NSA Director On The Cyber-CounterattackNSA Director On The Cyber-Counterattack
According to an Associated Press report, the director of the National Security Agency told Congress the U.S. should respond in force to computer-based attacks -- even when the attacker is not known. Is that possible, and is it a good idea?
April 15, 2010
According to an Associated Press report, the director of the National Security Agency told Congress the U.S. should respond in force to computer-based attacks -- even when the attacker is not known. Is that possible, and is it a good idea?He also suggested the option of preemptive cyber offensives: "Lt. Gen. Keith Alexander, who is the Obama administration's nominee to take on additional duties as head of the new Cyber Command, also said the U.S. should not be deterred from taking action against countries such as Iran and North Korea just because they might launch cyberattacks." Whether a country should respond to computer attacks is a question for policy makers and diplomats -- not unlike any other decision to employ force on behalf of a nation. A much more important question is what he means when he says a counterattack should be launched even when the offender isn't known.
The nature of information warfare (or cyberwarfare, if you prefer) is that you may know who your rivals or enemies are, but have no actual idea who is attacking you. An attacker can hide behind the Internet's inherent anonymity or even pretend to be someone else entirely.
Before launching an attack, we may want to know where to aim it, which requires intelligence.
"In cyberspace, he said, it is difficult to deliver an effective response if the attacker's identity is not known."
But commanders have clear rights to self-defense, he said. He added that while "this right has not been specifically established by legal precedent to apply to attacks in cyberspace, it is reasonable to assume that returning fire in cyberspace, as long as it complied with law of war principles ... would be lawful."
Senators noted, in their questions, that police officers don't have to know the identity of a shooter in order to shoot back. In cyberspace, the U.S. may be able to counter a threat, rebuff an electronic probe or disable a malicious network without knowing who is behind the attack.
The senators' analogy is a false one. When shooting back at a mugger, even if you don't know him, you are likely to hit your attacker.
On the Internet, when you shoot back you are likely to hit an innocent bystander, with a lot of collateral damage to boot.
I believe what Gen. Alexander was referring to is the legal ability to both:
1. Shoot back when the identity is in fact known.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
The Burnout Breach: How employee burnout is emerging as the next frontier in cybersecurity
Selling Breaches: The Transfer of Enterprise Network Access on Criminal Forums
Building Immunity: The 2021 Healthcare and Pharmaceutical Industry Cyber Threat Landscape Report