Iran recently reported it had been targeted by a cyber attack of unknown origin, later dubbed “Flame.” Its objective was not to disrupt any network systems but to ransack computers for intelligence. Flame was discovered on the laptops of top Iranian officials and scientists.
The immediate speculation was that Flame, like the earlier “worm” Stuxnet, was produced in a joint effort by the United States and Israel. Stuxnet, as The New York Times reported, was a bid to disrupt uranium-enrichment centrifuges key to Iran’s presumed drive to acquire nuclear weapons. The success of the attack isn’t known with precision, but analysts believe it did unbalance and wreck several hundred centrifuges.
The United States has entered a shadowy new arms race, conducted with unseen weapons whose origins in some cases may never be traced. Even more worrisome, the offensive side of this arms race is far ahead of the defensive side. It’s not clear how cyber attacks can be deterred or how safe we are from a crippling attack on the digital infrastructure that governs power plants, water services, air traffic control and the like.
The Times reported that the Stuxnet worm was part of a program that dates from the Bush administration, and whose deployment was authorized by President Barack Obama. The cyber attack slowed Iran’s progress toward having nuclear weapons and deterred any moves by Israel toward a conventional military strike on Iranian facilities, which would have risked a wider war in the Middle East.
Yet Stuxnet raises concerns about the vulnerability of our own digital infrastructure.
The targets of any cyber attack would include more than civilian networks. Over the years, the military has become increasingly dependent on cyberspace.
Forces that were once “platform centric” - built around weapons platforms like tanks, ships and planes - have become “network centric.”
Forces on land, sea and in the air are tied together by digital links, which makes the network itself the most lucrative target of all for any enemy. Take out or disrupt the network, and troops, ships and planes in a combat zone become isolated and vulnerable.
Analysts believe the nation’s computer systems are hit virtually every day by Chinese hackers or cyber warriors, who seem mainly intent on raiding Pentagon systems for intelligence or corporate systems for trade secrets and technology.
Even so, the dawn of cyber war heralds an age of higher risk, as Defense Secretary Leon Panetta has warned. The next Pearl Harbor, he said last year, could come in the form of a debilitating computer attack on our power grid or financial markets.
The Obama administration must insist that our computer warriors give some thought not only to devising new cyber weapons, but to defensive measures capable of detecting and confounding attacks by foreign powers or terrorist groups.