“If you shut down our power, maybe we will put a missile down one of your smokestacks” (source – unnamed military official). This quote was printed in the Wall Street Journal and has been a hot topic of debate after the Pentagon published their first formal cyber strategy document. In this document the U.S. militarymade it clear that any cyber attack from a foreign country will be considered as an act of war, and a traditional military response could well be warranted in retaliation. In concluding statements the document reports “computer sabotage coming from another country can constitute an act of war… [this] opens the door for the US to respond using traditional military force.”
Military chiefs have long been aware of how the Internet can be used in the delicate realm of international relations/security and militaries now have large budgets, of millions of dollars, to develop cyber warfare. Cyber warfare has actually proved to be not as big a threat as many believed it could be and the amount of cases of real damaging cyber attacks are minimal. Peace groups, activists and other pacifist groups are condemning U.S. for suggesting that a cyber attack is proportional to a traditional military attack especially as the U.S. was the one to throw the first stone.
This stone was called Stuxnet and was discovered by a Belarusian company in 2010. Stuxnet is a worm created to deliberately target the gas centrifuges of the Iranian nuclear program and it was highly successful. The worm contained elements previously unseen and is considered to be technically sublime, it is estimated that it put Iran’s nuclear program back by at least two years.
Some of you may be aware that earlier this year a Secure Sockets Layer (SSL) certification authority named Comodo was hacked. This is a very serious attack as it jeopardizes the security of secure portals for actions like online banking and using email accounts. Without these kinds of connections no secure transactions can take place.
Comodo provides one of these secure portals and once hacked allows the hacker to access the most private of information shared on that portal. After Comodo traced the hack it found its origins in Iran and claimed that it must have been state sponsored. However a few days after the media fanfare (OMG the Iranian’s are coming!) the real hacker popped up online stating “I should mention my age is 21…When USA and Israel write Stuxnet, nobody talks about it, nobody gets blamed, nothing happened at all…I say that, when I sign certificates nothing should happen.”
The US has got to be careful at the language it uses and also its actions in the real world. If they are prepared to use malicious software against other countries, then what do they expect in return? The US more so then any other country heavily relies upon its Internet for so many things, imagine the impact if Wall Street’s computer network was brought down even for a day. Countries like Iran do not rely so much on the Web and so do not feel the effects so much if they get attacked in cyber space.
Hacking is no longer a fantasy of movies but a real problem that has the potential to break the relations between countries. Cyber defense technology is way behind cyber attack technology meaning that pretty much anyone can put the viral cat amongst the nation-state pigeons.