The Pentagon has officially declared that cyber attacks on US computer systems, networks and infrastructures can constitute an “act of war,” reports the Wall Street Journal. This means that if another country hacks US-run digital properties, traditional military force could be used in retaliation.
The decision is part of the federal government’s first formal strategy against cyber threats. More details about the strategy will emerge sometime next month, when unclassified portions of the plan are released to the public.
Following a breach of a US military computer system in 2008, the Pentagon has been on a mission to form an official response to cyber threats, which could affect everything from subway systems to nuclear reactors. The computer network at the Pentagon itself was recently under siege. And just this weekend, defense contractor Lockheed Martin admitted that its systems had been hacked.
By making it public that cyber attacks could instigate a traditional attack by the US military, with bombs and guns, the Pentagon hopes to deter possible attackers. Or, as one military official succinctly put it: “If you shut down our power grid, maybe we will put a missile down one of your smokestacks.”
It is not yet clear, however, what type of cyber attack would justify the use of military force. One policy that is reportedly gaining popularity is that of “equivalence,” a sort of eye-for-an-eye strategy through which “use of force” would only be employed if the cyber attack also caused death, or significant damage, disruption or destruction.
The new strategy is not without its inherent complications. For instance, it can often be difficult to know for sure who waged a cyber attack, which makes the use of force far more risky, politically speaking. Among the many questions stirred by the new strategy is how the US would respond to an attack that originates from non-governmental entities, i.e. cyber-terrorists, or hackers otherwise independent of a particular government. (Of course, we all know how the US responds when an “act of war” is launched by an analog terrorist.)
Regardless of the current details, the need for a cyber attack strategy is obvious. According to the military personnel who have seen the Pentagon’s strategy in its entirety, the rules laid out will abide by the standard Laws of Armed Conflict, and mesh with the strategies of international allies.
