Between algorithms and alarms: The impact of AI on cybersecurity.

The year 2024 ended with an all-time record in terms of the number of cyberattacks. Specifically, Spain ranked fifth among the countries most affected by this subject of activity, with losses reaching 10 billion euros. The use of Artificial Intelligence increases the risk and can multiply the effects of attacks as critical as the one carried out fifteen years ago by the Stuxnet computer worm on Iran's nuclear facilities.

Cyber-attacks have increased exponentially due to new tools, such as Artificial Intelligence (AI), and can be especially dangerous if they occur on critical infrastructures that provide essential services to the population, such as nuclear power plants. This concern, although recent, is not new, as attacks of this kind have already occurred in the past. This is the case of the computer virus known as Stuxnet, the first documented cyber-weapon to affect nuclear power plants in Iran. In the wake of this cyberattack, it is worth analyzing the past and comparing it to the present to consider what risks the use of AI in the field of cybersecurity may pose, and how states can deal with such risks, which are increasingly present.

What is Stuxnet and how did it work in 2010?

As Cicero rightly said, "history is the witness of the times, the light of truth, the life of the report, the teacher of life and the herald of the future". That is why understanding the Stuxnet case is a core topic to analyze some current processes. In 2010, a series of cyber-attacks mainly affected Iran, infecting almost 30,000 state computers, including devices located at the Bushehr nuclear power plant and the Natanz nuclear complex.

The main goal of this cyberattack was to spy on and even reprogram industrial systems of all subject, including high-risk infrastructures such as the aforementioned nuclear power plants. Specifically, cyber-attacks were carried out on Windows-based computers using malicious code targeting four zero-day vulnerabilities unknown to both the computer manufacturer and the computer's Username In this way, Stuxnet took control of numerous machines involved in the production of nuclear material, giving them self-destruct orders and thus generating a serious risk for both Iran and the rest of the world.

Although at the beginning there were doubts about who could have perpetrated the attack, some analysts soon suspected the United States and Israel as the protagonists. Eventually, the New York Times confirmed these suspicions, as well as the ultimate goal of the perpetrators to slow down the production of nuclear material in Iran, according to a process later explained in detail.

Alarm bells ringing: The risks of a cyberattack on a nuclear plant.

The Stuxnet attack in 2010 exposed the vulnerability of certain critical infrastructures to a possible cyberattack, with the potential consequences of a failure in their control systems. It was also demonstrated that intrusion into nuclear facilities is a real risk, not only for espionage activities, but also for the manipulation of critical equipment such as uranium centrifuges. The incorporation of AI further increases this threat, as these tools are driving an unprecedented technological and computing development , thus generating new unknowns and potential risks.

Such an attack would have obvious repercussions and consequences both locally and internationally. On the one hand, a cyber-attack could cause failures in the control systems of a nuclear plant, leading to the release of radioactive materials with results similar to those already experienced in the Chernobyl or Fukushima disasters. Nor can we ignore the economic and environmental costs that such a disaster would directly affect the country's economy and natural environment.

On the other hand, just as a stone thrown into a pond generates ripples that expand, an attack on a nuclear power plant would produce ripple effects on the international order. At the geopolitical level, the sabotage of critical facilities, such as nuclear power plants, could increase international tension by being considered as 'acts of war', or hostile acts between states with a clear destabilizing goal . In this sense, Russia has already threatened on multiple occasions to attack several Ukrainian nuclear power plants, such as the Zaporizhia plant, which has been occupied and bombed, putting at risk the integrity of Ukraine, as well as that of a large part of Europe.

AI and cybersecurity: A double-edged sword

The growing convergence between cybersecurity and AI poses a major challenge for the world today and in the future. While this subject tools provides innovative solutions for the analysis and prevention of cyberattacks, it also poses a greater risk to state and non-state actors seeking to infiltrate computer systems more efficiently. AI makes it possible to identify vulnerabilities, perform automated attacks and evade defense mechanisms, making attacks such as the one that occurred in Iran in 2010 much more 'accessible' to cybercriminals. The evolution of AI could facilitate similar attacks with greater speed, sophistication and without direct human intervention.

The FBI and other security agencies worldwide have already expressed concern about the use of AI to perpetrate sophisticated cybercrimes, such as those goal industrial control systems with state-of-the-art software. This would imply that an attack, such as the one that occurred in 2010 in Iran, could be carried out using AI much more quickly and effectively.

However, critical infrastructures are not the only goal this subject of attacks. Disinformation is one of the most worrying consequences of the use of AI in this area, as it poses a threat to the integrity of information and public perception and can affect, for example, electoral processes and jeopardize the political stability of a country. These digital minds are capable of creating and disseminating false content on a massive scale, posing a considerable challenge to today's governments. Indeed, in the context of the war in Ukraine and Moldovan support for the European country, several AI-generated videos have been disseminated in which people in government, such as the pro-Western president of Moldova, express their support for a political party close to Russia.

To deal with this threat, the well-known saying "if you can't beat your enemy, join him" makes sense. The need for states to invest in AI-based defense technologies capable of anticipating and neutralizing the risks posed by these advanced cyberattacks seems thus evident. However, a passive strategy is not enough; cooperation between states becomes indispensable to establish a global regulatoryframework that fosters collaboration between governments, companies and international organizations.

Weaving a shield in the global network

The Stuxnet case demonstrated the vulnerability of critical infrastructures, such as nuclear power plants, to cyber threats. Since then, the risk has grown exponentially thanks to technological progress, which has enabled the development of increasingly sophisticated attacks. Moreover, the situation has become more complicated with the entrance of a new player on the board; AI has generated new challenges, as these tools not only enhance the offensive capacity of attacks, but also reduce the technical barriers to carry them out.

Against this backdrop, it is essential that governments invest in AI-based technologies to detect and neutralize threats before they materialize. In addition, it is essential to foster international cooperation to establish a global regulatory framework to coordinate effective responses to these challenges subject The free flow of information regarding cybersecurity will be crucial to prevent and mitigate attacks, as only through cooperation between states will it be possible to develop a robust and flexible defense capable of adapting to emerging threats.

Ultimately, the cybersecurity of the future will depend on the ability to innovate and cooperate globally. This implies that the governments of different countries come together to strike a balance between innovation and regulation through a dialogue of understanding based on the common good.