Stuxnet is a word that has struck fear in the hearts of cyber experts the world over. The advanced computer worm, which bored its way into Iranian nuclear program computer networks, demonstrated the vulnerability of critical infrastructure to malicious hacking.
But former counterterrorism czar and cybersecurity guru Richard Clarke says Stuxnet was actually a failure.
“As a covert program, the attack was meant to be not only unknown, but unattributable,“ he wrote in an article on ABCNews.com. Instead, the cyber threat garnered international attention. Second, Stuxnet was isolated and “interrogated.“
“One can be sure that highly skilled hackers in several countries are even now taking it apart, modifying it and getting it ready to destroy some other target,“ he added.
Stuxnet's failures do not make the world safer, though, Clarke writes. He likens the fallout from Stuxnet to a boomerang. For instance, the international media attention heaped on the bug has pushed Iran toward retaliation.
And Iran's response “need not be in cyberspace,“ he wrote, “but could instead come in the form of increased deaths of Americans in Iraq and Afghanistan from Tehran’s vast supply of road side bombs.“
Iran's response could come in cyberspace, too, he said, because the worm's code has been so heavily disseminated.
All is not lost though, Clarke said, but it will require a more proactive from the government in protecting private computer networks, which, so far has mostly taken a hands-off stance.
Richard Clarke, a counterterrorism official who served under George H. W. Bush and George W. Bush, as well as President Bill Clinton, is the author of “Cyber War: The Next Threat to National Security and What To Do About It.”