On November 15th, 2011, Ellen Nakashima reported for the Washington Post how the DoD has clarified its policy on offensive cyber operations. Specifically, the article notes that the Pentagon, "if directed by the president, will launch offensive cyber operations in response to hostile acts." Furthermore, "hostile acts may include significant cyber attacks directed against the U.S. economy, government or military." These statements were taken from a recently released DoD report, and are consistent with the Pentagon's cyberspace strategy. The report went on to say that before responding to a cyberattack, the US must “exhaust all options prior to using force whenever we can.”
However, the article points out that some elements of policy, such as rules of engagement, have not yet been addressed. The article also questions whether the report advises "automated, pre-approved responses to some hostile acts in cyberspace." Again, the report said that only the president may authorize offensive cyber actions. Moreover, Herbert Lin, a cyber expert, said that automated responses “are fraught with danger. Without people in the loop, you’re much more likely to do unintended stuff.”
The source article can be found here.
***
On November 15th, 2011, Colin Clark wrote for AOL Defense on recent comments made by Gen. Keith Alexander, CyberComm/NSA head. The article quoted Gen. Alexander's remarks at the Strategic Command space and cyber conference when he said "We have to have more authority to defend ourselves in cyberspace." Clark argued that this call for more authority indicated that the DoD "feels the need for the right to engage in offensive cyber operations."
Leave a Reply