(Cyberwar.news) In mid-2009, a complex computer virus began circulating around the globe. The few cyber security experts who were aware of its existence could not figure out where it came from, who developed it, and for what purpose it existed.
Eventually that purpose became known. The destructive virus, called “stuxnet,” made its way into Iran’s nuclear research facility at Natanz, where – over the course of 17 months – it was able to speed up about one-fifth of the facility’s centrifuges used to enrich uranium to weapons-grade quality, thereby disabling them. Then the virus self-destructed and that was the end of it – or so its developers believed (more on that later).
As reported by The New York Times, computer security experts and cyber warriors concluded that the stuxnet virus was most likely a joint U.S.-Israeli creation aimed at delaying, if not thwarting outright, Iran’s nuclear weapons development.
Deployment of the virus was also the first known use of a cyber weapon, and it has set off internal debates among governments and within diplomatic circles about the need for some sort of “cyber weapon treaty” of a kind that outlawed the use of chemical weapons following World War I and placed limits and verification requirements on the development and deployment of nuclear weapons.
Because like nuclear weapons, cyber weapons have the capability of destroying the planet as we know it and cause, literally, millions of deaths in a very short period of time.
In May 2014, as Natural News reported, several experts told the House Homeland Security Committee’s Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies that an electromagnetic pulse (EMP) explosion, either occurring naturally or via a major sun spot, would wreak havoc and devastation on U.S. infrastructure, all of which is electronically controlled and regulated. The result: a casualty rate as high as 90 percent.
“The civilian grid, in my judgment, is very vulnerable,” Rep. Trent Franks, R-Ariz., said during the hearing. “Some of the largest transformers, the very largest ones, have an inherent resistance to all but the more intense electromagnetic pulses. But the fact is, we have enough of those mid-range transformers where a major event would be catastrophic.”
Now granted, the hearing was focused on an EMP event – but a cyber attack could also destroy much of the nation’s electrical power grid, as well as our financial system and other infrastructure. And while the U.S. would of course retaliate against the attacking nation, in the meantime our highly technological society would instantly be crippled, and not for a short period of time. So it’s not out of the realm of possible to predict that, should an enemy target U.S. infrastructure, the casualty rate would be just as high.
Which brings us to the need for a treaty.
Over the past several years nations have been developing cyber war capabilities and, frankly, many countries’ capabilities are quite advanced, especially China, Russia and even Iran.
But with this capability comes incredible responsibility, and right now, many nations are not being responsible when it comes to cyber capabilities. The United States’ first documented use of cyber warfare has only led to cyber offensives directed at the U.S. – our military, government, civilian and financial systems have all been targeted for theft and disruption.
What’s more, however, the lack of a treaty has given traditional nation-states plausible deniability; Russia and China routinely deny direct responsibility for any cyber attacks directed at the United States – though the hacks can be traced back to their countries – because they often use “independent contractors” and even criminal enterprises to do their dirty work. And many of them are not actually sitting at computer terminals in either country.
“With nuclear weapons, we at least had some idea from satellites about how many weapons the Soviet Union had and what they were capable of,” Robert Axelrod, a political scientist at the University of Michigan, told NBC News. “Cyberweapons are different. They can be stockpiled with other countries knowing it, causing them to be more frightened than they need to be, or not frightened enough.”
As for stuxnet, according to NBC News, it managed to “escape” via someone’s laptop, possibly. Now it’s “out there,” and available to anyone who might want to attack some other country’s critical infrastructure (imagine if it were directed at a U.S. nuclear power plant).
Stuxnet certainly met its objective — delaying Iran’s nuclear progress. But its “escape” was probably unforeseen, said Axelrod, who has just completed a study with Michigan researcher Rumen Iliev on why governments launch cyber attacks, the timing behind them, and what kind be done to prevent them from getting out of hand. The escape of stuxnet is just one of the many dangers of letting cyber conflicts go unregulated, he added.
“I think it could lead countries to realize that that they can’t exactly judge another country’s capabilities on what they see on a day-to-day basis,” he said. “That makes any kind of established norms or agreements on limiting the use of cyberweapons more valuable.”
Read more about Cyber Security at cyberattack.news