Stuxnet worm was a calculated risk

Former CIA director General Michael Hayden believes the Stuxnet worm that targeted Iran’s nuclear infrastructure was a “good idea,” even though it set a precedent for the use of malicious software as a weapon.

”We have entered into a new phase of conflict in which we use a cyber weapon to create physical destruction. This was a good idea, alright?” Hayden told 60 Minutes (CBS).

“But I admit this was a big idea, too. The rest of the world is looking at this and saying ‘Clearly, someone has legitimated this kind of activity as acceptable.’ There are those out there who can take a look at this… and maybe even attempt to turn it to their own purposes.”

Hayden also emphasized that he did not consider the deployment of Stuxnet to be an act of war.

“Look, given my own background, I’ve got this whole universe of things between peace and war that are called covert actions,” he explained.

“[Frankly], I don’t think whoever did this considered it to be an act of war. The Iranians have not quite responded to it as if it were an act of war. It’s in that space between the two.”

Meanwhile, Sean McGurk, a former cybersecurity official in the Department of Homeland Security, told 60 Minutes that Stuxnet could theoretically be redirected by terrorists against critical infrastructure within the United States.

“You can download the actual source code of Stuxnet now and you can repackage it [and] point it back to wherever it came from,” he warned.

“They opened the [Pandora’s] box. They demonstrated the capability… it’s not something that can be put back.”

Stuxnet, which was first detected in July 2010, affected systems in facilities crucial to the Iran’s nuclear program, such as Natanz and Bushehr. Recent reports indicate the worm infected at least 30,000 PCs and disabled a significant number of uranium enriching centrifuges. According to the New York Times, Stuxnet was likely a joint American-Israeli worm coded in the hopes of derailing Iran’s nuclear program.