hire more full time work on the cyber security.

• Developing more sharp practices within cyber security rather than basic mundane procedures that were already in place with stuxnet occurred.

Conclusion

• Stuxnet was a computer virus that was created with the motives of disabling Iran’s nuclear capability.

• Was able to self-replicate itself and was able to keep recreating itself without interaction from a computer user.

• Stuxnet has made us change how we protect our files and ourselves.• Stuxnet was a “game changer” concerning nuclear energy and its

potential to destroy nuclear centrifuges.• This virus should be further studied to advance the world of Cyber

Security.

Citations

• Kushner, D. (n.d.). The Real Story of Stuxnet. Retrieved April 10, 2016, from http://spectrum.ieee.org/telecom/security/the-real-story-of-stuxnet

• Kelley, M. B. (2013). The Stuxnet Attack On Iran's Nuclear Plant Was 'Far More Dangerous' Than Previously Thought. Retrieved April 10, 2016, from http://www.businessinsider.com/stuxnet-was-far-more-dangerous-than-previous-thought-2013-11

• Taylor, R. W., Fritsch, E. J., & Liederbach, J. (n.d.). Digital crime and digital terrorism.• Kelley, M. B. (2012). The Stuxnet Virus At Iran's Nuclear Facility Was Planted By An Iranian Double

Agent. Retrieved April 10, 2016, from http://www.businessinsider.com/stuxnet-virus-planted-by-iranian-double-agent-2012-4

• Zero Day Definition. (n.d.). Retrieved April 10, 2016, from http://www.kaspersky.com/internet-security-center/definitions/zero-day-exploit

• How Digital Detectives Deciphered Stuxnet, the Most Menacing Malware in History | WIRED. (n.d.). Retrieved from http://www.wired.com/2011/07/how-digital-detectives-deciphered-stuxnet/

• The StuxNet industrial worm - Case Communications. (n.d.). Retrieved from http://casecomms.com/stuxnet-industrial-worm/

Citations (Cont’d)

• Zetter, K. (n.d.). Countdown to Zero Day: Stuxnet and the launch of the world's first digital weapon.

• An Unprecedented Look at Stuxnet, the World’s First Digital Weapon. (n.d.). Retrieved April 13, 2016, from http://www.wired.com/2014/11/countdown-to-zero-day-stuxnet/

• Ashenden, D. (2016). The Human Shield [Abstract]. 23-24. Retrieved April 11, 2016. • News, T. (2010). Stuxnet Targets Uranium Enrichment Plants. Code for Industrial Computer

Worm Unravelled. Retrieved April 11, 2016. • "Stuxnet: What Has Changed?" MDPI. N.p., n.d. Web. 14 Apr. 2016.• "Stuxnet: The Aftermath." Prezi.com. N.p., n.d. Web. 14 Apr. 2016.• Computer Weekly. (2015, October 21). Stuxnet: A wake-up call for nuclear cyber security.

Retrieved from http://www.computerweekly.com/news/4500255858/Stuxnet-A-wake-up-call-for-nuclear-cyber-security