The Pentagon has decided that computer-based attacks from a foreign country can be considered acts of war, according to a Wall Street Journal report. The report comes only a few days after top U.S. defense supplier Lockheed Martin was hit by a cyber attack.
As new types of threats consistently emerge in the digital landscape, the U.S. military has to be ready to deal with more sophisticated attacks. Cyber warfare is not covered by the Rules of Armed Conflict, which is based on a series of international treaties like the Geneva Conventions. U.S. military officials said they will use this proposal to come up with a consensus among allies.
The report specifies how cyber attacks would be evaluated:
If a cyber attack produces the death, damage, destruction or high-level disruption that a traditional military attack would cause, then it would be a candidate for a “use of force” consideration, which could merit retaliation.
The proposal will likely cause a debate over the certainty of a cyber attack’s origin and which specific types of a attack would constitute the use of force — issues the Pentagon has not yet addressed.
Frankly, I think the U.S. government and its allies are severely behind the curve on this issue. In 2008, a Pentagon computer network was breached by an attack believed to have originated in Russia. Why this hasn’t been a more pressing issue since that time is baffling to me.
The popular 2007 movie Live Free or Die Hard depicts a group of cyber terrorists attacking U.S. government computers. As silly as the movie is, it’s not hard to imagine a sophisticated group of hackers exploiting weaknesses in U.S. government systems and shutting down important services. Having a defined military response to attacks of this nature is an important step to deterring future attacks.