Stuxnet And Playing Offense Instead Of Defense

Security experts call for emphasis on resilience, offense

The theme of this weeks Black Hat DC conference was offense -- not the traditional Black Hat tagline of digital self-defense.
That amid the backdrop of another report implicating the U.S. and Israel in the Stuxnet worm that targeted an Iranian nuclear facility. Stuxnet has become the poster child for the possibilities of covert, cyber-response to international conflict rather than traditional warfare, according to Jeff Moss, founder of Black Hat. Would you rather have a power plant turned off or exploded with bombs? This is the new normal -- the new world were going to be living in, Moss told attendees at Black Hat DC this week.
Moss, pointing to
an investigative piece
in
The New York Times
that implicated Israel and the U.S. in Stuxnets creation, said the notion of cyber-response is working its way into doctrine. Was
The New York Times
story a clever leak by the administration to demonstrate that this is our power? he said.
The bottom line is that researchers and security experts are being drawn into protecting critical infrastructure, he said. This makes addressing resiliency especially important, he said.
Franklin Kramer, former Deputy Secretary of Defense and currently a distinguished research fellow in the Center for Technology and National Security Policy at the National Defense University, said in his keynote address at Black Hat DC that he thinks Black Hat should consider exploring resilience techniques.
He also proposed a public-private think-tank that would serve as a catalyst for merging policy and technology for the notion of cyber-response or cyberwar. Combining policy with the technical is too difficult to do only in the government or outside the government, Kramer said.
Kramer said cyberwarfare requires a combination of offense and defense. You cant succeed without both, he said. And cyber conflicts themselves arent easy to control: Non-state actors could engage ... and they can be less rational, less controlled, a potentially escalatory situation, he said. And the basic ease-of-use of technology could result in too much damage too quickly. A contained war might be less possible, he said. And with the ease of entry and lack of overall defenses could mean its harder for the U.S. to dominate.
Meanwhile, the debate still rages on about who was behind Stuxnet. It was too sophisticated for a 19-year-old in Stockholm to create, says Evan Lesser, managing director and founder of ClearanceJobs.com, an online career site for jobs that require federal security clearance. If indeed it was the U.S. and Israel, he says, it will be tough to prove. The difference between cyberwar and regular war is that with boots on the ground, you can see the U.S. flag, for example ... so its more obvious who is doing what. Cyberwar is much more shady and clandestine.
One thing is certain: Iran was the target of Stuxnet, says Tom Parker, director of security consulting services at Securicon. Parker maintains that Stuxnet was for
delaying or setting back Irans nuclear enrichment program
, not destroying it.
It was not an insider, and probably not a Western-state acting alone, Parker said. There were too many slip-ups.
No one party could have done it all alone, he said. You would need access to the hardware and software, frequency converters ... stolen digital certificates, he said. They had to test it on systems themselves ... An adversary would have needed to acquire it officially or illicitly.
But neither Parker nor other security experts this week were willing to say for sure that they are convinced that Stuxnet was the cyberoffensive work of the U.S. and Israel.
Have a comment on this story? Please click Discuss below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Stuxnet And Playing Offense Instead Of Defense