Reports of a computer virus that targets and controls specific robot machines have the hackerati abuzz. More than a mere cyberbug, this viral attack, apparently aimed directly at machines within a sovereign nation, remotely activates or reprograms industrial machines in the real world. The specifics: Stuxnet only targets SCADA (Supervisory Control And Data Acquisition) systems, only within Iran, only using Siemens control systems. My surprise upon hearing the news was the surprise everyone else exhibited. Science fiction and popular perception of technology has long ago given creedence to the belief that remote control of industrial or commercial technologies was not only possible, but often achieved by anyone, from CIA operatives to young hackers, typing furiously into laptops. (Why don’t hackers ever use a mouse?)

Our long relationship with science fiction has brought the potential future of technology to today. Technophobic tales of machines and computers run amok have transposed the fear of the future to a plausible scenario today. Scenes in films where rogue artificial intelligences, from HAL9000 in Stanley Kubrick’s 2001: A Space Odyssey to R2D2 controlling Death Star Functions by plugging into a terminal to Terminator’s SKYNET operating military equipment have all given rise to the notion that the physical manipulation by a willful digital force was commonplace. Apparently this is not true. Stuxnet has established itself as “new” or “different” thanks to its unique physical-digital relationship and what many are calling a new force in cyberterrorism.

Terrorism is a pretty weak term, mostly because a wide range of things can terrorize, instill terror, in us. I would imagine that “conventional” warfare can be pretty terrifying. I’m apparently not alone, as even the United Nations struggled to define the termCyberterrorism is an even weaker term because of the physical-digital matrix of possibilities. Is this a physical attack on computers (person-on-computer: a bomb exploded at server farms, or Google HQ)? Or a computer virus that attacks digital records like social security numbers or bank accounting files (computer-on-computer)? It feels like Stuxnet is a new breed (computer-on-person), a new possibility, but not cyber at all. Its most incredible feature is the remote corruption of physical things, namely robots that do automated assembly in an industrial setting. In this sense, Stuxnet is closer to a Unabomber postal attack than a computer virus. The ability to remotely destroy another’s physical capability is quite analog in conception. This potentially classifies Stuxnet not only as a new class of virus, but it anthropomorphizes it into a more tangible character, a person, a being. If the digital manipulation is not common, and Stuxnet is the first, it suggests that Stuxnet is a type of artificial intelligence. Maybe not to the computer experts, but a digital entity that can manipulate the real world has an ego, in the true Freudian sense. Ego formation in young children is the negotiation between internally-generated desires (hunger, discomfort) and the external methods of satisfying them (crying that signifies a demand for food or for diaper changes). We each learn through various means (physical motor skills, language, etc) to arbitrate our internal programming (gain pleasure, avoid displeasure) with the pre-existing world condition. Once we grow up, we know there are rules and limitations that we must navigate for every biological need. Since Stuxnet has broken the “ego barrier”, it could easily be cast as sentient–a new maturity for the evolution of artificial intelligence.

As a footnote, the added wrinkle that it targeted a specific nation makes this all sound positively conventional if not for the uniqueness of the virus code. But in a world where we physically manipulate digital information, from Tangible User Interfaces and the iPhone and the Nintendo Wii, is it that surprising that the inverse could also be true?

[Thanks to Golan Levin for regaling me with amazing accounts of the Stuxnet Saga]


About this entry