informa
Commentary

NSA Director On The Cyber-Counterattack

According to an Associated Press report, the director of the National Security Agency told Congress the U.S. should respond in force to computer-based attacks -- even when the attacker is not known. Is that possible, and is it a good idea?
According to an Associated Press report, the director of the National Security Agency told Congress the U.S. should respond in force to computer-based attacks -- even when the attacker is not known. Is that possible, and is it a good idea?He also suggested the option of preemptive cyber offensives:

Lt. Gen. Keith Alexander, who is the Obama administration's nominee to take on additional duties as head of the new Cyber Command, also said the U.S. should not be deterred from taking action against countries such as Iran and North Korea just because they might launch cyberattacks.
Whether a country should respond to computer attacks is a question for policy makers and diplomats -- not unlike any other decision to employ force on behalf of a nation. A much more important question is what he means when he says a counterattack should be launched even when the offender isn't known.

The nature of information warfare (or cyberwarfare, if you prefer) is that you may know who your rivals or enemies are, but have no actual idea who is attacking you. An attacker can hide behind the Internet's inherent anonymity or even pretend to be someone else entirely.

Before launching an attack, we may want to know where to aim it, which requires intelligence.


"In cyberspace, he said, it is difficult to deliver an effective response if the attacker's identity is not known."

But commanders have clear rights to self-defense, he said. He added that while "this right has not been specifically established by legal precedent to apply to attacks in cyberspace, it is reasonable to assume that returning fire in cyberspace, as long as it complied with law of war principles ... would be lawful."

Senators noted, in their questions, that police officers don't have to know the identity of a shooter in order to shoot back. In cyberspace, the U.S. may be able to counter a threat, rebuff an electronic probe or disable a malicious network without knowing who is behind the attack.

The senators' analogy is a false one. When shooting back at a mugger, even if you don't know him, you are likely to hit your attacker.

On the Internet, when you shoot back you are likely to hit an innocent bystander, with a lot of collateral damage to boot.

I believe what Gen. Alexander was referring to is the legal ability to both:

    1. Shoot back when the identity is in fact known.
Recommended Reading: