(Translated from the original Italian)
I was reading an interesting article on cyber war, and I was interested by the comparison between Stuxnet to the first nuclear bomb detonated at a site nicknamed Trinity in the barren Jornada del Muerto desert of New Mexico on July 16, 1945.
Although the comparison must be made within the proper proportions, it illustrates the concept of information warfare that has become part of our everyday life. Suddenly the world has realized the danger of cyber weapons, their capabilities, and their insidious ability to operate silently for years without detection.
The major world powers have realized the importance of this new type of attack, characterized by a lower investment when compared to conventional attacks, and especially note the ability to work covertly without having to seek the consensus of the international community about a possible military intervention.
President Obama is one of the main supporters of this new offensive, as it is politically convenient and potentially less devastating than a military option.
The dissemination of news about the Olympic Games project promoted by President Bush and sustained by Obama represents the consecration of the concept of cyber war. The United States is investing heavily in this area, even recruiting hackers from the civil sector to build cyber armies to engage in continuous offensives, and the American Plan X is an example.
News regarding the discovery of new cyber weapons will be published with increasing frequency, the real question to ask is if the world is really prepared to respond to these attacks. The stakes are high, security is critical for every nation, and the whole world must be analyzed as a monolithic system in which the weakness of a single nation could jeopardize the security balance on a global scale.
Wars today can be fought with keyboards and the scenario we are facing is extremely complex: On the one hand, we have technologically advanced nations such as the U.S. and Israel; on the other are nations who are entering the cyber scene with aggressive policies such as China and Iran - both of which are investing significantly to develop cyber offensive capabilities.
The reality is that even major nations today are vulnerable to cyber attacks, and too many governments are now interested in organizing offensive operations regardless of the possible effects, and this is extremely worrying.
Today there is no real open dialogue between nations on the subject, but what is more concerning is the limited involvement of the people in the issue, and too many people are completely ignorant of the risks of a cyber attack.
Officially, cyberspace is being addressed in every military strategy as a domain of war. The Pentagon has already recognized it as a vital environment to defend like land, sea, air and space.
Another focal point in approaching the concept of cyber warfare is the involvement of actors that were once out of power loop and political dialogue. Today it is relatively easy to train a group of hackers or hire cyber mercenaries to work on a project to attack a foreign state. Stuxnet and Flame have created new and dangerous scenarios, and we are all aware that they are only the tip of the iceberg.
Cyber attacks are unpredictable and difficult to trace, and due this nations must focus on cyber defense. The discovery of the latest cyber weapons has surely accelerated the development of similar agents all over the world.
Today it is quite simple to retrieve the source code for these agents in the underground black market, and teams of experts could adapt them to produce new and aggressive attack methods.
R. Scott Kemp, a global security specialist at Princeton's Woodrow Wilson School for Public and International Affairs, declared that the U.S. should be preparing to defend itself:
"A Stuxnet-like attack can now be replicated by merely competent programmers, instead of requiring innovative hacker elites. It is as if with every bomb dropped, the blueprints for how to make it immediately follow."
That's as true as it is dangerous. Let me conclude with another statement from the article:
"Just about everything that relies on computer code and links to a network could be vulnerable to attack: communications systems, satellites, security systems, banking networks, trains, power plants, water systems and power grids"
It paints a perfect picture of society today, as all are merely nodes of the same network, and we must protect them.
Cross-posted from Security Affairs