Can Israeli Malware Stop a Nuclear Iran?
Computer hackers are normally thought of as nefarious individuals who hide in the dark web of the internet and look to launch attacks that will make them money or serve their interests. But in reality, the hacking community is made up of various groups that each have their own intentions, some of which may be good or evil.
In today’s world, cybersecurity has become a political force and an issue of national security. The Middle East, in particular, has experienced this trend as technology plays a more central role in their defense and weapons departments. Governments across the world now look to hire the best hackers on the internet to put their skills to good use.
This article will focus on the decades-long battle between Israel and Iran, which has escalated to new levels in recent months. It seems inevitable that one side or the other will eventually launch a strike. The question is: will it be a physical or a cyber bomb?
The History of Stuxnet
The cyberwar between Israel and Iran dates back at least a decade to when Iran began expanding their nuclear infrastructure. Through a partnership with United States intelligence agencies, Israel launched a program to secretly interfere with Iran’s uranium mining program.
The end result was a piece of malware that has come to be known as Stuxnet. The worm was designed to secretly disrupt operations at the primary nuclear facility in Iran. After it was remotely installed by the Israeli military force, the Stuxnet malware adjusted how the nuclear plant software operated. Centrifuges were sped up and then slowed down to cripple the uranium refinement process.
In 2008 and 2009, the Stuxnet virus targeted a specific piece of software used in electro-mechanical equipment. Creators of the malware cleverly designed it to report false feedback to main controller systems, which meant that employees in the Iranian facility did not realize anything was wrong until their infrastructure began to self-destruct.
The existence of Stuxnet was kept secret until 2010, when an IT company from Belarus discovered it. This was the first known finding of a virus targeting wide-scale industrial systems, and since then more occurrences have come about. The original code has been modified to run as spyware in different environments and capture data from systems without users ever realizing it.
Current Tensions in the Middle East
In June of this year, Iran reportedly shot down a US drone that had entered its airspace. The event escalated tensions in the region, including with Israel. The Iranian government has made it clear that they intend to kick off a new uranium program, although they claim it will be for civilian energy purposes and not for weapons or defense.
All signs now point to the end of the Iranian nuclear deal which was reached in 2015 between Iran, the US, Israel, and the European Union. The negotiation required Iran to pause their nuclear development in exchange for the easing of sanctions. Israel has recently threatened to withdraw from the deal and the US already did so in May.
Modern Infrastructure Security
Since the discovery of the Stuxnet malware, software companies that operate within the engineering industry have gone to lengths to patch their applications and protect them from such outside influences. However, both good and evil hackers continue to look for loopholes or vulnerabilities in high-profile systems.
How best to defend an industrial network against Stuxnet-style malware?
While a virtual private network (VPN) does nothing to repel a malware attack, it uses encryption and IP address masking to essentially let your network go online in invisible mode, thus making it harder for hackers to find in the first place. Most experts recommend a VPN service as a baseline cybersecurity tactic. Subscription prices have come down in recent years and shouldn’t set you back more than $5 to $10 monthly.
This is an important point. A VPN does not block malware or keep your computer systems from being infected. To do so requires a different cybersecurity approach. Iran actually recently issued a claim saying that they have developed a new firewall system to defend against sabotage attacks like Stuxnet. A firewall sits at the very edge of an organization’s network and filters incoming web traffic to determine what should be allowed in and what should be blocked.
Then there’s the issue of physical security, which is often overlooked. The original Stuxnet malware was actually installed via a USB drive, meaning that no network activity was involved in the early stage. For these reasons, organizations need to also equip their infrastructure with next generation scanning and intrusion detection systems.
The Future of War
So how will this next phase of Middle East unrest play out? If Iran refuses to adhere to their international nuclear agreement, then military forces from the US, Israel, or elsewhere may feel like their only option is to strike. The question becomes: will that attack be cyber-based like Stuxnet or will it involve physical weaponry?
Technology will surely play an even larger role in global conflicts moving forward. Rather than risking human casualties in the line of fire, governments will see the benefits of using force via hacking and other forms of industrial cyberattacks.
Iran should also be considered a cyber threat. In 2017, Israel says Iranian government hackers attempted to infiltrate their missile warning system, which could have prevented national alerts from being sent. Israel’s defenses were able to block the attack but it is more proof of the changing landscape of warfare.
The Bottom Line
In today’s world, Iran is seen as a dangerous threat given its growing nuclear program. Other governments have attempted to slow this activity through sanctions and other political maneuvering. Behind the scenes, secret strategies are surely in play that involve technology and cyber warfare.
The Stuxnet virus from a decade ago is a prime example of how a country like Israel can use hacking skills to exert influence on the global landscape. We may be at the beginning of seeing this type of cyberattack cause crippling damage to industrial systems and become a prime form of espionage.