Small Wars Journal

Stuxnet: Cyberwar Revolution in Military Affairs

Thu, 04/14/2011 - 10:41pm
Stuxnet: Cyberwar Revolution in Military Affairs

by Paulo Shakarian

Download The Full Article: Stuxnet: Cyberwar Revolution in Military Affairs

On June 17th, 2010, security researchers at a small Belarusian firm known as VirusBlockAda identified malicious software (malware) that infected USB memory sticks. In the months that followed, there was a flurry of activity in the computer security community -- revealing that this discovery identified only one component of a new computer worm known as Stuxnet. This software was designed to specifically target industrial equipment. Once it was revealed that the majority of infections were discovered in Iran, along with an unexplained decommissioning of centrifuges at the Iranian fuel enrichment plant (FEP) at Natanz, many in the media speculated that the ultimate goal of Stuxnet was to target Iranian nuclear facilities. In November of 2010, some of these suspicions were validated when Iranian President Mahmoud Ahmadinejad publically acknowledged that a computer worm created problems for a "limited number of our [nuclear] centrifuges." Reputable experts in the computer security community have already labeled Stuxnet as "unprecedented," an "evolutionary leap," and "the type of threat we hope to never see again."

In this paper, I argue that this malicious software represents a revolution in military affairs (RMA) in the virtual realm -- that is Stuxnet fundamentally changes the nature of cyber warfare. There are four reasons to this claim: (1) Stuxnet represents the first case in which industrial equipment was targeted with a cyber-weapon, (2) there is evidence that the worm was successful in its targeting of such equipment, (3) it represents a significant advance in the development of malicious software, and (4) Stuxnet has shown that several common assumptions about cyber-security are not always valid. In this paper I examine these four points as well as explore the future implications of the Stuxnet RMA.

Download The Full Article: Stuxnet: Cyberwar Revolution in Military Affairs

Paulo Shakarian is a Captain in the U.S. Army and a Ph.D. candidate in computer science at the University of Maryland (College Park) and will soon take up a position teaching computer science at the U.S. Military Academy. He holds a BS from the U.S. Military Academy and an MS from the University of Maryland (College Park), both in computer science.

The views expressed in this article are those of the authors and do not reflect the official policy or position of the United States Military Academy, United States Cyber Command, the Department of the Army, the Department of Defense, or the United States Government.

About the Author(s)


This Stuxnet malware has been tough for many computer experts to determine. In 2010, it infected nuclear control systems in Iran. Industrial control computers in Europe have been infected with a brand new malware. The Duqu virus doesn't appear to have direct influence, but mines for information that could be used for further attacks. Article resource: <a title="Duqu virus uses Stuxnet DNA to mine industrial data" href="">Duqu virus uses Stuxnet DNA to mine industrial data</a>

The amount of hyperbole employed in the title of this article alone almost stopped me from reading it. Calling Stuxnet an RMA is simply absurd; at best it might be the indication that an RMA has occurred (cyber-warfare/ targeting networked infrastructure), although even that is somewhat iffy (if a real RMA has occurred, it is the advent of digital networking as a whole). Just because a new TTP or system has become available does not mean an RMA has occurred.

Brett Patron

Fri, 04/15/2011 - 8:27am

I'm sure the Iranians granted the IAEA all the access they required to make that confirming determination. :)


Mark Pyruz

Fri, 04/15/2011 - 1:54am

The majority of infections were actually in Indonesia and India, not Iran as the author states.

And according to IAEA figures (backing up FM Salehi's claims), Stuxnet didn't put that much of a dent in Iran's nuclear program.

Brett Patron

Fri, 04/15/2011 - 12:13am

If there was a "revolution in military affairs" described, I missed it. While the science behind Stuxnet is fascinating, I don't see what make it an RMA.

Brett Patron

Thu, 04/14/2011 - 11:23pm

Twenty-four times the word "Cyber" is used, yet not once is it defined. Ergo, how is it modifying the words that it precedes?

This is the problem we are continuously having with "cyber" discussions. It's almost become like a drinking game, where with the use of "cyber" you take a shot. (With this article you'd be pretty lit by the end!)

Looking forward to delving into this paper.