As U.S. interests become the target of more and more cyberattacks from around the world, it’s worth remembering that the U.S. fired the first shot, according to National Security Agency whistleblower Edward Snowden.
During a recent interview with PBS yet to be aired, Snowden said that the U.S. was the first to use such a destructive cyberattack against Iran’s nuclear program between 2007 and 2008, and now that the digital war is underway, it’s U.S. interests that stand to lose the most.
“With every Internet enabled operation that we’ve seen so far, all of these offensive operations, we see knock on effects, we see unintended consequences, we see emergent behavior” Snowden said from a hotel room in Moscow. “When we put the little evil virus in the big pool of all our private lives, all of our private systems around the internet, it tends to escape and go Jurassic Park on us. And as of yet, we’ve found no way to prevent that.”
That first “evil virus” was Stuxnet, which the U.S. and Israel deployed against Iran between 2007 and 2008, and which sabotaged about one-fifth of Iran’s uranium enrichment centrifuges. The attack was designed to prevent Iran from developing a nuclear weapon, and wasn’t revealed publicly until 2010.
“It is fair to say that it was the most sophisticated cyberattack that anyone had ever seen at the time,” the former NSA contractor said according to an interview transcript published Thursday. “And the fact that it was launched as part of a U.S. authorized campaign did mark a radical departure from our traditional analysis of the levels of risks we want to assume for retaliation.”
“It actually kicked off a response, sort of retaliatory action from Iran, where they realized they had been caught unprepared.”
Iran’s retaliation came in the form of a cyberattack against the oil company Saudi Aramco in 2012, which Snowden described as “a Fisher Price, baby’s first hack kind of a cyber-campaign.”
“It’s not sophisticated. It’s not elegant.”
Snowden’s remarks are especially poignant in the wake of the massive hack of Sony servers in November, which Director of National Intelligence James Clapper called the “most serious” ever deployed against U.S. interests during a cybersecurity conference Wednesday. (RELATED: Clapper: Sony Hack ‘Most Serious’ Cyberattack Against U.S. So Far)
The former NSA contractor said that by focusing on offense in the global digital sphere as opposed to defense, the U.S. stands to lose much more than its adversaries.
“We have to create international standards that say these kind of things should only ever occur when it is absolutely necessary, and that the response that the operation is tailored to be precisely restrained and proportionate to the threat faced,” Snowden said. “And that’s something that today we don’t have, and that’s why we see these problems.”