What You Don't Know About Cyberwar Could Kill You, Warns Zero Days

What if someone infiltrated our nuclear command and control so that if we pushed the button, nothing happened? Or if something did happen even without our pushing the button? What if Pakistan did this to India, or India to Pakistan?
This post was published on the now-closed HuffPost Contributor platform. Contributors control their own work and posted freely to our site. If you need to flag this entry as abusive, send us an email.
Close-up view on conceptual keyboard - Danger (yellow key with radiation symbol)
Close-up view on conceptual keyboard - Danger (yellow key with radiation symbol)

Zero Days may be the most important movie you will see all year. It helps you understand something you thought you could never understand: cyberwar.

I have studied nuclear, biological and chemical weapons for 35 years. So, I figured I knew a good deal about the threats of mass destruction. I was wrong.

I have been largely ignoring the new cyberweapons that many talk about but few really get. After seeing Alex Gibney's new thriller, Zero Days, which opens nation-wide July 8, I now believe these pose a greater threat to America than any other weapon save nuclear. And like nuclear weapons, the United States created them and used them first. And, like nuclear, they have proliferated.

Cyberweapons are computer programs - commonly known as viruses -- spread through the Internet or by infected disks or thumb drives - that can take over a computer's functions. By now almost everyone with a computer has experienced some version of this malicious software.

But if you thought the threat was limited to stealing your credit card or wiping out your company's files, you, too, are wrong. In 2010, computer viruses took a deadly leap. They went from software (or code) that affected other software, to code that could take over hardware. A virus could not just take over your computer; it could take over your factory. Or your electric power grid. Or your nuclear missile silos.

Here's the worst part. The group that made this leap wasn't ISIS, or North Korea, or a James Bond criminal syndicate. It was us.

The United States worked with Israel to develop the "Stuxnet" virus, in order to take over Iran's centrifuges - the machines used to enrich uranium. The still-classified story, first revealed by David Sanger in The New York Times and grippingly told in this new film, is horrifying. It is, as Sanger says, "the first, the biggest and most sophisticated example of a state or two states using a cyber weapon for offensive purposes."

Stuxnet worked. It destroyed over 1000 of Iran's centrifuges by manipulating their operations until they literally broke apart. But it also failed. The Iranians recovered and built many more centrifuges. They were racing towards the ability to quickly make the material needed for a nuclear bomb.

Where cyberwar, sanctions and military threats failed, diplomacy succeeded. On July 14th of last year, negotiations lead by the United States culminating in an agreement that stopped the Iranian program and convinced the Iranians to rip out over 14,000 of their machines. The New York Times editorialized:

"The final deal with Iran announced by the United States and other major world powers does what no amount of political posturing and vague threats of military action had managed to do before. It... is potentially on of the most consequential accords in recent diplomatic history."

But it came too late to prevent the dangerous new arms race Stuxnet unleashed. The cyber leap, once taken, cannot be undone. Other nations have followed our lead. There have been scores of nation-state attacks on other systems since Stuxnet, including two by Iran directed against Saudi Aramco and American banks that, according to the Symantec experts in Zero Days, were an explicit warning to us: we can do it too.

Former CIA Director Michael Hayden tells Gibney that when he learned of the attack he felt, "This has a whiff of August 1945. Somebody just used a new weapon and this weapon will not be put back in the box."

Cyberweapons can replace suicide bombs. They can take over a rail system, switch tracks and crash trains. They can close valves on a gas pipeline and cause an explosion. Basically, they can sabotage anything run by electronic controls. "Imaging for a moment that not only all the power went off on the East coast," one expert explains in the film, "but that the entire Internet came down. Imagine what the economic impact of that is, even if it only lasted for 24 hours."

It gets worse. Government whistleblowers tell of another program we perfected, "Nitro Zeus," designed to attack Iran's command and control system. In the event of war, we could shut down their ability to talk to each other, to shoot down our planes. "We also went after their civilian support systems," one source revealed, "Power grids, transportation, communication, financial systems. We were inside, waiting, watching, ready to destroy those systems with cyber attacks."

What if someone did that to us? What if someone infiltrated our nuclear command and control so that if we pushed the button, nothing happened? Or if something did happen even without our pushing the button? What if Pakistan did this to India, or India to Pakistan?

If this is beginning to terrify you, you are getting the point. We all must learn more. Maybe we will all agree that we must expand our new Cyber Command, the military command set up to wage cyberwar. Or maybe we will agree with national security expert Richard Clark that we can rein in this threat with new arms control agreements.

But we can't have that debate if we don't know what our own government is doing. That is why it is so important to break down the wall of secrecy that shields our own programs from oversight. That is why seeing Zero Days may be your first step to understanding the dangers created by these new weapons.

Popular in the Community

Close

What's Hot