Security Experts:

Connect with us

Hi, what are you looking for?


Security Infrastructure

US Military Review Backs Pre-emptive Cyber Strikes

WASHINGTON – US military officers have endorsed the principle of pre-emptive cyber-strikes if the United States ever faces an imminent and large-scale digital attack, officials said Monday.

WASHINGTON – US military officers have endorsed the principle of pre-emptive cyber-strikes if the United States ever faces an imminent and large-scale digital attack, officials said Monday.

No formal approval has been issued, but the conclusions of the review signal that President Barack Obama’s administration is ready to embrace pre-emptive cyber attacks as part of military doctrine, officials told AFP.

Under the proposed rules, a pre-emptive digital strike would usually require the approval of the president, they added.

Department of DefenseDefense officials compared the guidelines to those applied to nuclear weapons, with built-in checks designed to ensure careful deliberation and no action without a clear decision by the commander-in-chief.

“Because of the magnitude of the cyber weapons involved, it really would need to be subject to review from the highest levels,” said a defense official.

The military and top civilian officials examined scenarios for offensive cyber ops while updating “rules of engagement” for the armed forces, adding the digital realm to the standard battle areas of air, land, sea and space.

“They’re trying to normalize cyber as a domain,” the official added.

Under the guidelines, the military would not defend against ordinary digital attacks on US companies or individuals, a task that would be overseen by the Department of Homeland Security.

But the Pentagon would become involved in the case of a threatened large-scale cyber assault against the United States, said officials, confirming a New York Times report.

The Pentagon declined to comment publicly on the conclusions of the review but acknowledged the military was studying the rules of cyber warfare.

“There has been a good discussion across the department about appropriate guidance to military commanders on operations in all domains, including cyber,” said spokesman Lieutenant Colonel Damien Pickart.

The “standing rules of engagement” were last revised in 2005, he said.

He said the rules are meant “to provide military commanders, including cyber professionals, clear guidance on what actions to take when faced with threats and attacks.”

Obama has reportedly approved at least one cyber attack, the digital assault on networks used at Iran’s uranium enrichment sites.

The operation, code-named Olympic Games, was revealed in articles and a subsequent book by New York Times reporter David Sanger.

Officials also confirmed that the Pentagon may dramatically expand its newly-created cyber command by increasing the number of troops and civilians to about 4,900 from the current work force of roughly 900.

The troops would be assigned to “national mission forces” safeguarding electrical grids and other vital infrastructure; “combat mission forces” to carry out digital operations around the world; and “cyber protection forces” focused on defending the military’s own computer networks.

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.


Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.


Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update.