LONDON (Reuters) - We may never know for sure whether the Stuxnet computer worm was really a state cyber strike on Iran’s nuclear facilities, but hard-to-trace computer attacks look set to be a feature of 21st-century warfare.
Western experts say the worm’s sophistication — and the fact that some 60 percent of computers infected looked to be in Iran — pointed to a government-backed attack. Some speculated Iran’s first nuclear power station, at Bushehr, may have been targeted, perhaps by Israel.
But proving that is another thing altogether. Analysts say most major states — particularly China, Russia and the United States — have invested considerably in cyber warfare and defense in recent years, but details are inherently sketchy.
“Attribution is extremely difficult in cyber attacks,” said Derek Reveron, a cyber warfare expert at the U.S. Naval War College in Rhode Island. “Given how data moves around the world, determining the point of origin is difficult. Then there is the difficulty of determining if it was state-sponsored or not.”
That, of course, is a key part of their appeal. Russia was widely blamed for cyber attacks on Estonia in 2007 after a dispute over a statue of a World War Two Russian soldier as well as Georgia during its 2008 war. But nothing was ever proven, and some pointed to “patriotic hackers” operating independently rather than government agencies themselves.
What most experts do agree is that the increased reliance on computer systems for essential national infrastructure means such attacks are increasingly damaging.
Lights could be turned off, streets turned to gridlock by targeting traffic light control systems, satellites blinded and warships left dead in the water.
Partly as a result, cyber warfare is seen as a particularly appealing option for countries that remain far outmatched by the conventional military might of the U.S.
North Korea is seen as having particular advantages in any cyber confrontation — its own national computer infrastructure is so outdated that there would be little if anything for South Korea or U.S. cyber warfare experts to counter-attack against.
China’s “great firewall,” usually associated with censorship, is also believed to offer some defense against cyber attacks.
In his 2010 book “Cyber War,” former White House cybersecurity expert Richard Clarke sketches out a nightmare scenario in which online attacks bring the U.S. to a standstill — and the experts can’t even tell which country attacked them.
He says he believes the United States, China and others are already hacking into each other’s critical national systems, burying “logic bombs” and other attack software in the event they are needed — something he compares to the arms race and mechanization that preceded World War One.
“Invisibly, military units from over a score of nations are moving into a new battle space,” he writes. “Because the units are unseen, parliaments and publics have not noticed the movement of these forces... With attention divided elsewhere, we may be laying the groundwork for cyber war.”
Even if such a doomsday scenario never unfolds, most experts believe hacking is already taking its place alongside air strikes and special forces as tools for limited military activity.
“It may prove to be a useful tool in Syria in the long term, assuming Damascus pushes ahead with its suspected nuclear program and Hezbollah is so well armed — it already owns more rockets than most states — that Israel would think twice before launching air strikes ... as it did in 2007,” said Maplecroft political risk analyst Anthony Skinner.
However, there is no guarantee that a state subject to a cyber attack — even if was never able to categorically prove the source — might not retaliate in either a covert or open military way against those it is believed were responsible.
It’s not just about attacks. Experts say the main use of cyber capabilities by most countries is for hacking and spying, either for counterterrorism or commercial reasons. Authoritarian emerging states such as China and Russia are both frequently accused of using state spies to help government-linked businesses — and many analysts suspect Western countries have been guilty of the same as well. Few see that changing.
“States will continue to develop more sophisticated asymmetric — and deniable — cyber and information attacks,” said Jonathan Wood, global issues analyst at Control Risks. “Some of these may be used for strategic and military aims, others for commercial or diplomatic espionage.”
But so far, experts say cyber attacks have been limited to data theft or deletion. They have yet to come close to the physical damage of simply blowing something up the old-fashioned way.
“To my knowledge, there is no case of a cyber attack leading to physical destruction,” said cyber warfare expert Reveron. “It is certainly possible and drives much thinking about cyber defense. But so far, there aren’t any cyber “super weapons.””
Unless Stuxnet is, of course. And we may never know.
Editing by Charles Dick