Information operations

A Stuxnet Drinking Game

A good friend mentioned to me, today, that 60 minutes, tomorrow night (4 March 2012) would be airing a special on Stuxnet.;cnav

Stuxnet – The sophisticated computer worm that sabotaged Iran’s
nuclear program is now out there, its idea and methods exposed to
terrorists or rogue nations who could use them to create their own
cyberweapon. Steve Kroft reports. Graham Messick is the producer.

Some Stuxnet-related merchandizing
Some Stuxnet-related merchandizing (Photo credit: Eugene Kaspersky)

Oh joy. Mild sarcasm.  Stuxnet has been examined, decomposed, deconstructed and constructed again.  The implications have been examined and everybody should know that Stuxnet is absolutely a model for some future weapons in cyberspace.  Stuxnet is not a cyberwar, of and by itself.  Never was and never will be. Some people tried to make the leap and position themselves as a cyberwarfare expert because of Stuxnet, but in my opinion they failed.  Miserably. Some have said, incorrectly, in my opinion, that Stuxnet will never happen again.  I agree, the particular exploits that Stuxnet used will probably never be used again.  But Stuxnet is a proof that specific exploits can be used to gain access to a specific system and specific code can be executed to perform a specific function. Future cyber weapons will be constructed as they always have been: to gain access to a specific system and then the payload will perform a specific function inside the targeted system.  If one deconstructs Stuxnet down to its basic functions, nothing is new, but in its execution, success and, most importantly, the huge publicity of its discovery and subsequent information effects, Stuxnet is a finely manufactured weapon which I expect will be duplicated – in its functionality – many, many times.

What does this have to do with a Stuxnet drinking game? My thanks to friends and members of a cyber discussion group I belong to for many of the following.  One swig of beer or a shot for each of the following:

  • The same old talking heads pontificating about Stuxnet
  • This is a wake up call (give us more money) – will be said by someone in the commercial sector
  • Cyber Pearl Harbor or Digital Pearl Harbor (thank you, Winn Schwartau)
  • Cyber Armageddon
  • Cyber 9-11
  • Cyber blitzkrieg
  • Maginot Line
  • Defense in depth
  • Need to invest in our security (give us more money) – will be said by someone in the commercial sector

PLEASE, don’t drink and drive. Please drink responsibly.  Remember to have a designated driver if you are away from home. If you are the designated driver, you’re screwed.

After about 15 minutes you should be so tipsy that by the end (about 20 minutes), you won’t be paying attention. Honestly, what can they possibly tell us that we haven’t heard before?


One thought on “A Stuxnet Drinking Game

  1. “Honestly, what can they possibly tell us that we haven’t heard before?”

    Hmmm,…how about maybe who the perpetrators were?

    Why does Ralph Langner get to be a ‘forensics’ expert by showing us dirty pictures of the rape victim?

Comments are closed.