The leaked Israeli government document I published last week is a sales pitch outlining Israel’s putative attack on Iran. It would begin with a massive cyber-attack:
“The Israeli attack will open with a coordinated strike, including an unprecedented cyber-attack which will totally paralyze the Iranian regime and its ability to know what is happening within its borders. The internet, telephones, radio and television, communications satellites, and fiber optic cables leading to and from critical installations—including underground missile bases at Khorramabad and Isfahan—will be taken out of action.”
Richard Stiennon, a Forbes technology writer who specializes in cyber-security, wrote a short piece for the magazine that discussed the cyber-warfare elements of the plan. Unlike those Israelis planning this strike, Stiennon is worried about the unforeseen consequences of such sabotage and mayhem:
The chances are pretty high that the teams involved in creating Stuxnet and Flame and maybe Duqu and Gauss would be in a position to architect such an attack against Iran’s infrastructure. Along with severing fiber entry points, Iran’s communication could be shut down. But what happens to the Internet when such an attack is launched? Will the weaponized malware work perfectly and not escape to the rest of the world? This document pretty much describes all-out war with Iran. In such a gamble do the planners even care about minor disruptions to power grids in the rest of the world? Or does that not carry much weight in the balance? This specter of an Israel-Iran war, whoever starts it, has become a looming threat for IT and communication systems everywhere.
In other words, if/when Israel attacks Iran we will have the first all-out use of cyber-warfare as part of the arsenal of a conventional war. Until now, such assaults have been somewhat carefully modulated. No state has tried to maximize the destructive capabilities of these weapons. In the next war, this will likely not be the case. Why? Because Israel does not wage limited war. When it fights it throws everything (except perhaps nukes) into the effort. It spares no one on the opposing side. An attack on Iran is likely to be very similar to attacks on Lebanon in 2006 and Gaza in 2009, except that if anything Israel will mount an even more comprehensive effort to decimate Iran than the previous targets.
Another portion of the Israeli document mentions that it will use a carbon filament technology to cause massive short circuits in the electrical transformers in Iran. This in turn will turn the nation’s electrical grid into a shambles. Here are Stiennon’s comments on possible unanticipated repercussions from this tactic:
Carbon whiskers unleashed to disable transformers??? Oh yes. I remember my very first boss, Curt Vail, who had introduced computer structural analysis at Boeing, relating the story of Boeing engineers who were developing carbon whiskers, amazingly strong and stiff materials. Somehow just a few grams got released into the atmosphere and shorted out transformers throughout the Pacific Northwest. I do not like the idea of kilograms of this stuff escaping the target area and even reaching the upper atmosphere. It could be decades before power grids could be free of this menace.
Here are two credible threats to global systems: a massive cyber attack that could spread to the rest of world and interfere with SCADA systems everywhere and carbon whiskers that could short out power transmission systems. Defenses against both should be put in place as quickly as possible.
Just as Stuxnet escaped the bounds of its intended targets and infected computers throughout the world, the cyber-security analyst warns that a great number of these vaunted systems of attack against Iran could rebound against innocent third parties. In this way, such a war will rapidly escalate from an intramural fight between two nations, to a potential regional maelström. Israel will care little for peripheral damage it causes to neighboring countries like Azerbaijan. Only if it causes damage to nations as powerful as itself will it be concerned. This likely means that only the U.S. could rein in such an attack. But given that the U.S. was Israel’s partner in the creation of Stuxnet, Israel could just throw it back in our face and say: “when it was convenient to your interests you joined with us in creating a cyber-weapon. But now that it’s not, you hypocritically call for us to stop.” And Israel would be right. That’s why cyber-warfare is a slippery slope and why it should be regulated or prohibited under international law.
There will come a time when a cyber-weapon will destroy a power plant or cause an explosion in a building. Many will die if that happens. Only then will we turn around, as we do here in the U.S. after the latest gun-induced massacre, and wring our hands and wonder why we didn’t do anything to address this menace.