CyberwarfarePentagon outlines use of cyber weapons
The Pentagon has developed a list of approved cyber weapons and tools along with parameters for their use; official says the classified list of cyber capabilities has been in use for several months and has been approved by several government agencies; the framework clearly delineates what capabilities can be used, in what circumstances, and when actions need presidential approval; a cyber weapon like Stuxnet can only be used with presidential authorization even if it were to be deployed in a country with which the United States was openly at war
To provide the military with oversight and transparency, senior Pentagon officials have developed a list of approved cyber weapons and tools along with parameters for their use.
According to the Washington Post, a senior military official, who spoke anonymously, said the classified list of cyber capabilities has been in use for several months and has been approved by several government agencies including the CIA.
“So whether it’s a tank, an M-16 or a computer virus, it’s going to follow the same rules so that we can understand how to employ it, when you can use it, when you can’t, what you can and can’t use,” the military official explained.
The official added that the formal integration of cyber technology into the military’s list of approved capabilities is arguably the most significant development in military cyber-doctrine.
The framework clearly delineates what capabilities can be used, in what circumstances, and when actions need presidential approval.
For instance if the military wanted to penetrate a foreign computer network and leave a virus that could be activated later, they would need presidential authorization. But if the military wanted to hack into foreign networks to gather intelligence or leave beacons to mark spots that can later be targeted by viruses, they would not need the approval of the president.
The document was careful to specify that a cyber weapon like Stuxnet, a virus that targets control systems and cause physical damage, could only be used with presidential authorization even if it were to be deployed in a country that the United States was openly at war with.
The framework also noted that the use of cyber-weapons would be proportional to the threat and should not be used to inflict undue collateral damage or civilian casualties.
Military officials created the framework in response to concerns about the complicated nature of using cyber weapons as conditions are constantly changing in cyberspace and targets can include computer servers located in different countries.
The list of approved cyber weapons comes in advance of the Pentagon’s release of a comprehensive cyber-strategy, which seeks to clarify how the United States will respond to cyber attacks.