One step away from a cyber Pearl Harbor

The U.S  may use cyberweapons against Iran in the near future. Source: PhotoXPress

The U.S may use cyberweapons against Iran in the near future. Source: PhotoXPress

The U.S. has admitted to using cyberweapons against Iran, but the international community and international law isn’t ready for warfare in cyberspace.

In the beginning of June the world woke up to a new era: The United States admitted to using cyberweapons.

Citing unnamed sources, the New York Times published a lengthy article, discussing U.S. use of cyberweapons to undermine nuclear facilities in Iran. The program of cyberattacks, begun during the Bush administration and code-named Olympic Games, has been accelerated by President Barack Obama. The attack plan became public after the combat malware, which was later given the name Stuxnet, escaped Iran’s Natanz enrichment facility and was sent around the world due to a programming error.

Experts disagree as to the scope of the malware’s efficiency, but it was reported that Stuxnet temporarily disabled nearly 1,000 of the 5,000 centrifuges Iran was using at the time to purify uranium. The U.S. Administration considered this a satisfactory result, because Iran’s nuclear effort was set back by 18 months to two years.

More details of the operation are available in David Sanger’s book “Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power,” which was published on June 5.

Technically, the United States had already acknowledged developing and using cyberweapons. For example, in May Secretary of State Hillary Clinton announced that the government services had hacked Al Qaeda’s website and made substantial changes to its content. This was the first formal acknowledgement of the U.S. government’s involvement in cyber attacks. However, essentially it was a trick worthy of a rookie hacker.

The article published by The New York Times suggests a totally different level of using computer technologies for military purposes. “It appears to be the first time the United States has repeatedly used cyberweapons to cripple another country’s infrastructure, achieving, with computer code, what until then could be accomplished only by bombing a country or sending in agents to plant explosives,” the article read.

The FBI’s investigation into the leak of classified data to The New York Times shows how serious the situation really is. For their part, some high-ranking republicans led by Sen. John McCain (Republican-Arizona) accused Obama of deliberately divulging classified information to look stronger during the election campaign. According to McCain, the president “is trying to boost his re-election chances while undermining national security.” The White House has denied McCain’s claims, but not the New York Times revelations.

Incidentally, the U.S. is pondering a new computer security bill, which is necessitated by both real challenges and the fact that while key infrastructure facilities in the country are privately owned, America’s national security depends on their stable operation. These include power grids, air carriers and the New York Stock Exchange.

Defense Secretary Leon Panetta, a former director of the CIA once said: “The next Pearl Harbor we confront could very well be a cyberattack.” And here lies the essence of the problem – compromising a website is not only about election maneuvers or leaks of classified data. A cyberattack might mean war.

“The United States made a statement not long ago that a cyberattack may be interpreted as an act of war against the U.S., giving sufficient reason to retaliate employing all the means it has,” said Gennady Yevstafyev, retired lieutenant general of the Russian Foreign Intelligence Service.

But technology develops faster than law and while cyberattacks are already happening, in international law, they are still in the gray zone. “It is very hard to identify the source of a cyberattack, especially if we have a superpower with a huge technological potential and complete superiority over its enemy, which does not have sufficient means to find and identify the source of attacks. This situation is currently made use of by modern aggressors in cyberspace,” Yevstafyev said.

Yevstafyev believes that international discussions must begin on the rules of conduct in cyberspace in order to avert a serious disaster. “The sooner the international community elaborates a strategy and tactics to address these issues, the better, because the things happening now should be regarded as hostilities,” he said.

All rights reserved by Rossiyskaya Gazeta.