Stuxnet Changes Terrorism Equation, Says Former CIA Official

BLACK HAT USA 2011 -- Las Vegas -- The ability of the Stuxnet cyberattack to physically impact equipment has made cybersecurity significantly more important for U.S. domestic security strategy, a former counterterrorism official told attendees during the opening keynote at the Black Hat Security Briefings in Las Vegas.

Until now, the primary worry of the U.S. government's counterterrorism groups has been stated by CBRN, which listed threats in order of likelihood: chemical, bacteriological, radiological, and nuclear, said Cofer Black, vice president for global operations for threat analysis firm Blackbird Technologies, and a 30-year veteran of the CIA's counterterrorism efforts. Since Stuxnet, terrorism concerns have morphed into KBC: kinetic, bacteriological and cyber, he said.

"The Stuxnet attack is the Rubicon of our future," Black told attendees, referring to the river near Rome that Julius Caesar crossed to start an insurrection and become emperor, and which has become synonymous with a point of no return. "Your world, which people thought was college pranks cubed and squared, has now morphed into physical destruction ... from the victim's view, of a national resource. This is huge."

The extensive research and development required to make Stuxnet a reality suggests a nation-state's efforts. And the ability to affect physical assets means that cyber must now be considered a tool that could be utilized by terrorists, Black said.

Stuxnet, considered the first known cyberweapon, caused centrifuges critical to uranium processing to malfunction in Iran's processing facility, setting back that nation's attempts to develop a nuclear program.

Black's statements came the same day security firm McAfee revealed that dozens of companies had been targeted by a massive spy network that attempted to steal intellectual property and sensitive government information. Dubbed Shady RAT, the network appears to be the work of a nation-state, although McAfee would not name a particular country.

Black discussed the United States' counterterrorism strategy, starting with efforts during the Cold War and both before and after Sept. 11. Attributing terrorist attacks to certain groups -- whether nation-sponsored or not -- has always been an important component of counterterrorism efforts. With the Pentagon establishing a policy that the U.S. could respond to cyberattacks with a broad range of military actions, attributing attacks to a particular actor has become even more important.

"We had the Cold War, the global war on terrorism, and now you have the 'Code War,' which is your war," he told attendees. "Cyber will be a key component of any future conflict, whether it is with a nation-state, a rogue state, or terrorist groups."

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.