Identification and Infection of PLC Devices by Stuxnet Worm

Stuxnet worm has numerous routines of identifying the specific model of PLC. The checking of the model is significant as the instructions of machine level keep on varying on different devices of PLC (Farwell and Rohozinski, 2011: 24). Upon the identification and infection of the device that is targeted, Stuxnet worm takes over and can intercept data that is flowing to the inside and outside of the PLC. On top controlling, Stuxnet can also interfere with that particular data in any way.  

When Stuxnet has made the identification of the target, it institutes a change to the to the Siemens code that is referred to as organizational block 35. This component of the Siemens complements the purpose of monitoring the operations of the factories that are critical for instance activities that need to respond in a shortest time possible such as 100 milliseconds (Chen and Abu-Nimeh, 2011: 92). Stuxnet operates without being detected on windows. In the system of SCADA, the windows machine does communication with PLCs through a program that is referred to as PS7.

Essentially, there is a translation of user command that is useful for the PLCs through the use of library sets. One of the libraries containing translations that are used to read and write processes that are new for PLC is targeted by Stuxnet (Farwell and Rohozinski, 2011: 27). It takes advantage of exploiting the database, renaming and replacing the library that was original with a new version that has been modified (Leau, 2017:162-167). The new commands that are modified include those that are used to read and write the codes of the PLC. This results in the interception and changing of the controls to suit the demands of Stuxnet.

Iran is poised to receive strong opposition from various countries across the world especially from the United States and its allies. This is because of the fear that Iran might help Palestine in unleashing the nuclear weapons on Israel (Jewell, 2011:1043). The nuclear plant of Iran may also pose a great threat to global security, and this is according to the United Nations Security Council. This implies that the opposition is going to be stronger. This is because of Iran not adhering to the Security Council laws and regulations. Therefore, the probability risk of Iran facing war threats is high. This can be witnessed by the threats being issued mainly by the United States and its allies.

Change to Organizational Block 35

The Iranian nuclear research asset poses a considerable ecological risk to the people of Iran. This is as a result of the process that is involved in the plant (Jewell, 2011:1045). The chemicals that are used are highly reactive and highly explosive. The chemicals are also highly toxic. If they are not handled properly and are as a result released to the environment, they are poised to cause a great risk to the people of Iran. Inhaling of the toxic gases can result in the death of humans as well as animals. The gases can cause a great risk to the environment by polluting it, and this may result in the threatening of existing life.

The nuclear programme puts Iran in the risk of being attacked by the opposing nations. This is especially America and its allies such as some of the European countries (Jewell, 2011:1051). This is evident going by the threats that are being given by America. America believes that the solution to the Iran nuclear programme and attacking it, destroying the plants and overthrowing the government. This will ensure that the nuclear power plants are eradicated, and a new regime or government is instituted that is not pro-nuclear weapons. The probability of the risk of an attack being unleashed upon Iran by the U.S and its allies is very high.

The most appropriate way of Iran protecting itself is through the framework of enterprise architecture. This framework contains principles of security, artifacts that are related to security and metrics of security (Chen and Abu-Nimeh, 2011: 92).  This gives room to the architects of security to evaluate the security of an enterprise easily. This will allow them to improve their principles of security easily. Stuxnet attacks and infects a computer causing the alterations by gaining control and changing the codes.

A graphical representation showing the percentage of W32.Stuxnet Hits in developing countries.

However, enterprise architecture will make a modification that will ensure that the security of a computer and hence its programs are guaranteed. This means that each time Stuxnet infects a computer and tries to change the codes, it gets a completely different modification that it cannot alter (Farwell and Rohozinski, 2011: 34). The enterprise architect framework will also ensure that the Stuxnet worm does not identify the specific model of PLC. By not identifying the model of the PLC, it means that infecting the PLC will not be realized. This will facilitate the protection from Stuxnet. The EA framework is capable of raising many issues within an enterprise concerning security including how they can be protected in a manner that is secure.

Threats to Iran From Opposing Nations

These articles spell out how a country can defend itself upon an attack. Article 2(4) spells out that a nation cannot interfere with another country that is sovereign for instance by attacking it. This means that a nation is protected from any attack by another government (McDonald and Patrick, 2010: 65). For instance, according to this article, U.S cannot proceed to attack Iran unless the UN Security Council has authorized it. This implies that Iran is fully protected from any attack by the laws of the UN Security Council.

Article 51 of the UN charter spells out that a nation is supposed to use self-defense only after it has been attacked and after the UN Security Council has allowed it to. The article is vague in allowing the states in asserting their right to defend themselves while reducing the probability of causing a conflict (McDonald and Patrick, 2010: 74). One side cannot determine if it has been attacked offensively. The determination is left upon the UN Security Council. However, the attack is not specified by the article as to whether it is military or cyberattacks. In this case, Iran was attacked by the U.S in conjunction with Israel, but it cannot attack back to defend itself without approval from the Security Council.

The application of network security has gone through tremendous changes recently. In the earlier days, people used physical means to protect information. However, the advent of computer usage in the various fields has resulted in need of creating software files that are to be utilized in the protection of data and relevant information stored in the computers (Morrow B., 2012: 5-8).  The tool designed for protecting data and illegal users is what is termed as computer security.

The introduction and the revolution of communication have led to the formulation of distribution systems that require the carrying of information from the terminal user to the other sets of computers. Network security, therefore, is fundamental in protecting the data during the process of transmission (Moore T. C., 2009: 3-20). The various mechanisms established to meet such specification for instance authentication or confidentiality proves to be quite difficult. Therefore an individual must consider developing specific measures when incorporating the security mechanisms. These mechanisms include not only algorithms and protocols but the people involved must have secret information hence extends doubts on the creation of the dissemination and protection of this information (Perlman, 2016). Therefore becoming important to create a model where the security services may be viewed.

Ecological Risk of Iranian Nuclear Research Asset

Conversely, for the management of an organization to understand the security needs, there should be a systematic way for the system to be at a sufficient level. The approach that may be used is to consider some aspects of information security that is the security service, mechanism and security attacks (Morrow, 2012: 5-8). The security attack aims to identify the ways through which intruders may get unauthorized data using several mechanisms in providing such services.

The network security involves the practices and policies that are adopted to monitor the misuse, unauthorized access or denial of the computer networks. It incorporates the authorization on the access to data, and the users may be assigned password for authenticating hence allowing them to access the information at their disposal. The security of information covers both the private and public networks which are used in conducting transactions between the various agencies, business enterprises, and individuals (Brownlie, 2012: 157). The security management system for specific networks depends on the situation at hand. For instance, the security of small offices requires primary systems while for the large organization it involves advanced software and high maintenance to prevent malicious attacks that are hacking or spamming.

With the increase of cyber-crimes worldwide, businesses have to invest in the improvement of their network security to protect their data from unauthorized access. This global problem needs to be acted upon to close the loopholes that exist in their networks. The paper will discuss innovative and most recent products/measures that can be adopted by businesses. This paper will focus on a single company for specificity (Smith, 2016: 224-234). Due to the changing trends in the business world, many enterprises rely heavily on networking and security to offer their services. Fast, efficient, and secure networks improve on work efficiency and overall productivity.

Enterprises such as banks, Sacco’s, manufacturing and production companies and other firms cannot operate without a good networking system. In the past few years, the range of threats that the computer network face by sophisticated intruders and attackers has increased considerably across all societal boundaries and has enforced difficult economic burden on businesses, well-being and different organizations (Moore, 2009). Therefore, taking risk assessment is a fundamental issue in the computer network. This paper discusses the risk that may occur in the networking field, risk assessment, mitigation measures, and strategic control.

Cryptography is highly essential in this technological era. The technology significance can be seen by many since it helps with the protection of the information which travels over the internet. Cryptology has managed to offer security since this technological era has been vulnerable to hackers, viruses and electronic fraud (Kraemer-Mbula, 2013). In my opinion, cryptography will involve the use of encryption which will offer protection to the content found on the internet. The material will include emails, telephone calls which uses the internet as the main medium and any transaction which may occur on the internet.

Enterprise Architecture as Protection Against Stuxnet

The Web 2.0 technology allows better collaboration and interactivity while accessing the web. Web 2.0 ushered in a new way of online socializing regarding networking and making friends. These benefits made it easier for people to become victims of malware attacks (Web 2. 0, 2012). Since more people preferred to use Web 2.0 then because of social networking sites, RSS feeds and blogs, security was bound to become an issue of concern (Shih, 2011: 27). Social networking websites are normally faced by two main threats broadly categorized as technical and social.  Technically, while Web 2.0 allows people to post content, it also allows malicious users to post malware. Socially, the security threats primary lie in the information shared by people on social media (Stallings, 2006). The availability of this information on social networking sites makes people more vulnerable to cyber-attacks such as phishing.

Considering the popularity of social networking sites, Web 2.0 allows malicious users to access personal information that could not have been obtained previously. Most individuals who are active on social networking sites tend to publish information about their lives including jobs, friends, hobbies and even work. Notably, this information is essential in identifying burglars (Kamel Boulos, 2013:2-23). Users of Web 2.0 do not realize the significance of information posted or the people accessing the data. Consequently, fraudsters can manipulate this information to steal the identity of a person and even go to the extent of opening accounts in their name (Kamel Boulos, 2007). Although Web 2.0 introduced higher levels of interactivity for users, it also resulted in increased vulnerabilities due to data leaks and other inherent security threats. These security threats threaten the confidentiality of data, especially in organizations.

Technically, Web 2.0 platforms are prone to cyber-attacks because they allow higher levels of interaction between the user and the browsers. The majority of Web 2.0 applications do not have sufficient authentication controls such as brute-force controls allowing hackers to easily exploit them. Also, the programmatic interface implemented in Web 2.0 applications allows malicious users to automate attacks easily (Wasserman, 2010: 397-400). The majority of business that operates on the internet does not block users from accessing Web 2.0 hence creating additional security risks because malicious code might be embedded in these sites.

To understand the security risk presented by Web 2.0, consider the Facebook situation in 2011 where users were click-jacked into announcing the ‘Twilight’ link. During the same period, twitter as infected by a rapidly spreading viral worm who objective was to scam people into viewing an advertisement. In 2010, unsuspecting LinkedIn users were infected with malware and malicious users attempted to access personal information. On YouTube, booby-trapped links have been set up in some sections because it allows users to add and modify the content of the site.                                     

Protection of Iran by UN Laws and Regulations

The concept of software security attempts to explain architects and developers have adopted a systematic way of building more secure software solutions. Knowledge of secure software development practices provides a contextual understanding of security mechanisms such as hashing, password, load balancing which can help in securing applications from security risks and threats (Leau, 2012). Secure web development requires applications to be compliant to privacy, governance, and regulations which basically the first step of securing applications against known and unknown threats.         

During the design and architectural stage of software development, it is important to ensure that the application takes into account security principles. In application development, the designers and analysts should take into consideration the potential security threats and vulnerabilities. For an application to be secure, risk analysis must be conducted in each phase of the software development process (Waxman, 2011: 421). Most importantly, the application must be maintained and updated to protect it from emerging cyber-attacks.

Through the integration of security best practices when developing applications, it is possible to mitigate the security risks from both external and internal sources. When developing secure applications, it is vital to consider data classification and protection techniques to secure applications from known and unknown security threats. Software applications should always be designed and developed with security features. Through threat modeling, it is possible to identify and profile application security threats (Kraemer-Mbula E. T., 2013: 541-555). The application release managers must conduct absolute source code control and post-mortem analysis of the application in the test environment before releasing them for us.

In the requirement analysis stage, applications are better protected when threats are foreseen and mitigation solutions recommended. This phase also allows risk assessment and profiling to be conducted on the application to identify security threats. The design stage is a very important phase in ensuring the security of applications. First, it allows implementation of privilege separation incorporates multiple security layers within the application framework and ensures secure failure in case the application ceases to work (Perlman, 2016). Code review and penetration testing allows the application development team to identify errors that present security threats. Identification of security threats is the first way of building secure web applications. Security protocols must be appropriately implemented and tested to prevent situations where user data is compromised.

Conclusion

Considering the security risk presented by Web 2.0, it is important for internet users to take precautionary measures by limiting the amount of personal information available online. If security is considered in all the phases of software development, it is possible to build more secure applications (Brownlie M. H., 2012).  Therefore, the software development life cycle of an application should integrate security best practices. After completion of application development, the application must be closely monitored and updated with patches to prevent the negative impact of new threats and vulnerabilities.  

References  

Brownlie, M., Hillier, S., and Van Oorschot, P.C., Entrust Ltd, 2012. Computer network security system and method having unilateral enforceable security policy provision. U.S. Patent 6,202,157.

Chen, T. and Abu-Nimeh, S., 2011.Lessons from Stuxnet. Computer, 44(4), pp.91-93. Farwell, J.P., and Rohozinski, R., 2011. Stuxnet and the future of cyberwar. Survival, 53(1), pp.23-40.

Jewell, J., 2011. Ready for nuclear energy?: An assessment of capacities and motivations for launching new national nuclear power programs. Energy Policy, 39(3), pp.1041-1055.

Kraemer-Mbula, E., Tang, P. and Rush, H., 2013. The cybercrime ecosystem: Online innovation in the shadows?. Technological Forecasting and Social Change, 80(3), pp.541-555.

Kamel Boulos, M.N. and Wheeler, S., 2017. The emerging Web 2.0 social software: an enabling suite of sociable technologies in health and health care education 1. Health Information & Libraries Journal, 24(1), pp.2-23.

McDonald, K.C., and Patrick, S.M., 2010. UN Security Council enlargement and US interests (No. 59). Council on Foreign Relations.

Leau, Y.B., Loo, W.K., Tham, W.Y. and Tan, S.F., 2012. Software development life cycle AGILE vs traditional approaches. In International Conference on Information and Network Technology (Vol. 37, No. 1, pp. 162-167).

Morrow, B., 2012. BYOD security challenges: control and protects your most sensitive data. Network Security, 2012(12), pp.5-8.

Moore, T., Clayton, R. and Anderson, R., 2009. The economics of online crime. Journal of Economic Perspectives, 23(3), pp.3-20.

Stallings, W., 2006. Cryptography and Network Security, 4/E. Pearson Education India.

Smith, A.D., 2016. Cybercriminal impacts on online business and consumer confidence. Online Information Review, 28(3), pp.224-234.

Shih, R.C., 2011. Can Web 2.0 technology assist college students in learning English writing?

Integrating Facebook and peer assessment with blended learning. Australasian Journal of Educational Technology, 27(5).

Perlman, R., Kaufman, C. and Speciner, M., 2016. Network security: private communication in a public world. Pearson Education India.

Waxman, M.C., 2011. Cyber-attacks and the use of force: Back to the future of article 2 (4). Yale Int’l L., 36, p.421.

Wasserman, A.I., 2010, November. Software engineering issues for mobile application development. In Proceedings of the FSE/SDP workshop on Future of software engineering research (pp. 397-400). ACM.