The New York Times revealed today what many experts had already asserted regarding the United States role in the Stuxnet attack.
While speculation of U.S. involvement complicated international relations on cyber conflict, an acknowledgement of U.S. involvement in a forum such as the New York Times heralds in a brave new world of cyber conflict.
Targeting of critical infrastructure during conventional conflict has been the status quo for decades, with cyber attack legitimized in a traditional conflict context emerging over the past 15 years. What changes with the Stuxnet revelation is the targeting of critical infrastructure as a component of international strategic objectives.
Operation Olympic Games formally acknowledges, through actual offensive state sponsored action, that critical infrastructure is a legitimate target for cyber attack during times of peace.
If the United States includes critical infrastructure as a legitimate target of attack, can we not assume that other nations can target our infrastructure if it meets their criteria or strategic objectives? Is this not Unrestricted Warfare manifesting itself not within China policy, but U.S. policy?
Private infrastructure owners have just been put on notice that overt state sponsored attacks are the new reality. Who will be targeting you?
(With permission from OODAloop.com)
This post by MattDevost was first published at CTOvision.com.
My company Atos has a large role in ensuring the security for the games. We have done so since the Salt Lakes games. Enormous amount of preparations take place, curious to see other Govlooper’s response.