The Pentagon is compiling a list of offensive cyber-weapons capable of deliberately crippling or destroying an adversary’s critical infrastructure according to a recent report in the Washington Post.
This collection of cyber weapons is part of a broader list of weapons approved by the Pentagon for use against America’s enemies.
According to an unnamed military source cited in the report, this list comes with stipulations. The cyber-weapons come in three tiers: global, regional, and area of hostility, with the global arena’s lack of predictability and potential for collateral effects calling for the most restraint. Some cyber offensive actions will also require the authorization of the President – even in a time of war. For example, a presidential OK would be necessary for an intrusion upon a foreign computer network if the intent of such an intrusion were to leave behind a virus that could be activated at a later time. Furthermore, any such intrusion must be proportional to the threat against which it is acting and must avoid collateral damage and civilian casualties.
However, no presidential authority is required if a network is penetrated in order to determine the cyber-capabilities of an adversary, examine how their networks operate, or to leave beacons to mark the locations of potential future targets.
The report also claims that that U.S. is presently developing and implementing technologies intended to deter enemies from using computer systems to attack American networks. However, the report stops short of going into specifics about what sorts of actions could bring about a cyber-strike.
The specter of cyber warfare has been in the forefront of discussions about cyber security for years now. Crippling cyberattacks linked to conflicts in Estonia and Georgia have made headlines, as have hacks of critical infrastructure like a carbon trading exchange in Europe and the Stuxnet worm attack on Iran’s uranium enrichment program.
Washington D.C. is abuzz with word of a new Obama Administration cyberspace strategy that, among other things, declares the United States’ intention to assert its rights online and if necessary, respond to cyber-threats with force. A new report out from a Washington D.C. think tank with close ties to the Administration has called for an overhaul of U.S. cyber strategy, including a kind of Monroe Doctrine for cyberspace, that promises a clearer articulation of the U.S.’s willingness to act in response to online attacks against its interests.