|
The Washington Post had a good article up yesterday capturing comments issued by the United States military that it has the right to return fire when it comes to cyber attacks:
WASHINGTON—The U.S. should counter computer-based attacks swiftly and strongly and act to thwart or disable a threat even when the attacker’s identity is unknown, the director of the National Security Agency told Congress. Lt. Gen. Keith Alexander, who is the Obama administration’s nominee to take on additional duties as head of the new Cyber Command, also said the U.S. should not be deterred from taking action against countries such as Iran and North Korea just because they might launch cyber attacks.
...
It’s unclear, Alexander added, whether or not those actions have deterred criminals, terrorists or nations. In cyberspace, he said, it is difficult to deliver an effective response if the attacker’s identity is not known.
Senators noted, in their questions, that police officers don’t have to know the identity of a shooter in order to shoot back. In cyberspace, the U.S. may be able to counter a threat, rebuff an electronic probe or disable a malicious network without knowing who is behind the attack.
This is an interesting point of view, and it extends from the United States’s policy that if it is attacked using conventional weapons, it reserves the right to counter respond in kind. This has been a long accept precept governing US foreign military policy for generations. Yet cyber attacks are different for a couple of reasons:
Continuing onwards in the article:
Alexander echoed other experts who warn that the U.S. is unprepared for a cyber attack. He said the first priority is to make sure the nation can defend its networks, which are now a “strategic vulnerability.”
Alexander said the biggest challenge facing the development of Cyber Command will be improving the defense of military networks, which will require better real-time knowledge of intrusions.
This is a more realistic view, in my opinion. Probably the best step is knowing where your vulnerabilities are and trying to defend them. As some famous coach said, “Offense brings fans, but defense wins championships.” In other words, you can go on the offensive but weakness in your own systems can severely degrade and impair your ability launch an attack. If your internal systems are going haywire you can be totally disarmed and unable to launch a counterstrike.
Of course, once you do have your defensive ability up to snuff, or good enough, you will need a good offensive counterpunch. In boxing, if all you are doing is defending, eventually your attacker will wear you out as you absorb blow after blow (the exception being Homer Simpson where his opponents would hit him and tire themselves out and all he would have to do is push them over without throwing a single punch… the exception to that being Drederick Tatum). The rules of engagement for offensive counter strikes are more tricky. Does the US, after identifying a non-state actor attacking it, go after the actor themselves? Or do they pressure the government where the non-state actor is located to handle them? Or do they launch an attack on the government if they consider their enforcement lackadaisical? Or perhaps even intentionally sheltering cyber attackers?
I suppose that for this, the standard military rules of engagement apply.
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byDNIB.com
Sponsored byIPv4.Global
Sponsored byCSC
Sponsored byVerisign
Sponsored byRadix
But when you have viruses being fully capable of taking down critical infrastructure installations that are connected to the computer network, undermining your financial system, taking out communications etc etc .. well, taking out a C&C;host or a few domains might actually make sense if you’re able to do it.
Doesnt mean say - “if country X takes out our banks we’ll take out theirs”, a lot more nuanced.