Qualitative risk analysis
Write a short report about Stuxnet, Quantitative Risk Analysis .
From the innovation of first computer-associated industrial control system devices, the concern around the hardware and software vulnerabilities and potential security risk associate with the devices are overwhelming. Stuxnet is a type of computer worm which infect industrial control systems that are mainly utilized in infrastructure supporting facilities such as gas lines, water treatment facility and power plants. This worms effects can be found in various region all over the world, mostly in Iran, India and Indonesia. The Stuxnet warm first discovered in 2010 by security firm in a Belarus (Iasiello, 2014). The malware was designed to attack a particular type of ICS specialty which is a nuclear plants for power or uranium enrichment. This warm has the capability to spread through an air-gapped network by a removal disk such a thumb drives. Industrial control systems are generally operated by assembly code on programmable logic controllers. They are designed to work without any internet connection. To gain access over PlCs, third parties must conduct reconnaissance(Gellman & Nakashima, 2013). However, every PLC is designed differently, for integrates any PLC system attacker first needs ICS’s schematics. This Schematics can also be stolen from inside by utilizing an early version of Stuxnet. Each component of Stuxnet was implemented for specific reason and for the final goal of potentially sabotage for the final goal of potentially sabotage for the final goal of potentially sabotaging the ICS. Attackers create a mirror environment of the ICS hardware such as DLCs to test their code. For infect the target ICS, removal disks are used to directly by some unknown third party such as contractor who perhaps has the access over ICS. When Stuxnet infected in a system its spread in search of field all over the organization. When stuxnet has the access over the target computer it’s modify the PLC code which sabotage the whole system. The massive piece of malware secretly mapped and monitored Iran’s computer networks, sending back a steady stream of intelligence to prepare for a cyber-warfare campaign, according to the officials. The effort, involving the National Security Agency, the CIA and Israel’s military, has included the use of destructive software such as the Stuxnet virus to cause malfunctions in Iran’s nuclear enrichment equipment (Singer, 2015). This malicious malware attacks in three phases. Firstly, it infect the windows networks and system and make multiple replicate of itself. Then it search for out Siemens Step7 software, which is also Windows-based and used to program industrial control systems that operate equipment, such as centrifuges. Finally, it compromised the programmable logic controllers.
Risk Matrix
The approach of qualitative risk analysis is applied to study in-depth of the collect data that would help to understand the event and the risk associate with the attack. According to some new research by cyber security firm, the Stuxnet was built to inflated target uranium enrichment equipment utilized to fuel Tehran’s controversial nuclear Program. At begging stage, it changes the revolution speed in a grammatical manner from 1410 Hz to 2 Hz and then 1046 Hz. That effects the systems functionality by modifying the output frequency and sabotages the automation system. Apparently meant to damage centrifuges at a uranium enrichment facility in Iran, Stuxnet now illustrates the potential complexities and dangers of cyberwar (Watkins, 2014). Iran is developing nuclear weapon from 1970 and since then there are multiple reports have accused that Iran is trying to develop an advance and productive mass destruction weapons. However, there is no solid evidence THAT Iran is associate with this activities. Many countries tried to uncover the truth by pressuring their authorities. On the other hand, Iran claims that they are following the arms control agreements and justified each new discovery by refereeing to the developing of a peaceful nation. The suspicions against Iran nuclear weapon program is gradually increasing. The nuclear program has been exposed by several destructive and advanced attempt such as Stuxnet (Guitton& Korzak, 2013). It was designed to attacks a certain target software which is responsible for regulate the speed of centrifuges in the enrichment program. The cyber worm infect the software system command the equipment to speed in a destructive manner that destroys the centrifuges. The main aim of the Stuxnet was not to destroy the nuclear program rather it was designed to delay the program. So international community can have some time to make pressure on Iran through negotiations and sanctions. The idea was to force them reconstruct the damage facility rather than proceed to the advance progression of the weapons.
|
Threats |
Description |
|
T1 |
The worm affect the centrifuges such corrupt associate system with a destructive speed that could lead to system failure. |
|
T2 |
The progression of the advancement is delayed. |
|
T3 |
The corrupted system needs to reconstruct as needs more time and cost investment. |
|
T4 |
The system hide the actual results of Stuxnet operations. |
|
T5 |
Possibility of losing secret information. |
|
Level |
Score |
For Threats |
|
|
High |
Very high |
5 |
|
|
High |
4 |
||
|
Medium |
Medium |
3 |
|
|
Low |
2 |
||
|
Low |
Very low |
1 |
|
Risk Analysis |
||
|
Rank. |
Risk |
Description |
|
R1 |
Depression |
Debt-deflation trap; falling growth and advancement. |
|
R2 |
Sovereign default |
Default by a major developed country on its dept. |
|
R3 |
Hyperinflation |
Extremely high inflation. |
|
R4 |
Banking Crisis |
Balance sheet cannot absorb the attack causalities. |
|
R5 |
Currency Crisis |
Extreme movement between floating rates. |
|
R6 |
Infrastructure Failure |
Interruption of grid/network. |
|
R7 |
Major war |
A major global Conflict. |
|
R8 |
Group conflict |
Hard to find the person who assist in the attack. |
Enterprise security architecture is a mainly focus on security throughout the enterprise (Gellman & Nakashima, 2013). It is a practice of applying a rigorous and comprehensive method for describing a current or future structure and behavior for an organization security process that could ensure the achievement of company goals (Bronk & Tikk-Ringas, 2013). It broadly relates with the security practice of business optimization as it address the business security architecture. It has been become a common practice among all the organization in order to achieve companies’ goals and maintain the productivity or services.
Enterprise Security Architecture
In the case of Iran nuclear asset it can be useful to prevent attack such as Stuxnet which is specially designed to infracted the target system. Enterprise security architecture framework such as SABSA, TOGAF, or C4ISTAR framework can help the Iranian prevent attacks (Gellman & Nakashima, 2013). The practice is involved in developing an architecture security framework to describe the current security framework and align them according to the program changes. There are certain advantages can be gain by utilizing this framework that are follows:
- Deliver cohesiveness, coherence and structure.
- It aligns the enterprise activities with the security.
- Establish a common framework for information security within the enterprise.
This framework provides clear identification of business process and the performance and how these are executed in the real time. It also evaluates the risks posture of the enterprise and check the capability of the current architecture system that is associate with the security of the organization (Bronk & Tikk-Ringas, 2013). the architecture process are flows down into the discrete information technology component such as organization activities, charts and process flows including the organization cycle, timing and periods.
Enterprise Architecture
Source:(Axelrod & Iliev, 2014)
UN Charter Article 2(4) and UN Charter Article 51 are set by the UN Security Council to determine any existence of any threat that could breach the peace. The main objectives of this article is to maintain peace by preventing war (Bronk & Tikk-Ringas, 2013). UN was constructed mainly because the destruction of World War 2. Nowadays, this charters are still active. According to the article 51 “Nothing in the present Charter shall impair the inherent right of individual or collective self-defense if an armed attack occurs against a Member of the United Nations, until the Security Council has taken measures necessary to maintain international peace and security (Axelrod & Iliev, 2014). Measures taken by Members in the exercise of this right of self-defense shall be immediately reported to the Security Council and shall not in any way affect the authority and responsibility of the Security Council under the present Charter to take at any time such action as it deems necessary in order to maintain or restore international peace and security.” After evaluating UN charter the illegality of Stuxnet can be determined. Whether Stuxnet is a violation of these two principles depends on whether it can be qualified as a use of ‘armed force. Stuxnet would be illegal even if it were established that Iran is in breach of the NPT. If however Stuxnet is not considered a use of force, it would be a breach of the principle of non-intervention, unless it amounts to a lawful countermeasure against Iran’s alleged breach of its non-proliferation obligations (Bambauer, 2013).
The regulations
Conclusion
Stuxnet is a type of computer worm which infect industrial control systems that are mainly utilized in infrastructure supporting facilities such as gas lines, water treatment facility and power plants. This worms effects can be found in various region all over the world, mostly in Iran, India and Indonesia. The Stuxnet warm first discovered in 2010 by security firm in a Belarus. The malware was designed to attack a particular type of ICS specialty which is a nuclear plants for power or uranium enrichment. This warm has the capability to spread through an air-gapped network by a removal disk such a thumb drives. Industrial control systems are generally operated by assembly code on programmable logic controllers. They are designed to work without any internet connection. To gain access over PlCs, third parties must conduct reconnaissance. However, every PLC is designed differently, for integrates any PLC system attacker first needs ICS’s schematics. This Schematics can also be stolen from inside by utilizing an early version of Stuxnet. Each component of Stuxnet was implemented for specific reason and for the final goal of potentially sabotage for the final goal of potentially sabotage for the final goal of potentially sabotaging the ICS. Security Council has taken measures necessary to maintain international peace and security (Axelrod & Iliev, 2014). Measures taken by Members in the exercise of this right of self-defense shall be immediately reported to the Security Council and shall not in any way affect the authority and responsibility of the Security Council under the present Charter to take at any time such action as it deems necessary in order to maintain or restore international peace and security.” After evaluating UN charter the illegality of Stuxnet can be determined. Whether Stuxnet is a violation of these two principles depends on whether it can be qualified as a use of ‘armed force. Stuxnet would be illegal even if it were established that Iran is in breach of the NPT
References:
Axelrod, R., & Iliev, R. (2014). Timing of cyber conflict. Proceedings of the National Academy of Sciences, 111(4), 1298-1303.
Bambauer, D. E. (2013). Ghost in the Network. U. Pa. L. Rev., 162, 1011.
Bronk, C., & Tikk-Ringas, E. (2013). The cyber attack on Saudi Aramco. Survival, 55(2), 81-96.
Gellman, B., & Nakashima, E. (2013). US spy agencies mounted 231 offensive cyber-operations in 2011, documents show. The Washington Post.
Guitton, C., & Korzak, E. (2013). The Sophistication Criterion for Attribution: Identifying the Perpetrators of Cyber-Attacks. The RUSI Journal, 158(4), 62-68.
Iasiello, E. (2014). Is cyber deterrence an illusory course of action?. Journal of Strategic Security, 7(1), 54.
Jenkins, R. (2013). Is Stuxnet physical? Does it matter?. Journal of Military Ethics, 12(1), 68-79.
Joyner, D. H. (2013). Iran’s Nuclear Program and International Law. Penn St. JL & Int’l Aff., 2, 282.
Kelley, M. B. (2013). The Stuxnet attack on Iran’s nuclear plant was ‘far more dangerous’ than previously thought. Business Insider, 20.
Kroenig, M. (2014). A time to attack: The looming Iranian nuclear threat. St. Martin’s Press.
Kushner, D. (2013). The real story of stuxnet. ieee Spectrum, 50(3), 48-53.
Lindsay, J. R. (2013). Stuxnet and the limits of cyber warfare. Security Studies, 22(3), 365-404.
Rid, T. (2013). Cyberwar and peace: Hacking can reduce real-world violence. Foreign Aff., 92, 77.
Singer, P. W. (2015). Stuxnet and its hidden lessons on the ethics of cyberweapons. Case W. Res. J. Int’l L., 47, 79.
Watkins, B. (2014). The impact of cyber attacks on the private sector. Briefing Paper, Association for International Affair, 12.
Wilson, C. (2014). Cyber threats to critical information infrastructure. In Cyberterrorism (pp. 123-136). Springer, New York, N
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
