Imperva: US has approved state-sponsored hacking
Imperva: US has approved state-sponsored hacking

Revelations that the US government was among those behind Stuxnet shows that the Obama administration has given its approval to the use of cyber tools in espionage.

Speaking to SC Magazine, Rob Rachwald, Imperva's director of security strategy said that the biggest story learned from the development of Stuxnet is that the US and Israel collaborated together to work on the virus.

He suggested that this move means that the US has ‘approved' state-sponsored hacking and espionage, and for a country such as the US to bless this sends a strong message to rogue states.

He said: “Flame cost millions of dollars to develop, that is about the same (or less) than an F-18. Cyber weapons give you an option that is all about making a point, but this has backfired for Obama. If this was China or Russia, then he would be heralded as a hero. But not in the US.”

Rachwald commented that the level of knowledge that the US and Israel had about the Iranian uranium enrichment programme would have taken considerable time and showed good amounts of intelligence, and Stuxnet required ‘a lot of TLC' to evade anti-virus for as long as it did.

“Stuxnet was above and beyond malware writers' capabilities and was done to ensure that it caused damage, so there was the espionage,” he said.

As reported by SC Magazine last month, a report by the New York Times claimed that the United States and Israel were behind the Stuxnet virus with Anonymous sources, who reportedly worked on the project, quoted as saying that the National Security Agency working with part of Israel's military developed the worm to sabotage Iran's nuclear programme.

The report was written by David Sanger, whose book Confront and Conceal: Obama's Secret Wars and Surprising Use of American Power, reported that the sabotage strategy began in 2006 under the administration of George W. Bush as an alternative to a military strike. He said that the code was passed on to President Obama who was "strongly urged" to continue the programme.

John Bumgarner from the US Cyber Consequences Unit suggested on Twitter that Bush was still working on Stuxnet just a few days prior to the 2009 inauguration of Obama, and that the project was under way for approximately four years before Obama took office. He also said that Obama then green-lighted the project five months after taking office.