Cyber Warfare: US to Launch Preemptive Attacks

The President of the United States has the right to authorize an online attack on another nation if he has credible evidence to suggest that country plans to attack the US.

That's the conclusion of a secret review of rules governing the US military's online behavior.

Officials are said to be planning the first comprehensive set of guidelines for the military's online activities, though the rules themselves will be classified.

The review was prompted by concerns over the current division between the military and intelligence services. For example, the armed forces are only allowed to launch physical attacks in certain countries where the US is engaged in conflict.

However, intelligence staff can carry out secretive drone strikes in other countries.

Presidential Approval Needed For Attack

The New York Times notes that, during the review, officials turned their attention to cyber attacks. They concluded that because such attacks can devastate a country's infrastructure, they should require authorization from the President.

That means the US won't use systems that automatically launch a retaliatory online strike without presidential approval. (Source: nytimes.com)

Under the proposed rules, the US would only be allowed to cyber-attack another country as a direct response to an actual attack, or as a preemptive response to a credible threat.

International law is generally interpreted as allowing preemptive physical attacks. US officials believe that also applies online, though some people taking part in the review have warned it could be very difficult to prove an online threat and thus justify a preemptive strike.

Domestic Cyber Defense Also Under Review

Although such operations are secret, it's believed President Barack Obama has only authorized one international cyber attack. That attack was reportedly designed to compromise Iran's nuclear program. Obama is said to have insisted that the attack be crafted in a way that meant it couldn't harm other critical infrastructure, such as Iran's electricity network.

The reviewers are also evaluating the question of who should have the legal authority to defend computer systems within US borders. At the moment the Department of Homeland Security has the authority, though the FBI assists in the work.

Despite having more sophisticated online "weapons," the military doesn't currently have the authority to take contribute to the defense of US online systems. Officials are still debating how serious an attack on the US should be before the military is allowed to act. (Source: zdnet.com)