Cyber Command seeks permission for cyber attacks against extreme or imminent threats

U.S. Cyber Command

From Ellen Nakashima, the Washington Post:  The Pentagon has proposed that military cyber-specialists be given permission to take action outside its computer networks to defend critical U.S. computer systems — a move that officials say would set a significant precedent.

The proposal is part of a pending revision of the military’s standing rules of engagement. The secretary of defense has not decided whether to approve the proposal, but officials said adopting the new rules would be within his authority. . . .

Currently, the military is permitted to take defensive actions or to block malicious software — such as code that can sabotage another computer — only inside or at the boundaries of its own networks. But advances in technology and mounting concern about the potential for a cyberattack to damage power stations, water-treatment plants and other critical systems have prompted senior officials to seek a more robust role for the department’s Cyber Command.

The proposed rules would open the door for U.S. defense officials to act outside the confines of military-related computer networks to try to combat cyberattacks on private computers, including those in foreign countries. . . .

The Pentagon, in consultation with the White House and other agencies, has developed strict conditions governing when military cyber-specialists could take action outside U.S. networks. Some officials said these conditions are so stringent that the new capability to go outside military boundaries might never be used.

Pentagon and other officials say such military action is meant to be taken only in extreme emergencies and with great care. . . .

Generally, the new rules would allow the two-year-old Cyber Command to take defensive action in a foreign country or in the United States if reliable intelligence indicates that a threat is imminent and could have certain consequences, such as deaths, severe injury or damage to national security, said several current and former officials.

“We’re not talking about shooting back, not talking about tit-for-tat,” said the Pentagon official, who like many interviewed for this article spoke on the condition of anonymity and would not discuss operational details. “We’re talking about stopping the bleeding, lest something really bad happens to the country.

The standing rules of engagement, or SROE, were last revised in 2005. They are intended to give military commanders guidance on what they can do when they find their troops or systems under attack and they need to act quickly without having to consult the president or defense secretary. . . .

Ideally, current and former officials say, the Pentagon would like Cyber Command to be able to undertake a range of activities, from blocking or redirecting viruses to disabling a computer server in another country to prevent destructive malware from being launched.

But something as aggressive as shutting down a server in another country is probably going to require presidential permission, Gen. Keith Alexander, the head of Cyber Command, has said.  (graphic: Stars and Stripes)

Image: dod%208%201%2011%20CYBERCOM.jpg