The New York Times revealed today what many experts had already asserted regarding the United States role in the Stuxnet attack.

While speculation of U.S. involvement complicated international relations on cyber conflict, an acknowledgement of U.S. involvement in a forum such as the New York Times heralds in a brave new world of cyber conflict.

Targeting of critical infrastructure during conventional conflict has been the status quo for decades, with cyber attack legitimized in a traditional conflict context emerging over the past 15 years. What changes with the Stuxnet revelation is the targeting of critical infrastructure as a component of international strategic objectives.

Operation Olympic Games formally acknowledges, through actual offensive state sponsored action, that critical infrastructure is a legitimate target for cyber attack during times of peace.

If the United States includes critical infrastructure as a legitimate target of attack, can we not assume that other nations can target our infrastructure if it meets their criteria or strategic objectives? Is this not Unrestricted Warfare manifesting itself not within China policy, but U.S. policy?

Private infrastructure owners have just been put on notice that overt state sponsored attacks are the new reality. Who will be targeting you?

About the Author

Matt Devost

Matthew G. Devost is the CEO & Co-Founder of OODA LLC. Matt is a technologist, entrepreneur, and international security expert specializing in counterterrorism, critical infrastructure protection, intelligence, risk management and cyber-security issues. Matt co-founded the cyber security consultancy FusionX from 2010-2017. Matt was President & CEO of the Terrorism Research Center/Total Intel from 1996-2009. For a full bio, please see www.devost.net