Tuesday, May 31, 2011


Pentagon Will Consider Cyberattacks Acts of War

=============================================================
WASHINGTON — The Pentagon, trying to create a formal strategy to deter cyberattacks on the United States, plans to issue a new strategy soon declaring that a computer attack from a foreign nation can be considered an act of war that may result in a military response.
Several administration officials, in comments over the past two years, have suggested publicly that any American president could consider a variety of responses — economic sanctions, retaliatory cyberattacks or a military strike — if critical American computer systems were ever attacked.
The new military strategy, which emerged from several years of debate modeled on the 1950s effort in Washington to come up with a plan for deterring nuclear attacks, makes explicit that a cyberattack could be considered equivalent to a more traditional act of war. The Pentagon is declaring that any computer attack that threatens widespread civilian casualties — for example, by cutting off power supplies or bringing down hospitals and emergency-responder networks — could be treated as an act of aggression.
In response to questions about the policy, first reported Tuesday in The Wall Street Journal, administration and military officials acknowledged that the new strategy was so deliberately ambiguous that it was not clear how much deterrent effect it might have. One administration official described it as “an element of a strategy,” and added, “It will only work if we have many more credible elements.”
The policy also says nothing about how the United States might respond to a cyberattack from a terrorist group or other nonstate actor. Nor does it establish a threshold for what level of cyberattack merits a military response, according to a military official.
In May 2009, four months after President Obama took office, the head of the United States Strategic Command, Gen. Kevin P. Chilton, told reporters that in the event of a cyberattack “the law of armed conflict will apply,” and warned that “I don’t think you take anything off the table” in considering a response. “Why would we constrain ourselves?” he asked, according to an article about his comments that appeared in Stars and Stripes.
During the cold war, deterrence worked because there was little doubt the Pentagon could quickly determine where an attack was coming from — and could counterattack a specific missile site or city. In the case of a cyberattack, the origin of the attack is almost always unclear, as it was in 2010 when a sophisticated attack was made on Google and its computer servers. Eventually Google concluded that the attack came from China. But American officials never publicly identified the country where it originated, much less whether it was state sanctioned or the action of a group of hackers.
“One of the questions we have to ask is, How do we know we’re at war?” one former Pentagon official said. “How do we know when it’s a hacker and when it’s the People’s Liberation Army?”
A participant in the debate over the administration’s broader cyberstrategy added, “Almost everything we learned about deterrence during the nuclear standoffs with the Soviets in the ’60s, ’70s and ’80s doesn’t apply.”
White House officials, responding to the article that appeared in The Journal, argued that any consideration of using the military to respond to a cyberattack would constitute a “last resort,” after other efforts to deter an attack failed.
They pointed to a new international cyberstrategy, released by the White House two weeks ago, that called for international cooperation on halting potential attacks, improving computer security and, if necessary, neutralizing cyberattacks in the making. General Chilton and the vice chairman of the Joint Chiefs of Staff, Gen. James E. Cartwright, have long urged that the United States think broadly about other forms of deterrence, including threatening a country’s economic well-being, or its reputation.
The Pentagon strategy is coming out at a moment when billions of dollars are up for grabs among federal agencies working on cyber-related issues, including the National Security Agency, the Central Intelligence Agency and the Department of Homeland Security. Each has been told by the White House to come up with approaches that fit the international cyberstrategy that the White House published in May.
(source:.nytimes.com/2011/06/01/us/politics/01cyber.html)
================================

No comments:

Post a Comment