Cybersecurity: how preemptive cyberwar is entering the nation's arsenal
In addition to authorizing the use of cyberweapons, the White House is preparing an executive order to beef up cybersecurity for critical infrastructure, such as the electric grid, refineries, and telecommunications.
A formal, three-year legal and policy review of US cyberweapons that concluded last fall has effectively cleared their use alongside other weapons systems in the US arsenal, a stamp of approval that propels the fledgling US Cyber Command toward a fully operational role within the nation's military structure, cyberwar experts say.Skip to next paragraph
Subscribe Today to the Monitor
Cyberweapons have been available to the US military since at least the first Gulf War against Iraq, but when, how, and under what conditions they could or should be deployed has been subject to vigorous debate among military and civilian policymakers.
Now it appears cyberweapons and cyberwarfare have nudged up alongside other legally approved military theaters and techniques, including space warfare and electronic war as well as the use of drones, sabotage, and special operations. In particular, cyberweapons were approved in the review for "preemptive" attacks if authorized by the president and if an imminent attack on the US warranted it, the New York Times reports.
While most details of the legal authorizations aren't known, the Times quoted anonymous sources as saying that the new policies "govern how the intelligence agencies can carry out searches of faraway computer networks for signs of potential attacks on the United States and, if the president approves, attack adversaries by injecting them with destructive code – even if there is no declared war."
"The fact that DOD has moved to the point where it felt required to [conduct the policy review] is a step toward normalization and operationalization of cyberweapons," says Dan Kuehl, a professor of intelligence studies at Mercyhurst University and formerly at National Defense University. "If you've got a new bomb or a tank or a weapons system, there's a requirement to do a legal review of its usage – under the Law of Armed Conflict. With DOD having done that for cyber, it's a significant step toward normalization of cyber as a weapon we can actually use militarily."
Word that legal hurdles have been largely surmounted for cyberweapons comes amid a backdrop of daily reports of cyberespionage attacks on US businesses, government agencies, and the Pentagon – not to mention numerous recent statements of concern by the nation's military officials.
In a speech last fall, Secretary of Defense Leon Panetta warned of the potential for a "cyber 9/11" and urged tougher laws that would help protect US critical infrastructure like the power grid and water systems. Other current and former senior administration and Pentagon officials have echoed that concern – and say that the legal review is long past due.