Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Infrastructure

US Military Review Backs Pre-emptive Cyber Strikes

WASHINGTON – US military officers have endorsed the principle of pre-emptive cyber-strikes if the United States ever faces an imminent and large-scale digital attack, officials said Monday.

WASHINGTON – US military officers have endorsed the principle of pre-emptive cyber-strikes if the United States ever faces an imminent and large-scale digital attack, officials said Monday.

No formal approval has been issued, but the conclusions of the review signal that President Barack Obama’s administration is ready to embrace pre-emptive cyber attacks as part of military doctrine, officials told AFP.

Under the proposed rules, a pre-emptive digital strike would usually require the approval of the president, they added.

Department of DefenseDefense officials compared the guidelines to those applied to nuclear weapons, with built-in checks designed to ensure careful deliberation and no action without a clear decision by the commander-in-chief.

“Because of the magnitude of the cyber weapons involved, it really would need to be subject to review from the highest levels,” said a defense official.

The military and top civilian officials examined scenarios for offensive cyber ops while updating “rules of engagement” for the armed forces, adding the digital realm to the standard battle areas of air, land, sea and space.

“They’re trying to normalize cyber as a domain,” the official added.

Under the guidelines, the military would not defend against ordinary digital attacks on US companies or individuals, a task that would be overseen by the Department of Homeland Security.

But the Pentagon would become involved in the case of a threatened large-scale cyber assault against the United States, said officials, confirming a New York Times report.

Advertisement. Scroll to continue reading.

The Pentagon declined to comment publicly on the conclusions of the review but acknowledged the military was studying the rules of cyber warfare.

“There has been a good discussion across the department about appropriate guidance to military commanders on operations in all domains, including cyber,” said spokesman Lieutenant Colonel Damien Pickart.

The “standing rules of engagement” were last revised in 2005, he said.

He said the rules are meant “to provide military commanders, including cyber professionals, clear guidance on what actions to take when faced with threats and attacks.”

Obama has reportedly approved at least one cyber attack, the digital assault on networks used at Iran’s uranium enrichment sites.

The operation, code-named Olympic Games, was revealed in articles and a subsequent book by New York Times reporter David Sanger.

Officials also confirmed that the Pentagon may dramatically expand its newly-created cyber command by increasing the number of troops and civilians to about 4,900 from the current work force of roughly 900.

The troops would be assigned to “national mission forces” safeguarding electrical grids and other vital infrastructure; “combat mission forces” to carry out digital operations around the world; and “cyber protection forces” focused on defending the military’s own computer networks.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...