The Future of Cyberwarfare | Origins: The Journey of Humankind

NARRATOR: September 11, 2001, terror strikes set the tone for warfare in the 21st century. But the 21st century has also seen the rise of another kind of warfare— warfare that lets nations and loners do battle without guns or bombs. These days, the biggest threat we face may be a rogue actor with a laptop and a desire to wreak havoc. Cyberwarfare is probably the greatest challenge that we have as far as our nation's national security is concerned. We have an advantage over every other form of competition with possible allies except one, and that is cyberwarfare.

And when you see the potential of what a successful cyber-attack can achieve, it's enough to make you deeply concerned. This is going to be the new battlefield— an unseen invisible battlefield— where teams of hackers from various nations will duel. In 2010, a computer virus named "Stuxnet" demolished a secret Iranian nuclear weapons plant. Hackers at Symantec Corporation unraveled its mysteries. What made Stuxnet different was it didn't just stick to the cyber world, it actually reached and caused sort of real world kinetic damage. It's nothing that we had ever seen before.

And so Stuxnet just began spreading all around the world onto Windows machines everywhere. But what it was doing was, it was also looking for something else. It was looking for these things that are called PLCs, or these small computers that control things like factories, like the power grid. What you see here is the code that is put on to the PLC, and this is the normal process code goes on to the PLC turns the PLC on or off and controls it.

When we first got the code, it's literally zeros and ones. It's sort of unintelligible. It was only later that we were able to determine that actually this code was targeted, specifically, at Iran's uranium enrichment plant in Natanz.

LIAM O'MURCHU: Uranium enrichment facilities are very secure facilities. It's not like they're connected to the internet. You can't get your code in and out in that way. So one of the ways that Stuxnet was able to get into the facility was via USB key. So it was able to infect USB keys, and then somebody would bring the USB key with them into the secure facility not realizing it was infected, plug into a computer inside, and then that computer inside would be infected.

We don't know definitively who is behind Stuxnet, but it's very clear that it's a nation state, and it's nation states that had something against Iran, and it's likely that it isn't a single nation state. And remember, as well, with cyberwarfare that the barrier to entry is quite low. If a country wants to do something like build a nuclear missile, that's actually quite difficult. But when you talk about something like cyberwarfare, it's actually quite cheap and quite easy for a country to develop a cyber weapon, and that cyber weapon can have equivalent effects.

You can have a cyber weapon potentially shut down the power grid, for example, on the whole east coast. New York is out. Wall Street is out. All your banks are out. You can't even withdraw money. You can imagine people— panic starting— and people trying to get cash. You can't get cash. ATMs aren't working. And then things like your water waste and treatment plants aren't working, so no clean water. There's going to be a run on stores. Stores potentially aren't even operating. Your credit card is not going to work at the store. There will be absolutely mass panic.

If you can blind the US military— if you could shut down our GPS and our computer networks, our military is basically unable to function. And it could take days or weeks to get those systems back up and running. They can do tremendous damage. They can defeat your armies, your fleets, your Air Forces, by simply blinding them— by taking down their cyber systems. I think that's a huge risk that we face. With cyberwar, I always think one of the most effective ways to fighting in cyber, is to find the computer and the operator and put a bullet through both of them.