One step away from a cyber Pearl Harbor

The world’s most powerful state admitted using cyberweapons.

On 1 June, the world woke up to a new era. The world’s most powerful state admitted using cyberweapons. This might be the most important arms news since the first nuclear attack on Hiroshima in the mid-twentieth century or the first ICBM launch.

On that day, The New York Times published a lengthy article, with reference to unnamed sources, discussing U.S. use of cyberweapons to undermine nuclear facilities in Iran. The program of cyber attacks, begun in the Bush administration and code-named Olympic Games, has been accelerated by President Obama. The attack plan became public after the combat malware, which was later given the name Stuxnet, escaped Iran’s Natanz enrichment facility and was sent around the world on the Internet because of a programming error.

Experts tend to disagree as to the scope of the malware’s efficiency; however, it was reported that Stuxnet temporarily disabled nearly 1,000 of the 5,000 centrifuges Iran was using at the time to purify uranium. The U.S. Administration considered this a satisfactory result, because Iran’s nuclear effort was set back by 18 months to two years.

More details of the operation are available in David Sanger’s book “Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power,” published on 5 June.

Technically, the United States has already acknowledged developing and using cyberweapons. For instance, in May, Secretary of State Hillary Clinton announced that the government services had hacked Al Qaeda’s Web site and made substantial changes to its content. This was the first formal acknowledgement of the U.S. government’s involvement in cyber attacks. However, essentially it was a trick worthy of a rooky hacker.

The article published by The New York Times suggests a totally different level of using computer technologies for military purposes. “It appears to be the first time the United States has repeatedly used cyberweapons to cripple another country’s infrastructure, achieving, with computer code, what until then could be accomplished only by bombing a country or sending in agents to plant explosives.”

The FBI’s investigation into the leak of classified data to The New York Times shows how serious things really are. For their part, some high-ranking republicans led by Senator John McCain accused Obama of deliberately divulging classified information to look stronger during the election campaign. According to McCain, the president “is trying to boost his re-election chances while undermining national security.” The White House has denied McCain’s claims, but not the New York Times revelations.

Incidentally, the U.S. is pondering a new computer security bill, which is necessitated by both real challenges and the fact that key infrastructure facilities in the country are privately-owned, but America’s national security depends on their stable operation. These include power grids, air carriers and, naturally, the New York Stock Exchange.

Former CIA Director and current Defense Secretary Leon Panetta once said: “The next Pearl Harbor we confront could very well be a cyber attack.” This is the essence of the problem, not the election maneuvers or classified data leaks. A cyber attack might mean war.

“The United States made a statement not long ago that a cyber attack may be interpreted as an act of war against the U.S., giving sufficient reason to retaliate employing all the means it has,” Gennady Yevstafyev, retired lieutenant general of the Foreign Intelligence Service, said in a comment.

It should be noted that the notions of cyber attack and cyber war are still undefined in international law; they are still in the “grey zone.” “It is very hard to identify the source of a cyber attack, especially if we have a superpower with a huge technological potential and complete superiority over its enemy, which does not have sufficient means to find and identify the source of attacks. This situation is currently made use of by modern aggressors in cyber space,” Yevstafyev says.

In order to prevent tragic outcomes, the expert insists on beginning international discussions in order to come to an agreement on the rules of conduct in cyber space. “The sooner the international community elaborates a strategy and tactics to address these issues, the better, because the things happening now should be regarded as hostilities,” Yevstafyev says.

All rights reserved by Rossiyskaya Gazeta.