The US is finally working on a formal strategy on how to deal with cyber attacks against its networks, systems or infrastructure, and so far it seems it is one that will concentrate on deterrence.
According to the NYT, the Pentagon believes that officially stating that a cyber attack executed by a foreign nation against US assets can be followed by a US military strike against that country, and be considered as an act of war will be a valid deterrent.
But, many officials are somewhat skeptic about it all and believe this strategy to be too ambiguous to be effective.
Also, how should the US respond to cyber attacks executed by hackers unaffiliated with a state or cyber terrorists? What kind of cyber attack will trigger a military counter attack? In the end, how can the US know for sure who is behind a cyber attack? These are all questions that will need to be answered before such a strategy can become usable and effective.
On a related note, the Pentagon has also been working on a list of cyber-weapons that will be allowed to be used by the military when engaging in sabotaging an enemy’s systems.
According to the Washington Post, the list is already completed and has been approved by various US agencies.
It is also accompanied by a set of rules regarding what authority is needed for deploying each of those weapons. For example, the military has to have direct approval from the President to deploy any of these weapons if the US is not at war or if it will be deployed outside an area of hostility, but has the freedom of choosing which weapon will be used in a war zone after having been granted presidential approval beforehand.
Penetrating a foreign computer network in order to leave malware that will be triggered later also requires approval from the president, but doing it in order to snoop around and scope out how the networks operate can be executed without it.