(Reuters) - The U.S. military now has a legal framework to cover offensive operations in cyberspace, the commander of the U.S. Strategic Command said Wednesday, less than a month after terming this a work in progress.
“I do not believe that we need new explicit authorities to conduct offensive operations of any kind,” Air Force General Robert Kehler said in the latest sign of quickening U.S. military preparations for possible cyber warfare.
“I do not think there is any issue about authority to conduct operations,” he added, referring to the legal framework.
But he said the military was still working its way through cyber warfare rules of engagement that lie beyond “area of hostilities,” or battle zones, for which they have been approved.
The Strategic Command is responsible for U.S. operations in space and cyberspace. The U.S. Cyber Command, a sub-command, began operating in May 2010 as military doctrine, legal authorities and rules of engagement were still being worked out for what the military calls the newest potential battle “domain.”
The Defense Department, in a report made public Tuesday, ratcheted up its warnings, saying the United States reserves the right to retaliate with military force against a cyber attack and is boosting its ability to pinpoint network intruders.
“When warranted, we will respond to hostile attacks in cyberspace as we would to any other threat to our country,” the Pentagon said in a report mandated by Congress.
“We reserve the right to use all necessary means - diplomatic, informational, military and economic - to defend our nation, our allies, our partners and our interests.”
Kehler, in Wednesday’s teleconference, equated offensive action in cyberspace with operations on the ground, air, sea and space in that any offensive action would be carried out under orders of the president as commander-in-chief.
As recently as October 18, Kehler had told reporters that the military was still looking at “what kinds of options would we want to be able to offer” policymakers for cyber warfare.
Deliberations on military doctrine and legal framework are “ongoing,” Kehler said at the time. “I would say it’s not completed.”
On Wednesday, he said the military was learning daily from its operations in cyberspace.
“I think we all wish we were going faster, but we have made progress, we have a number of rules of engagement in place,” he said from Omaha, Nebraska, where Strategic Command was hosting a cyber and space conference.
The Pentagon’s advanced research arm said earlier this month that it is stepping up efforts to build a cyber arsenal for “more and better options” to meet computer-driven threats to a growing range of industrial and other systems that are vulnerable to cyber penetration.
The Office of the National Counterintelligence Executive, a U.S. intelligence arm, said in a report to Congress last month that China and Russia are using cyber espionage to steal U.S. trade and technology secrets and that they will remain “aggressive” in these efforts.
It defined cyberspace as including the Internet, telecommunications networks, computer systems and embedded processors and controllers in “critical industries.”
The Pentagon, in the report to Congress made public Tuesday, said it was seeking to deter aggression in cyberspace by building stronger defenses and by finding ways to make attackers pay a price.
“Should the ‘deny objectives’ element of deterrence not prove adequate,” the report said, “DoD (Department of Defense) maintains, and is further developing, the ability to respond militarily in cyberspace and in other domains.”