Sunday, February 24, 2013

Cyber Strikes Preemption: Savior or Curse?

The Obama administration's announced step toward preemptive cyber attacks as reported by the New York Times sets off more alarm bells than victory signs.  Let's start with looking at what preemptive strikes are.

As defined in the Times report, cyber preemption by the United States is justified if "U.S. agencies detect credible evidence of a major digital attack looming from abroad."  Here's the first alarm bell: what is meant by "credible evidence" and "major digital attack" (to quote the news release)?  This policy definition, to be effective, requires strict definition so that attacks are not recommended to the president which "hope" to take out or prevent a future attack but which are not real.  And how is a "threat" to be detected?  By standard CIA intelligence?  By some new, as yet unannounced U.S. cyber detection capabilities?

As described in our Semi-Annual Review: Cyberwarfare 2013-2015, this type of policy is nothing more than a repackaging of U.S. Military cyber weapons under a new banner and giving first-strike capabilities a cloak of respectability while creating a danger that does not necessarily exist today.

Here is the second alarm bell: Alerted to our preemption plans, are our cyber enemies going to sit back and await Washington's judgement on their cyber plans, or will they go ahead and attack, before their capabilities to do so are destroyed, or at least compromised?

There is currently no publicly available information that the United States has the cyber-based capability to take out other nations' cyber sites at will.  Even the famed Stuxnet attack required physical use of a flash drive to initiate.

Let's be careful what we threaten.  Since reliable attribution of the sources of threats is limited and our attack methods are questionable, are we unnecessarily setting ourselves up for preemptive attacks - the very action we are attempting to prevent?  Quite possibly yes.

No comments:

Post a Comment