Developed nations are likely to have created and covertly deployed malware in industrial control systems (ICS) used in other countries in case it ever needs to be used in a conflict.
Anthony Kolish, a senior vice president at FireEye, is convinced that this has happened but said that evidence of such actions may never come to light.
“I think the thing that makes this hard to peg is that, once you do it, it’s hard to turn back. So malware may be lurking in infrastructure that can be used in a conflict if it escalates to a point that it needs to be used," he told V3.
“But when you use it, that tips your hand and it’s then out there, so the stakes are very high. It’s a geopolitical issue and you just never know.”
Security experts have often talked of the threat to ICS environments. A major attack on an ICS in Ukraine last year left power stations offline in an incident that many believe was coordinated, or at least backed, by the Russian government.
The attack was a high-profile example of the growing threat to ISC environments, and Kolish cited the scadahacker.com website as an example of how often ICS flaws are discovered and made public, some of which FireEye itself has found.
“There are literally thousands of ICS vulnerabilities and the pace of discovery is increasing all the time. FireEye found one last year that had Stuxnet-like capabilities that was capable of feeding fake user interface information to the people that were monitoring systems to mask what was going on,” he said.
The Stuxnet worm is another example of the lengths to which governments have already gone when using cyber weapons against rivals. The US and Israel are widely believed to have developed such tools to use against Iran.
This increase has alerted more industries to the threat posed by industrial system hackers, and the healthcare sector is particularly concerned, according to Kolish.
“It first emerged after the Anthem breach of 2014 and in the last six months we’re seeing more healthcare providers saying they are getting concerned about the potential for medical devices and systems to be hacked," he said.
“With these types of incident we’re not just looking at loss of money or intellectual property but injury or loss of life, so the sense of rush is much higher.”
The growing threat from cyber attacks has prompted the UK government to invest millions in improving defences, although a director at CESG admitted that this money might have been better spent on fixing older systems instead.
Latest Tesla news: Tesla stock price tanks amid reports of 'widening probe' by SEC and claims the base Model 3 loses money
SEC 'probe' takes its toll on Tesla as new research suggests that Tesla loses $6,000 on every $35,000 Model 3
10nm Cannon Lake Core i3-8121U CPUs make a rare outing with Intel's NUC mini PC
'Notorious' Australian child hacker thought he had executed 'flawless' hack
The former employee says that Tesla fired him for bringing the accusations to management internally