Free Essay. Cyber Weapon Detection and Response

Stuxnet Breach was a damaging attack against the nuclear program of Iran. The attack is reported to have been orchestrated by the United States, with the help of Israel. The two global powers united to frustrate the efforts by Iran to establish their nuclear weapons through a cyber-weapon, which at the time was coded as “Olympic Games.” They infiltrated the Iranian nuclear program and wanted to create a situation where the Iranians felt they could not continue with their nuclear program (Nakashima & Warrick, 2012). It was mooted as a silent and slow method of damaging the Iran nuclear program to a devastating effect. With that slow attack, the Iranians would lose hope on whatever they were doing and abandon the process.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Order now

It took several years to detect the cyber weapon. The malware was discovered in 2010, while it was developed during the time of George Walker Bush, who left office in 2008 (Nakashima & Warrick, 2012). The idea began in 2006, effects began to show in 2008, and the malware was detected in 2008 (Nakashima & Warrick, 2012). This means there were about four years of working on the malware and infiltrating the Iran nuclear program. At the time that the worm was discovered in 2010, coded as Olympic Games, the cyber weapon had destroyed about 1000 of the 6000 centrifuges that Iran was using to enrich uranium for making the atomic bombs (Nakashima & Warrick, 2012). This means that at about 16.7% of the program’s centrifuges.

In a case involving the United States and Israel on one side and Iran on the other side, it is always a diplomatic spat. Iran was engaged in nuclear deal talks with other global powers. The attack may just have triggered their conscience to invoke pessimism in any deal that was being mooted. Iran reconsidered any concessions in the nuclear energy talks that were ongoing, forcing a hand among the other parties like the United States, and North Korea, among others (Nakashima & Warrick, 2012).

In the attack orchestrated by the United States and Israel against the Iran nuclear program, the malware was introduced through spies and insiders. Therefore, two flaws can clearly be identified in that sense. Arce et al. (2014) identified different flaws that could create vulnerabilities through which a system is attacked. Two of the flaws identified include; consideration of the users and identification and handling of sensitive data. Arce et al. (2014) advised that the people who interact with the system either as end-users or in the maintenance and configuration end can make or ruin a system. Therefore, their actions must be clearly monitored. Had the Iranians monitored the people operating the system internally, the flaws may not have been introduced into their network. The people who were installed the destructive malware were part of the internal users’ team, and their actions went a long way in enabling the destruction.

Arce et al. (2014) posited that sensitive data handling is vital in any system. Their position is supported by Cheng et al. (2017), who voiced that anything that compromises the integrity of the data must be detected and repelled early enough. In such a system, the introduction of foreign data should be monitored and approved from the top. Any act should be recognized long before it causes any damage. The fact that they managed to install the malware into the system and cause such destruction for years means that the handling of sensitive data was not keenly observed and handled at that time. Such missing links enabled the colluders and the spies working for the United States and Israel to find their way and plant the Olympic Games into the nuclear program’s system.

References

Arce, I., Clark-Fisher, K., Daswani, N., DelGrosso, J., Dhillon, D., & Kern, C. et al. (2014). Avoiding the top 10 software security design flaws [Ebook]. IEEE Computer Society Center for Secure Design.

Cheng, L., Liu, F., & Yao, D. (2017). Enterprise data breach: causes, challenges, prevention, and future directions. Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery, 7(5), e1211. https://doi.org/10.1002/widm.1211

Nakashima, E., & Warrick, J. (2012). Stuxnet was work of U.S. and Israeli experts, officials say. Washington Post. Retrieved 13 August 2020, from `https://www.washingtonpost.com/world/national-security/stuxnet-was-work-of-us-and-israeli-experts-officials-say/2012/06/01/gJQAlnEy6U_story.html?utm_term=.5836e8816a74.