In an unsurprising and yet wholly unsettling twist, it has emerged that Stuxnet — the virus that sabotaged part of the Iranian uranium enrichment program — was developed by the US and Israeli governments, and sanctioned by President Obama himself.

According to numerous American, European, and Israeli officials, Stuxnet was part of Olympics Games, a secret project begun by the Bush administration. Shortly after Obama became president, he sped up Olympic Games and ordered “increasingly sophisticated [cyber] attacks” on Iranian infrastructure.

When Stuxnet was deployed in 2009 by the US and Israel, it was originally designed to stay within Iran’s Natanz uranium enrichment plant, damaging Siemens industrial equipment — but a programming error resulted in the worm spreading across the internet, and the eventual discovery by security companies such as Symantec and Kaspersky. According to The New York Times, upon hearing that the worm had escaped, Obama asked his national security team, “Should we shut this thing down?” With evidence that the worm was still damaging the Iranian nuclear program, a new version of Stuxnet was released and Olympic Games continued.

While we always assumed that a governmental agency was behind Stuxnet — the worm is one of the most complex pieces of malware ever discovered, and it only targets a very specific software and hardware (Iranian uranium enrichment machines) — it’s a little bit humbling to learn that the US president was directly responsible.

To put this into perspective, not only is this the first ever confirmed case of governmental cyberwarfare — it’s a virtual a guarantee that a bunch of nations now have a cyberwarfare department. While the Chinese government never owned up to the cyber attacks on US tech companies in January 2010, we can only assume that this was the work of the Chinese equivalent of Olympic Games. Through Israel’s involvement in Stuxnet, we can assume it has a cyberwar group as well. The NYT also sourced information from European officials, too — so we can probably infer that at least the major EU nations have similar cyber security initiatives.

Does this mean that these countries are actually conducting regular cyber attacks, though? Certainly. In a world where Iran’s nuclear enrichment factory is connected to the internet, you can be damn sure that at least the five permanent members of the UN Security Council are keeping tabs on the rest of the world’s digital infrastructure. In this sense, cyber attacks (and cyber security) is just part and parcel of national defense. If China is regularly plundering other countries for intellectual property — modern-day industrial espionage — then the US must defend itself, and even strike back to keep the status quo.

Does this mean we’re on the cusp of full-scale cyberwar? Unlikely. A full-on cyber attack designed to cripple a nation’s infrastructure would be followed by physical, conventional warfare — and for the moment at least, I don’t think anyone is quite ready to start World War 3. It’s definitely possible that the US is softening up Iran and North Korea with cyber attacks, though, to ensure as little resistance as possible while dismantling the Axis of Evil.

Read more at The New York Times, or about Stuxnet