Globalization has fueled the expanding influence of technological developments—so much so that states’ battles have moved into high-tech trenches. The Stuxnet virus that recently infected over 30,000 computers in Iran—and most notably, systems in Iran’s civilian nuclear power plant in Bushehr—raises numerous questions concerning the standing global policies on cyberwarfare and the future of cyber security. [1]
Although the source of the virus and its motives still remain veiled in mystery, experts have deemed the Stuxnet virus a “cyber-weapon,” due to its ability to penetrate and reprogram the sensitive processes of industrial machines by impersonating valid software. [2] The circumstances of the virus’s attack on Iran provide further evidence of an intentional cyber-attack on Iran: with its growing nuclear ambitions, Iran has been declared as a threat to global security predominantly by western countries. [3] Israel is currently the primary suspect for the source of the virus due to its investment in Unit 8200, its secret cyberwarfare operation, and because of Israel’s perceived threat of Iran’s nuclear program, which Israel believes has potential for the construction of nuclear bombs. [4]
This attack on Iran may prove influential as to whether states begin to approach cyber security with a defensive versus offensive approach, as states become aware of the implications of a massive cyber-attack and the potentially violent retaliations in response to provocation in the cyber arena. Western analysts, such as Richard Clarke, who managed the counter-terrorism operations of the White House and warned of al-Qaeda pre-9/11, have been stressing the urgency of forming international regulations regarding cyber security in lieu of the looming threat of an outbreak of cyberwarfare. [5]
A future approach to addressing the issue of cyber security might include the creation of an international regime governing the issues associated with this evolving field. However, the impact of such a regime on state sovereignty may be seen as unfavorable by technologically advanced states that favor an offensive approach to cyber security, such as the United States. The European Union and the United States have recently encountered disagreements about NATO’s “strategic concept” strategy document over the concept of “active cyberdefense”, which maintains that an offensive approach to cyber security is necessary to have an adequate defensive system; the EU favors a defensive approach against cyber-attack and is hesitant to accept the United States’ support of “pre-emptive strikes” against countries or organizations considered to be hostile. [6]
Thus, the future of regulating this dynamic field remains uncertain as states continue to assess the various means of approaching cyber security. One thing, however, is for certain: having in mind the increasingly technologically-dependent state of global affairs, inadequate defense against a large-scale cyber-attack evokes devastating implications for the international community.
[1] Blake Hounshell, "6 Mysteries About Stuxnet," Foreign Policy (Washington, D.C.), Sep. 27, 2010,
http://blog.foreignpolicy.com/posts/2010/09/27/6_mysteries_about_stuxnet.
[2] Farhad Manjoo, “Don’t Stick It In: The Dangers of USBs,” Slate (Washington, D.C.), Oct. 5, 2010, http://www.slate.com/id/2270003/.
[3] Gideon Rachman, “An Undeclared War in Cyberspace,” Financial Times, Oct. 4, 2010, http://www.ft.com/cms/s/0/539534a0-cfeb-11df-bb9e-00144feab49a.html.
[4] James Blitz, “Security: A Code Explodes,” Financial Times, Oct. 1, 2010, http://www.ft.com/cms/s/0/fcce9b76-cd8c-11df-9c82-00144feab49a.html.
[5] James Blitz, “Security: A Code Explodes,” Financial Times, Oct. 1, 2010, http://www.ft.com/cms/s/0/fcce9b76-cd8c-11df-9c82-00144feab49a.html.
[6] Joshua Keating, “U.S. and Europe at Odds Over Cyberdefense Policy?” Foreign Policy (Washington, D.C.), Oct. 5, 2010, http://blog.foreignpolicy.com/posts/2010/10/05/us_and_europe_at_odds_over_cyberdefense_policy.
No comments:
Post a Comment