According to the Mehr News Agency this morning, Jalali declared in a televised press conference, “The US is downsizing its army for bigger cyber defense infrastructure. So countries like Iran also have to set up and upgrade their cyber defense headquarters and even [build] a cyber army.”
The move appears to be both a response to the Stuxnet and Duqu viruses (at least one of which seems to have been particularly targeted at the Iranian nuclear program), and the increasing cyber budgets of most western countries. But the problem with cyber defense is that it invariably also implies cyber offense.
Ash Patel, UK and Ireland manager for Stonesoft, makes just this point in advising western governments to “take the necessary protective measures to ensure their national infrastructure does not come under attack... Despite the fact,” he adds, “that Iran is saying the army will be used as a defensive measure there is no guaranteeing they won’t use it as an offensive measure as well and use it to launch cyber attacks.”
ESET’s David Harley believes that Stuxnet was an effective wake-up for most nations, but that cyberwarfare exploration has been a fact of life for many years. He suggests that the real significance of Stuxnet is that it forced governments to reassure their population that cyber security is being protected. The problem is that you cannot “realistically develop effective technology in those areas thinking purely defensively even if you wanted to.”
Harley has little time for the fictional view of future wars being fought behind computer screens. “But almost any upcoming war between any but the most technologically under-developed nations will, at this point," he warns, "be conducted making heavy use of a wide range of technical tools. Some of those tools are increasingly likely to go beyond intelligence gathering and the strategic deployment of a military solution.”