Risk
8/4/2011
08:57 AM
50%
50%

Stuxnet Changes Terrorism Equation, Says Former CIA Official

The attack marks a turning point for counterterrorism efforts, making cyber a potential threat to any nation's domestic security.

Black Hat
The ability of the Stuxnet cyberattack to physically impact equipment has made cybersecurity significantly more important for U.S. domestic security strategy, a former counterterrorism official told attendees during the opening keynote at the Black Hat Security Briefings in Las Vegas, a UBM TechWeb event.

Until now, the primary worry of the U.S. government's counterterrorism groups has been stated by CBRN, which listed threats in order of likelihood: chemical, bacteriological, radiological, and nuclear, said Cofer Black, vice president for global operations for threat analysis firm Blackbird Technologies, and a 30-year veteran of the CIA's counterterrorism efforts. Since Stuxnet, terrorism concerns have morphed into KBC: kinetic, bacteriological, and cyber, he said.

"The Stuxnet attack is the Rubicon of our future," Black told attendees, referring to the river near Rome that Julius Caesar crossed to start an insurrection and become emperor, and which has become synonymous with a point of no return. "Your world, which people thought was college pranks cubed and squared, has now morphed into physical destruction ... from the victim's view, of a national resource. This is huge."

The extensive research and development required to make Stuxnet a reality suggests a nation-state's efforts. And the ability to affect physical assets means that cyber must now be considered a tool that could be utilized by terrorists, Black said.

Stuxnet, considered the first known cyberweapon, caused centrifuges critical to uranium processing to malfunction in Iran's processing facility, setting back that nation's attempts to develop a nuclear program.

Black's statements came the same day security firm McAfee revealed that dozens of companies had been targeted by a massive spy network that attempted to steal intellectual property and sensitive government information. Dubbed Shady RAT, the network appears to be the work of a nation-state, although McAfee would not name a particular country.

Read the rest of this article on Dark Reading.

Security concerns give many companies pause as they consider migrating portions of their IT operations to cloud-based services. But you can stay safe in the cloud. In this Dark Reading Tech Center report, we explain the risks and guide you in setting appropriate cloud security policies, processes and controls. Read our report now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-4692
Published: 2015-07-27
The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call.

CVE-2015-1840
Published: 2015-07-26
jquery_ujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and rails.js in jquery-ujs before 1.0.4, as used with Ruby on Rails 3.x and 4.x, allow remote attackers to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a different-domain web server, via a leading space cha...

CVE-2015-1872
Published: 2015-07-26
The ff_mjpeg_decode_sof function in libavcodec/mjpegdec.c in FFmpeg before 2.5.4 does not validate the number of components in a JPEG-LS Start Of Frame segment, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via craft...

CVE-2015-2847
Published: 2015-07-26
Honeywell Tuxedo Touch before 5.2.19.0_VA relies on client-side authentication involving JavaScript, which allows remote attackers to bypass intended access restrictions by removing USERACCT requests from the client-server data stream.

CVE-2015-2848
Published: 2015-07-26
Cross-site request forgery (CSRF) vulnerability in Honeywell Tuxedo Touch before 5.2.19.0_VA allows remote attackers to hijack the authentication of arbitrary users for requests associated with home-automation commands, as demonstrated by a door-unlock command.

Dark Reading Radio
Archived Dark Reading Radio
What’s the future of the venerable firewall? We’ve invited two security industry leaders to make their case: Join us and bring your questions and opinions!