David Sanger & Thom Shanker reported for The New York Times on a new secret legal review that has concluded the following:
President Obama has the broad power to order a pre-emptive strike if the United States detects credible evidence of a major digital attack looming from abroad, according to officials involved in the review.
Moreover, Sanger & Shanker report that the administration has “ruled out the use of ‘automatic’ retaliation” technology and would only deploy cyberweapons “on the direct orders of the commander in chief,” with a few exceptions (like tactical military strikes).
The legal concept at issue is preemption, or striking before you are struck. Preemptive strikes are controversial in the context of conventional weapons, and the NYT notes that it’s even more complex in the digital context. What standard of proof do you need to meet before concluding a nation will use cyberweapons against the U.S.?
Last point from the NYT article:
Under the new guidelines, the Pentagon would not be involved in defending against ordinary cyberattacks on American companies or individuals, even though it has the largest array of cybertools . . . But the military, barred from actions within the United States without a presidential order, would become involved in cases of a major cyberattack within the United States. To maintain ambiguity in an adversary’s mind, officials have kept secret what that threshold would be; so far, Defense Secretary Leon E. Panetta has only described the “red line” in the vaguest of terms — as a “cyber 9/11.”
There you have it: a situation where the U.S. military steps into the defense of private networks. That makes complete sense. I still think the military is best suited for defending private networks long before a cyber 9/11, but that’s an argument for another day.
Check out the rest of David Sanger & Thom Shanker’s NYT article here.
Leave a Reply