Government needs to define cyber war

Director of National Intelligence Dennis Blair offered a cerebral evaluation of the current state of cyberspace to the Senate Select Committee on Intelligence Tuesday.

In so many words, Blair's testimony highlighted a question the intelligence community, the Defense Department, the White House and Congress have to answer: When is a cyber attack an act of war?

"Malicious cyber activity is occurring on an unprecedented scale with extraordinary sophistication," Blair told the committee. "While both the threats and technologies associated with cyberspace are dynamic, the existing balance in network technology favors malicious actors, and is likely to continue to do so for the foreseeable future. Sensitive information is stolen daily from both government and private sector networks, undermining confidence in our information systems, and in the very information these systems were intended to convey."

He told lawmakers no one's networks - not government's or industry's - are safe.

The government routinely finds "persistent, unauthorized, and at times, unattributable presences on exploited networks, the hallmark of an unknown adversary intending to do far more than merely demonstrate skill or mock a vulnerability. We cannot be certain that our cyberspace infrastructure will remain available and reliable during a time of crisis."

While Blair did not specifically mention cyber war or the government's offensive capabilities, he says the intelligence community is "integrating cybersecurity with counterintelligence and improving their ability to understand, detect, attribute and counter the full range of threats."

Jim Lewis, a senior fellow at the Center for Strategic and International Studies, says the term cyber war is "squishy."

"Is spying or espionage an act of war?" he asked recently at the State of the Net Conference in Washington. "I think there is an implicit threshold of what constitutes an act of war and most countries have been careful not to cross it."

It's that lack of clarity around what constitutes war is one reason Sen. Dianne Feinstein, chairwoman of the Senate Select Committee on Intelligence, called for an international cyberspace treaty.

"My belief and those of others are that certain nations represent certain cyber attack threats to our country and diplomatic efforts need to be made," Feinstein says. "Time has come to look at the value of a cyber treaty built on mutual assurances of behavior."

Feinstein says the country needs an overarching cyberspace strategy as well.

The committee's cyber task force may offer some recommendations on both of these topics in its upcoming report. Feinstein says the task force could submit ideas to the committee in a month or two.

Lewis offers some ideas of how a cyber attack could cross the threshold into an act of war. He says these include:

• Attacks on critical services;
• The creation of greater uncertainty, such as hacking military systems to give your opponent an advantage;
• Attacks that have kinetic effects, such as the Aurora test that showed how hacking into the network of an electric power plant can cause physical damage.

"We are in the stages before warfare," he says. "We are in the stages where people are poking around. They are trying to figure out what are the rules, the thresholds, and what the other guys are up to."

Greg Nojeim, director for the Project on Freedom, Security and Technology at the Center for Democracy and Technology, says the rules of conventional war should apply to cyber war.

Nojeim says attacks should be focused on military targets and should be proportional responsive to the reason an attack was deemed necessary.

But he cautions that there is so much complexity around offensive actions that the real focus should be on defense in the short term.

Lewis adds that sometimes a good offense can be a key to a good defense.

"We've built a strong offensive capability, how do we use it to gain some defensive advantage?" he asks. "That is a crucial problem for the U.S. It doesn't make any sense to have one of the world's best defensive capabilities, but we are not going to use it to defend ourselves. It would not only be wasteful, but damaging."

Many of these questions about thresholds and offensive versus defensive actions will fall to the (Pentagon's cyber command. The new structure still has not achieved initial operating authority and its commander, Lt. Gen. Keith Alexander, continues to await his Senate confirmation hearing.

Lewis says the hearing could happen in March, depending on how well DoD and the Senate answer some tough questions.

"You have two things going on, you've got naturally a little bureaucratic resistance in the Pentagon to creating a new command and a new four-star and that is going to be expected," he says. "I think that feeds into a larger and really appropriate process of asking hard questions: 'What are the authorities this command will operate under?' 'What's the chain for authorization for the use of this command?' 'How does it fit in with the other services?' These are tough questions and I think that's the main hold up is coming up with strong answers to the real issues that come from creating basically a new command from scratch."

(Copyright 2010 by FederalNewsRadio.com. All Rights Reserved.)