An Cosantóir

www.military.ie the defence forces magazine | 21 (programmable logic controller) can completely destroy or take over that system. It may speed up or slow down the system, causing it to operate above safety limits until it malfunctions. While many of us will have experienced vi- ruses on our PCs, the results of cyber attack on a country's infrastructure could be catastrophic. Many computer networks have a PLC. This small and compact device is a mini computer that controls a variety of devices from pipelines and chemical plants to elevators. A hacker can breach theses devices using sophisticated computer worms, such as Stuxnet. Considered by many to be the world's first digital weap- on, the Stuxnet worm targets industrial control networks that are used to control and monitor large-scale industrial facilities: power plants, dams, waste processing systems, and similar operations. It is unknown who, or which country, developed Stuxnet but it has been attributed to certain western powers by the media as it was developed in 2005 and used to attack Iran's top-secret uranium enrichment facility at Natanz in November 2007. Having encountered a number of problems such as com- puters crashing and rebooting continuously and the centri- fuges that were used to enrich the uranium gas failing at alarming rates, the Iranians decided to call in a computer security firm to troubleshoot the problem. Unlike other computer worms or virus-related software, Stuxnet escaped the digital realm and wrought physical destruction on the equipment the computers controlled. To the untrained eye, it looked as if their own computer system was destroying the machines it was controlling. The worm had been unleashed a year before and slowly infiltrated the system leaving little or no trace before it ac- celerated, destroying its targets. Another attack targeted Natanz's German-made Siemens computer systems. In this case the worm could not have been downloaded directly from the net as the system within the nuclear plant was air-gapped and could not be breached by remote hackers. Instead, the attackers had designed their weapon to spread via infected USB flash drives. To achieve this, the attackers identified five companies carrying out contract work for their target and infected their computers, making each company a 'patient zero', an unwitting carrier of the lethal devices. As they brought their infected flash drives in and in- serted them in the computers of the nuclear facility, the worm was unleashed, spreading rapidly and fulfilling its destructive purpose. Having identified that the computers as the problem, the Iranians replaced a number of machines used for enriching the uranium, allowing them to press ahead with their nuclear programme. During this period of relative calm, production increased. However, utilising the same attack method that was used before, hackers infiltrated four contract com- panies that were either manufacturing products or installing component parts or control systems at the nuclear facility. These surrogates, again unknowingly infected, provided the attackers with a gateway for the Stuxnet virus to access Natanz. While previous versions of the worm only infected Step 7 project files, a deadlier version was used in the second attack that could spread using Windows' Auto- run feature. Infiltrating the programmers' local network via the print-spooler zero-day, the infections of each company were spaced out over a few weeks. It was dif- ficult for IT personnel to identify the problems, as when they scanned for viruses no malware was found on their machines. When they used conventional methods such as DVDs or CDs to transfer data from an infected machine to a clean one there were no problems but when using a USB flash drive, the new PCs started having the same problems as their predecessors. Production at the facility decreased as the computer problems continued to destroy the machinery associated with the manufacturing process, leaving the future of Iran's nuclear programme uncertain. The future of warfare is changing rapidly as cyber attacks are now permeating everyday life. Cyber sabotage affects us all, as individual terrorists or rogue nations develop weapons that can shut down air traffic control systems, cooling plants, electric grid or traffic lights, and many, many more systems. Without deploying military personnel or using force, at- tackers can get into fortified facilities, shut them down and wreak havoc on a scale never before seen. Cyber warfare needs to be taken much more seriously. No mission has yet been given to secure the internet, and rogue elements are infiltrating, corrupting and destroying infrastructure through the net. There is a need for policy and highly skilled computer personnel that are given the resources to combat such attacks, as future warfare will see 'keyboard warriors' doing battle on a virtual battlefield that will have geopolitical implications and deadly conse- quences for the world's population.

• Cover