The Federal Government is working, such as at the United Nations to develop international codes of conduct. Development and use of malicious software is only in accordance with the relevant rules of international law, including the Charter of the United Nations is permissible. As far as the state use of malware not already been permitted under international law, whether new rules should be developed. This wording suggests that they use state of malicious software for international law generally prohibited the holding.

The federal government notes that neither the army nor the Federal Intelligence Service develops and deploys malware. Also, the project would not promoted. Nevertheless, all security agencies concerned with the issue of the Federal Cyberwar. It explains that the Federal Office for Security in Information Technology (BSI) adopted a series of defensive measures: It provides assistance for the federal and operators of critical infrastructures. The Office also wants to Siemens are working on the analysis of Stuxnet. The BSI also created its own analysis of the malicious program detection and presented recommendations.

The federal government requires implicitly a kind of cyber-arms control. International rules should create a culture of restraint, the self-restraint by declarations of States should be based. This claim, they also indirectly addressed to operators of the current Cyber Wars, which not only defensively, but also proactively deal with the issue. These include at present mainly the U.S., Russia and China. The U.S. has less than a year before opening negotiations with Russia to improve Internet security and limit the military use of the Internet to reach one.

Damage Stuxnet in Germany has caused economic About, moreover, is the Federal Government announced anything. It is also unknown whether German nuclear power plants and research reactors are attacked by malicious programs. The nuclear supervisory authorities of countries keep the federal government, according to information from public access data networks to exclude one. Elsewhere it is said, however, in response, that it could not be ruled out that the area of control of the reactor performance is affected by malicious software. But there was no concrete suspicion that Stuxnet German nuclear power plants was aimed at.