Pentagon: Hack attacks can be act of war

Military response possible


For the first time, the Pentagon has formally concluded that computer sabotage carried out by another nation can constitute an act of war that warrants a response of traditional military force, according to published media reports.

The determination, included in the Pentagon's first ever “formal cyber strategy,” represents an attempt to address the growing reliance on computers and computer networks by military and civilians alike, according to The Wall Street Journal, which first reported on the circulation of the 30-page classified document. The policy is in part intended to act as a deterrent by showing other countries there could be serious consequences for attacks that target gas pipelines, military networks and other infrastructure considered critical to national security.

“If you shut down our power grid, maybe we will put a missile down one of your smokestacks,” the WSJ quoted an unnamed military official as saying.

According to NBC News, not every attack would lead to military retaliation. To qualify, hacks would have to be carry the same kinds of threats to American lives, commerce, or infrastructure as traditional military attacks. And even then, because it's often impossible to detect the true origins of so-called cyber attacks, commanders would have to present indisputable evidence that a particular country was behind a specific incident.

One idea under consideration is known as “equivalence.” It holds that a computer attack that results in the same level of death, destruction or high-level disruption produced in a traditional military attack could be grounds for “use of force,” under established military doctrines.

Earlier this month, the Obama administration released its own policy that put the world on notice that hack attacks directed against US assets might be met with military action.

The reports come as a UK military official admitted his country is developing a toolbox of offensive hacking weapons that could be used against other countries. A few days earlier, China admitted that it has poured huge amounts of resources into an elite hacking team dubbed the Blue Army. ®

Similar topics

Broader topics


Other stories you might like

  • Israeli air raid sirens triggered in possible cyberattack
    Source remains unclear, plenty suspect Iran

    Air raid sirens sounded for over an hour in parts of Jerusalem and southern Israel on Sunday evening – but bombs never fell, leading some to blame Iran for compromising the alarms. 

    While the perpetrator remains unclear, Israel's National Cyber Directorate did say in a tweet that it suspected a cyberattack because the air raid sirens activated were municipality-owned public address systems, not Israel Defense Force alarms as originally believed. Sirens also sounded in the Red Sea port town of Eilat. 

    Netizens on social media and Israeli news sites pointed the finger at Iran, though a diplomatic source interviewed by the Jerusalem Post said there was no certainty Tehran was behind the attack. The source also said Israel faces cyberattacks regularly, and downplayed the significance of the incident. 

    Continue reading
  • Hackers weigh in on programming languages of choice
    Small, self-described sample, sure. But results show shifts over time

    Never mind what enterprise programmers are trained to do, a self-defined set of hackers has its own programming language zeitgeist, one that apparently changes with the wind, at least according to the relatively small set surveyed.

    Members of Europe's Chaos Computer Club, which calls itself "Europe's largest association of hackers" were part of a pool for German researchers to poll. The goal of the study was to discover what tools and languages hackers prefer, a mission that sparked some unexpected results.

    The researchers were interested in understanding what languages self-described hackers use, and also asked about OS and IDE choice, whether or not an individual considered their choice important for hacking and how much experience they had as a programmer and hacker.

    Continue reading
  • Stolen-data market RaidForums taken down in domain seizure
    Suspected admin who went by 'Omnipotent' awaits UK decision on extradition to US

    After at least six years of peddling pilfered personal information, the infamous stolen-data market RaidForums has been shut down following the arrest of suspected founder and admin Diogo Santos Coelho in the UK earlier this year.

    Coelho, 21, who allegedly used the mistaken moniker "Omnipotent" among others, according to the US indictment unsealed on Monday in the Eastern District of Virginia, is currently awaiting the outcome of UK legal proceedings to extradite him to the United States.

    The six-count US indictment [PDF] charges Coelho with conspiracy, access device fraud, and aggravated identity theft following from his alleged activities as the chief administrator of RaidForums, an online market for compromised or stolen databases containing personal and financial information.

    Continue reading

Biting the hand that feeds IT © 1998–2022