On completing this course, you will be able to:
Welcome to this module, which aims to help you understand the growing need for cybersecurity.
Faced with an unprecedented surge in cyber attacks, never before has the demand for cybersecurity professionals been so high.
Find out more about what cybercriminals want and what you can do to ensure that a cyber threat never becomes a reality.
Cyberwarfare, as its name suggests, is the use of technology to penetrate and attack another nation’s computer systems and networks in an effort to cause damage or disrupt services, such as shutting down a power grid.
One example of a state-sponsored attack involved the Stuxnet malware that was designed not just to hijack targeted computers but to actually cause physical damage to equipment controlled by computers!
You know when it comes to security news, it's always puzzling what gets reported. As viewers of this show, you know there's a very regular rhythm of security issues that are always bubbling just below the surface and it takes something truly profound to grab the public's attention. Well, one new threat making the rounds did have the right mix of ingredients last summer. Stuxnet. I mean it makes sense, right? Computer attacks, nuclear power, foreign governments, sabotage, spy versus spy. But how much of it is real? Enough to say it's a sign of the times.
Now as all good threats, the details will continue to evolve, but I do think that there are five items worth paying attention to here.
The first one, non-trivial distribution. Primarily spread via USB sticks. Think non-Internet connected systems that then propagate by escalating privilege levels through zero day exploits, notable for the fact that true zeros are special and they're only valuable for a short period of time. Very expensive, very hard to come by.
The next one, sophistication. This is an intelligent worm. Initially targeting Windows computers, where it even installs its own drivers using a stolen but legitimate certificate. The offending certificate gets revoked of course, but then another one gets added within 24 hours.
Our third point, modular coding. This thing can get new tires while still on the road. Multiple control servers. First in Malaysia, then Denmark, now more, including peer-to-peer. In fact, when two run into each other, they compare versions and make sure that they're both updated.
Fourth point, unique targeting. Windows is just the intermediary, the friend of the friend. Stuxnet is looking for a particular model of PLC. That's programmable logic controller, which is technically not SCADA as it's often reported. These are small imbedded industrial control systems that run all sorts of automated processes, from factories to oil refineries to nuclear power plants. Stuxnet will leverage the vulnerability in the controller software to reach in and change very specific bits of data. Shut things off. Don't grease a bearing for 10 minutes. Don't sound an alarm. This is really unique knowledge. Respectable coding skills that imply a higher level of patience of good funding resources.
Our final point, motive. Stuxnet does not perform... excuse me. It does not threaten. It performs sabotage. Really has no criminal focus. Does not spread indiscriminately or steal credit card information or login credentials. It does not recruit systems into a botnet. It targets infrastructure, our most essential necessities like power, water, safety and much, much more. You know these are older systems. Very established. Generally run with the mentality of hey, if it ain't broke, don't fix it. These things don't get watched over and patched by technical handlers who understand these kind of things. Not yet anyway. So stay tuned. This one is not done. We all have a lot to learn and somebody is working hard to teach us.
The main reason for resorting to cyberwarfare is to gain advantage over adversaries, whether they are nations or competitors.
To gather compromised information and/or defense secrets
A nation or international organization can engage in cyberwarfare in order to steal defense secrets and gather information about technology that will help narrow the gaps in its industries and military capabilities.
Furthermore, compromised sensitive data can give attackers leverage to blackmail personnel within a foreign government.
To impact another nation’s infrastructure
Besides industrial and military espionage, a nation can continuously invade another nation’s infrastructure in order to cause disruption and chaos.
For example, a cyber attack could shut down the power grid of a major city. Consider the consequences if this were to happen; roads would be congested, the exchange of goods and services would be halted, patients would not be able to get the care they would need if an emergency occurred, access to the internet would be interrupted. By shutting down a power grid, a cyber attack could have a huge impact on the everyday life of ordinary citizens.
Cyberwarfare can destabilize a nation, disrupt its commerce, and cause its citizens to lose faith and confidence in their government without the attacker ever physically setting foot in the targeted country.
Cyberwarfare is a very serious issue with potentially devastating consequences, and attacks are becoming more widespread. Now, more than ever, nations and governments need cybersecurity professionals to help protect their citizens and infrastructure.