Stuxnet has put us all on the front line of warfare 2.0

With the revelation that the US and Israel co-operated at the highest level on Stuxnet, the rules of international aggression are changing. The implications will be wide-ranging — and very personal
Written by Rupert Goodwins, Contributor

On 16 July, 1945, the world changed forever with the Trinity test and the detonation of the first atomic bomb.

The product of an unprecedented scientific and technical effort, its makers knew how it worked and what it could do — but knew also they could not predict what would happen next, once the secret was out.

Sometime in 2008 — the exact date is still secret — the world changed again. In an Iranian nuclear facility, a high-speed centrifuge span out of control, mystifying the engineers and disrupting the country's own atomic programme. It wasn't due to faulty components or misconfiguration: it was the result of a major attack by other nations, this time using the Stuxnet malware to hit at the very heart of a country the US and Israel considered a serious threat.

Siemens industrial controller

Stuxnet targeted industrial controller hardware such as the Siemens S7-300 controller, above. Image credit: Ulli1105/Wikipedia

While this was not the first time one nation has mounted a prolonged attack on another's computing infrastructure — the Chinese being implicated in 2003's Titan Rain assault on the US and the Russians in 2007's Estonian events — we now know that Stuxnet was a long-considered, multi-year project called Olympic Games, as reported by The New York Times.

We are directly connected to the battlefield in our work and personal lives, through the computers on our desks and the phones in our pockets.

Carried out soberly under the direct authority and personal control of the US president, the assault was made in the knowledge that once it became public, the rules for online warfare would change.

In a modern, mature democracy, nothing stays secret for long.

So we are once more at the beginning of a new age, one where nation states use computer attacks as part of the spectrum of aggression, somewhere between a stiffly worded ambassadorial note and a nuclear strike. With the internet and computing in general now militarised, Stuxnet's repercussions will be both deep and subtle, and only partially predictable.

Most political and military aggression short of war takes place independently of ordinary civilian life. This time, though, we are directly connected to the battlefield in our work and personal lives, through the computers on our desks and the phones in our pockets.

Our intimate technology can be, and doubtless will be, used as targets or staging posts in the conflicts that are to come, and thus will be seen as legitimate areas for manipulation or control by agents on all sides.

And those agents will be devilishly hard to identify or control. Any country or organisation capable of fielding a small team of technical experts armed with a few thousand dollars of hardware and an internet connection can establish and prosecute an assault, from anywhere on the planet. Those teams could be deeply embedded in the industrial or governmental organisations of the target, or be distributed in hotel rooms and chicken shacks around the world. They could be next door.

We know how states, even mature democratic states, react to distributed, hard-to-find threats, and how those reactions can affect our freedoms and rights. There may be no increased threat of nuclear holocaust in the new world order, but we will all be on the front line. Be prepared to fight.

Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.
Editorial standards