/// Born on the 4th of July: Will There Be Collateral Damage in Cyberwar to U.S.?
If you needed any further evidence about the possibility of an unexpected blowback from the creation of the Stuxnet worm and other cyber weapons like it, the U.S. Department of Homeland Security has something for your night table, bound to keep you awake. Earlier this week, it released the 17-page report embedded below detailing the activities of the Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT for short. It’s DHS’s group that responds to cyber incidents on those specialized computers that control industrial machinery, which are ometimes they’re called SCADA systems. They’re the kind that were targeted in what’s turned out to be a joint US-Israeli cyber-campaign against the Iranian nuclear research program. Stuxnet was the first worm detected, but it came later, after the creation of Flame, a piece of software that can on command record everything that goes on inside and in the general vicinity around computer. The Washington Post , citing intelligence sources, reported both were created as a result of the the combined efforts and resources of the U.S. and Israeli intelligence agencies, filling in some gaps of reporting initially done by the New York Times . The report details the number of incidents at numerous critical infrastructure sites: Energy plants, water facilities, factories, that sort of thing. The first bit that everyone pays attention to is the number of incidents reported skyrocketed from nine in 2009 to 198 in 2011. A lot of that increase can probably be attributed to the fact that the ICS-CERT was a relatively new creation. But the part that caught my eye was what the government wordsmiths at DHS creatively called “sector distribution.” In 2009, there were all of four sectors targeted for some kind of malicious attack: Dams, energy, water and two attacks that crossed sectors. Last year, there were 10 sectors targeted and 49 cross-sector incidents. See the graphic below for the breakdown: On the bottom of page nine, the report covers a case where a “critical manufacturing facility” — it doesn’t go into any more detail than that — discovered that its engineering workstations were all infected with Stuxnet. ICS-CERT arrived on the scene, confirmed that the malware infecting the machines was indeed Stuxnet, and cleaned up the mess. Consider for a moment that Stuxnet was never intended to be seen in the wild in the first place, but had, in the words of one intelligence official, “escaped,” and you get the idea of the kind of unintended consequences that the age Cyberwar age brings with it. That is to say: Silent, invisible weapons, adapted and turned back on their creators. The fact that it was found infecting systems thousands of miles away from its intended target — outside of the control of the people who initially deployed it — raises questions about whether such a weapon can be realistically controlled without causing what in conventional warfare is known as collateral damage. And make no mistake: This is a new age of warfare, comparable with the nuclear age that dawned in 1945 with the atomic bomb attacks. Who says so