A cyberworm that knows no boundaries

Isaac Porche, Jerry Sollinger, Shawn McKay

Research output: Book/ReportBook

173 Downloads (Pure)

Abstract

Iran's announcement that a computer worm called Stuxnet had infected computers that controlled one of its nuclear processing facilities marked a signal event in cyber attacks. Although such attacks were known to be theoretically possible, the incident proved that a cyberworm could successfully infiltrate a system and produce physical damage. Furthermore, the sophisticated nature of the worm and the resources that would have been required to design, produce, and implant it strongly suggest a state-sponsored effort. It has become clear that Stuxnet-like worms pose a serious threat even to infrastructure and computer systems that are not connected to the Internet. However, defending against such attacks is an increasingly complex prospect. The nature of cyberspace ensures that the attacker has the upper hand and can move about with impunity and relative anonymity. The sophistication of virulent malware has also made it difficult to detect whether an intrusion has occurred, and attackers have a wide range of means at their disposal to gain access to networks, even those that are closed. Finally, bureaucratic and legal barriers can hinder the ability to mount a successful defense. Under the current framework, different organizations have different responsibilities and different levels of authority when it comes to investigating or defending against intrusions, depending on the nature of the attack, its geographic origin, and the systems it targets. In addition, there is a need to protect critical government and private-sector infrastructure in a way that does not infringe on civil liberties or proprietary data. The authors argue that new legislation is needed to establish a more efficient assignment of responsibilities, and a revised legal code may be required to successfully defend against the ever-evolving cyber threat.
Original languageEnglish (US)
Place of PublicationSanta Monica
PublisherRAND Corporation
Number of pages54
ISBN (Print)9780833059802
StatePublished - 2011

Fingerprint

Dive into the research topics of 'A cyberworm that knows no boundaries'. Together they form a unique fingerprint.

Cite this