The fallout from Stuxnet also had many political consequences, all the way to the White House. Former vice-chairman of the joint chiefs of staff, General James Cartwright, one of the central figures in developing Stuxnet, and often referred to as “Obama’s General”, pleaded guilty to leaking the Stuxnet operation. Cartwright was essentially New York Times reporter David Sanger’s go-to-man when it came to delving out sensitive information regarding Stuxnet and Operation Olympic Games. In fact, the vast majority of information still available online that speaks about the intricate details of Stuxnet is the very information that Cartwright fed to Sanger.
Sanger’s publication, ‘A Perfect Weapon’, further solidified their relationship as Sanger himself writes about Stuxnet in great detail, also mentioning his affiliation with Cartwright as his source. Yet Cartwright, while admitting it was wrong to lie to the FBI, defended his actions, stating, “I knew I was not the source of the story and I didn’t want to be blamed for the leak. My only goal in talking to the reporters was to protect American interests and lives…I love my country and continue to this day to do everything I can to defend it.” Victim or leaker? It’s a contentious issue that comes into play with the new world of cyberwarfare.
Cartwright was ultimately pardoned by President Obama just days before leaving office, sparing the general what may have been a two-year sentence. In a statement, Mr. Sanger said he was “happy to see that President Obama has taken this step,” and that he [Sanger] had “many sources, from around the world” and that General Cartwright had “showed concern that information damaging to U.S. interests should not be made public.” In defending his investigative journalism, Sanger added that “The Times [New York Times] has frequently said that stories like this one are critical to helping Americans understand how decisions on vital national security matters are made. Leak investigations have the effect of making people less willing to talk, and the result is often a loss for our democracy.”
To this day, both the United States and Israel have publicly denied that Stuxnet was their invention – and perhaps that’s one of the biggest problems facing today’s cyberwar issues, according to experts. How can you fix a problem that nobody is willing to admit they started? How can you have an open and frank discussion on a topic that nobody even acknowledges is a growing challenge for the world?
Act of War?
Says Richard Clarke, “If we went in with a drone and knocked out a thousand centrifuges [in Iran], that’s an act of war…But if we go in with Stuxnet and knock out a thousand centrifuges, what’s that?” According to Clarke, that’s a “…covert action. And the U.S. government has, ever since the end of World War II, before then, engaged in covert action. If the United States government did Stuxnet, it was under a covert action…issued by the president under his powers under the Intelligence Act. Now when is an act of war an act of war and when is it a covert action? “That’s a legal issue. In U.S. law, it’s a covert action when the president says it’s a covert action. I think if you’re on the receiving end of the covert action, it’s an act of war.”[iii]
We have treaties and established practices regarding nuclear weapons and chemical & biological warfare, so why not the same measures in the cyberworld? It sounds rather straightforward at first glance, but as you dig deeper, the challenges are terribly complex. Decades old treaties with well-known threat agents – nuclear and chemical & biological weapons – could be largely accounted for with rigorous inspections, and punished accordingly, with economic sanctions. The International Atomic Energy Agency (IAEA) and countless other inspection bodies throughout the world are busy at all times visiting, inspecting, counting, verifying – and confidently concluding – who's been naughty and who's been nice in the world. But as for cyber, it’s much different – hauntingly different – and that’s the challenge. While nuclear weapons are held by countries who have a clear understanding of their power – and horrific consequences if unleashed – cyberwar seems absent of such boundaries, and thinking.
So, what do some of the world’s top political operatives – such as former Vice President Dick Cheney – have to say regarding America’s challenges with Iran?
Dick Cheney’s Take on Iran
Always present on Cheney’s mind when discussing Iran is nuclear proliferation. It’s been a back-and-forth struggle as America continues to work around the clock in hopes of taming Iran’s nuclear ambitions. From cyberattacks that crippled the Natanz nuclear facility in 2009 to the Iran Nuclear Deal of 2015 – an agreement Cheney once called “madness” – Iran represents a multitude of Challenges for the United States, according to Cheney. Cheney’s stance on Iran’s quest for nuclear technology over the years has been consistent and straightforward; deny the regime. During a joint press conference in 2007 with Australian Prime Minister John Howard, Cheney noted how “It would be a serious mistake if a nation like Iran were to become a nuclear power…”.
In 2015, while appearing on Fox News Sunday with Chris Wallace, Cheney contended that “[T]here are lessons from the past on which we can draw.” Cheney then cited Israel’s 1981 attack on Iraq’s Osirak nuclear reactor; the Gulf War, in which the U.S. destroyed Saddam Hussein’s nuclear program; the 2003 invasion of Iraq, which Cheney said convinced Libya to abandon its nuclear program; and Israel’s 2007 attack on a nuclear reactor in Syria. Said Cheney, “In each of these cases, it was either military action or the credible threat of military action that persuaded these rogue regimes to abandon their weapons programs. Iran will not be convinced to abandon its program peacefully unless it knows it will face military action if it refuses to do so.”
While the debate on Iran continues to center largely around the country’s never-ending quest for obtaining nuclear technology, the lessons learned from Stuxnet are abundantly clear. Any nation state or terrorist group can easily obtain cyber technologies – it doesn’t take billions of dollars or years to produce – rather, laptops, Internet connectivity, and computer specialists who understand the labyrinth of interconnected networks.
Currently, Iran, Russia, China, and North Korea all possess immense cybersecurity capabilities, with each of these nations unleashing digital attacks against America’s infrastructure in recent years. From our banking systems to power grids, no industry has been spared from the barrage of cyber-attacks unleashed by these countries. The dawn of cyberwarfare is upon us all. It will only continue to grow in terms of sophistication, complexity, and its ability to wreak havoc on its targets. Currently, the United States is woefully unprepared for protecting ourselves against the never-ending wave of cyber-attacks, but we need to change. We need to change our mindset, our attitude, and begin to realize just how serious these threats are.
Read on! Part I, Part II, Part III, and Part IV of the story.
Comments