CHAPTER 8 : SECURING INFORMATION SYSTEMS

Case : Stuxnet and Cyberwarfare

1.What are the three classes of of cyberattacks and their effects , according to the
Zertag video ?

The three classes of attacks are intellectual property theft, infrastructure and
attacks that threaten the military’s ability. these intellectual property attack will
degrades the most of our economy , the attacks to our infrastructure can effect our
way of life and attacks that threaten the military’s ability to defend a country can make
it vulnerable to more types of attack.

2.What are the five differences between cyberwarfare and traditional warefare ?

The five differences between cyberware and traditional warefare are: First, the
most powerful nations in cyberwarfare are actually the most vulnerable. Second,
Telecommunications networks, Web sites, and private companies must all work
together to battle cyberattacks because the government is not capable of carrying out
warfare on its own. Third, “huge attack surface” that zertag have mention which is
the devices and applications for criminals to target. Fourth, in cyberwarfare,even there
is an attack that have been made the victims sometimes doesnt aware of it until a few
month after the initial And fifth, In traditional warfare, attacks took of preparation
months or years, and the response time could be very quick. cyberwarfare is often
with no warning before an attack and a long response time before the retaliation .

3.Why is the Stuxnet event considered to be historic?

Because Stuxnet is the first computer malware that able to disrupt and harm
another nation. It was like the use of poison gas in World War I, or the use of nuclear
weapons in 1945, but in a more intellegent ways.
4.What is a danger that the creators of Stuxnet have created for other industrial
counties, including the United States? What is the greatest fear created by Stuxnet?

The main problem is the code can be copied and changed by anyone that capable
to changed it and can be launched to even the by the one who used it in the first
place .It could also fall into the hands of more intelligent hackers, private individuals.
That could use it in a many bad ways.

5.Why are people (agents) needed “on the ground” in order for the Stuxnet virus to
work?

People on the ground are quite useful, local agents are often needed to tap into
the closed network to download the target software and upload the virus ,if the
network is encrypted or private.

6.Why did Iran, and American commentators, not consider Stuxnet an act of war?

As the General noted in the video, there is a continuum between peace and all-
out war. Stuxnet,could be seen as in between these two poles, and therefore a
“hostile” event, but its not like an all out war, for instance, an air strikes against a
countries power stations thatwould affect the nuclear facilities, but Stuxnet is more
likely to be a strategic conventional warfare strike.