April 28, 2012
The cyber-attack by the Stuxnet worm against Iran’s nuclear program, which the West suspects is designed to eventually produce nuclear weapons, was considered one of the most successful moves to date in the confrontation over the Iranian regime’s nuclear ambitions. This week, however, concerns were raised at the U.S. Congress that the cyber-attack may have been the “crossing of the Rubicon” for Iran, motivating it to engage in cyber-war against U.S. targets, including critical infrastructure.
“Stuxnet may be proof of Iran’s vulnerability and the effectiveness of other nation-states’ cyber-arsenals. However, it would also be possible for Iran to gain some knowledge for creating a Stuxnet-like virus from analyzing its effects,” Rep. Yvette Clarke (D) of New York said at the hearing of the Counterterrorism and Intelligence Subcommittee and the Cyber-security, Infrastructure Protection and Security Technologies Subcommittee, titled “Iranian Cyber Threat to the U.S. Homeland.”
“This leads to fear of reverse engineering, leading to a capability of the types of cyber-attacks on U.S. critical infrastructure that could rise to the level of a national security crisis. We must be prepared for such rogue actions and be prepared on the national defense level as well as protecting our critical business operations, vital infrastructure functions and, frankly, our daily lives,” Clarke said.
Clarke’s colleague Rep. Dan Lungren (R) of California said he is “happy” the Stuxnet virus “was used by somebody who was a friendly,” but warned that “as the victim of two recent cyber-attacks on nuclear and oil infrastructure and multiple U.S. embargoes, Iran, it would seem, would have motivation to strike out against those they think are responsible or anybody associated with those they think are responsible, or anybody who would stand on the sidelines and cheer those efforts.” He added that “Iran’s opportunity arises, as U.S. critical infrastructure companies have been slow to harden their assets against cyber-attacks.”