Skip to main content

Cyberattacks to be Categorized as Acts of War


The US is set to publish plans that will categorise cyber-attacks as acts of war, the Pentagon says.
In future, a US president could consider economic sanctions, cyber-retaliation or a military strike if key US computer systems were attacked, officials have said recently.
The planning was given added urgency by a cyber-attack last month on the defence contractor, Lockheed Martin.
A new report from the Pentagon is due out in a matter of weeks.
"A response to a cyber-incident or attack on the US would not necessarily be a cyber-response. All appropriate options would be on the table," Pentagon spokesman Col Dave Lapan told reporters on Tuesday.
Col Lapan confirmed the Pentagon was drawing up a cyber defence strategy, which would be ready in two to three weeks.
Cyber-attacks from foreign nations that threaten widespread US civilian casualties, like cutting off power supplies or shutting down emergency-responder networks, could be treated as an act of aggression under the new policy.
But the plan does not mention how the US may respond to cyber-attackers, such as terrorists, who are not acting for a nation state.
'All necessary means'
The Pentagon's planning follows an international strategy statement on cyber-security, issued by the White House on 16 May.

Analysis

image of Adam BrookesAdam BrookesBBC News, Washington
American strategists are wrestling with the big, new questions of cyber war. What constitutes cyber attack? What laws, definitions and principles should governments use to formulate their response?
How do you tell the difference between a virtual annoyance perpetrated by criminals and hackers and an act of war perpetrated by a nation state? This question is perhaps the biggest difficulty facing those who are charged with writing the doctrine of cyber war.
It's often referred to as the "attribution problem". When an American entity - a government department, the military or a corporation - becomes aware they are under cyber-attack when their networks start malfunctioning, how do they know who is doing the attacking?
Savvy Computer Network Defence (CND) specialists may be able to track the attack to a specific country, even to a specific internet address. But who is operating the computer terminal? An operative of a rival state acting under orders? Or a hacker acting on her own initiative? Or something in between?
"Whose fingers are on the keyboard?" ask the CND specialists. When you don't know who your attacker is, finding a legal and ethical response becomes very difficult.
The US would "respond to hostile acts in cyberspace as we would to any other threat to our country", stated the White House in plain terms.
"We reserve the right to use all necessary means - diplomatic, informational, military, and economic - as appropriate and consistent with applicable international law, in order to defend our nation, our allies, our partners and our interests."
The Wall Street Journal quoted a military official as saying: "If you shut down our power grid, maybe we will put a missile down one of your smokestacks."
White House officials said consideration of a military response to a cyber-attack would constitute a "last resort", after other efforts to deter an attack had failed, the New York Times newspaper reported.
Sophistication of hackers
One of the difficulties strategists are grappling with is how to track down reliably the cyber-attackers who deliberately obscure the origin of their incursions.
The sophistication of hackers and frequency of the attacks came back into focus after an attack on arms-maker Lockheed Martin on 21 May.
Lockheed said the "tenacious" cyber-attack on its network was part of a pattern of attacks on it from around the world.
The worst cyber-attack against the US military occurred in 2008, when malicious software on a flash drive commandeered computers at US Central Command.
The US defence department estimates that more than 100 foreign intelligence organizations have attempted to break into American networks.
The US is also accused of using cyber warfare against other nations. In 2010 Iran accused the US of helping to develop Stuxnet, a software worm aimed at controlling systems in Iranian nuclear plants.

Comments

Post a Comment

Popular posts from this blog

The Most Useful Websites and Web Apps

The sites mentioned here, well most of them, solve at least one problem really well and they all have simple web addresses (URLs) that you can easily learn by heart thus saving you a trip to Google. 01.   screenr.com   – record movies of your desktop and send them straight to YouTube. 02.   ctrlq.org/screenshots   – for capturing   screenshots of web pages   on mobile and desktops. 03.   goo.gl   – shorten long URLs and convert URLs into   QR codes . 04.   unfurlr.come   – find the original URL that’s hiding behind a short URL. 05.   qClock   – find the local time of a city using a   Google Map . 06.   copypastecharacter.com   – copy special characters that aren’t on your keyboard. 07.   postpost.com   – a better search engine for twitter. 08.   lovelycharts.com   – create flowcharts, network diagrams, sitemaps, etc. 09.   iconfinder.com   – the best place to find icons of...
Post a Comment
Read more

Entrepreneurial Mindset

Post a Comment
Read more

Kurumsal Dijitalleşme mi yoksa Dijital Kurumsallaşma mı? (+Anket)

Eğer benim gibi siz de işinizin önemli bir bölümünü pazar araştırması yaparak geçiriyorsanız muhtemelen siz de en az benim kadar Türkiye'de pazar verisine ulaşmanın ne kadar zor olduğu hakkında defalarca şikayet etmiş ve sonunda yaratıcı yollar keşfetme yolunu tercih etmişsinizdir. Bunun sebebinin analitik düşünceye ihtiyacımızın olmaması mı, tembellik mi, kısa vadeli düşünmemiz mi yoksa insanüstü tahmin ve öngörü yeteneklerine sahip olmamız mı emin değilim. "Y  ou can’t manage what you can’t measure " - "Ö  lçemedeğiniz şeyi yönetemezsiniz " Her ne kadar bu söz, günümüze  yanlış  bir şekilde aktarılmış olsa da, kendi içerisinde kısmi bir doğruluk barındırmakta. Aslında bu söz ile anlatılmak istenen, ölçerek herşeyin yönetilemeyeceği fakat sonuçları iyileştirmek için süreçlerin ölçülmesi ve takip edilmesinin önemli olduğudur.  Sözün asıl sahibi W. Edward Deming, verinin ve gözlemin önemini aşağıdaki sözüyle çok güzel bir şekilde anlatmaktadır....
Post a Comment
Read more