Curran points out that being a non-expert in such things as cyberweapons, McCain misses the crucial difference between them and conventional ones; namely, that any cyberattack can be reverse engineered and later used against the aggressor.
Curran explains that once the attack is detected, parts of its malicious codes can be obtained and later analyzed. When its underlying principles of operation are cracked by cybersecurity, it will be able to replicate the weapon and use it against the country that unleashed it.
Curran also reminded Sputnik (and McCain) that apart from information-obtaining malware, there are also those that attack with a focus on control systems. Once they obtain control, they can manipulate physical infrastructure, such as electrical networks, railroads or water supplies. Attack on such infrastructure can have a significant negative impact, the cybersecurity expert warned.
One of the examples of such viruses is The Flame, a malware found in 2012. The Flame was a platform designed to host various modules that can perform different tasks. The problem is that over 40 different antiviruses failed to detect The Flame when tested.
Another demonstrative example is the Stuxnet computer worm that was specifically designed by the US and Israel to infiltrate systems associated with Iranian nuclear material. It managed to find and successfully attack the country's nuclear centrifuges.
Curran believes that organizations around the world should expect rogue states to attack their computer systems in the future, seeking information or wreaking havoc. He also thinks that states won't refrain from developing cyberweapons, noting that the US has already admitted developing both defensive and offensive models. Although the US claims to focus on defensive ones, there is no way to prove that, he added.
"It is also incredibly difficult to estimate which countries are heavily conducting research into offensive cyberattack tools, as it is not as easy as simply counting the size of their armies or guns," Curran said.
The expert also noted more peaceful uses for such viruses — for example, intelligence. According to him, such malware can be used "akin to spy planes."