“Stuxnet really showed people you could do this, that is the problem. I cannot imagine any major government agency not developing an offensive capability,” Eric Byres, a leading authority on critical infrastructure security, told Reuters.
Byres, who advises governments and multinationals on cyber security, said government agencies could seek to infiltrate energy infrastructure in case of political tension. “That is one of the risks, that we are weaponizing our entire energy industry, or leaving weapons inside it, just in case.”
Governments are concerned that energy and communications networks would be the first victims of any conflict with a cyber-savvy aggressor.
“It is believed that would be part of any form of warfare – that they would take out private sector infrastructures as part of knocking out a country,” said Paul Dorey, who managed BP’s digital security until 2008 and is now professor of information security at the University of London.