Director of National Intelligence Dennis Blair offered a cerebral evaluation of the current state of cyberspace to the Senate Select Committee on Intelligence Tuesday.
In so many words, Blair's testimony highlighted a question the intelligence community, the Defense Department, the White House and Congress have to answer: When is a cyber attack an act of war?
"Malicious cyber activity is occurring on an unprecedented scale with extraordinary sophistication," Blair told the committee. "While both the threats and technologies associated with cyberspace are dynamic, the existing balance in network technology favors malicious actors, and is likely to continue to do so for the foreseeable future. Sensitive information is stolen daily from both government and private sector networks, undermining confidence in our information systems, and in the very information these systems were intended to convey."
The government routinely finds "persistent, unauthorized, and at times, unattributable presences on exploited networks, the hallmark of an unknown adversary intending to do far more than merely demonstrate skill or mock a vulnerability. We cannot be certain that our cyberspace infrastructure will remain available and reliable during a time of crisis."
While Blair did not specifically mention cyber war or the government's offensive capabilities, he says the intelligence community is "integrating cybersecurity with counterintelligence and improving their ability to understand, detect, attribute and counter the full range of threats."
Jim Lewis, a senior fellow at the Center for Strategic and International Studies, says the term cyber war is "squishy."
"Is spying or espionage an act of war?" he asked recently at the State of the Net Conference in Washington. "I think there is an implicit threshold of what constitutes an act of war and most countries have been careful not to cross it."
It's that lack of clarity around what constitutes war is one reason Sen. Dianne Feinstein, chairwoman of the Senate Select Committee on Intelligence, called for an international cyberspace treaty.
"My belief and those of others are that certain nations represent certain cyber attack threats to our country and diplomatic efforts need to be made," Feinstein says. "Time has come to look at the value of a cyber treaty built on mutual assurances of behavior."
Feinstein says the country needs an overarching cyberspace strategy as well.
The committee's cyber task force may offer some recommendations on both of these topics in its upcoming report. Feinstein says the task force could submit ideas to the committee in a month or two.
Lewis offers some ideas of how a cyber attack could cross the threshold into an act of war. He says these include:
- Attacks on critical services;
- The creation of greater uncertainty, such as hacking military systems to give your opponent an advantage;
- Attacks that have kinetic effects, such as the Aurora test that showed how hacking into the network of an electric power plant can cause physical damage.
"We are in the stages before warfare," he says. "We are in the stages where people are poking around. They are trying to figure out what are the rules, the thresholds, and what the other guys are up to."
Greg Nojeim, director for the Project on Freedom, Security and Technology at the Center for Democracy and Technology, says the rules of conventional war should apply to cyber war.
Nojeim says attacks should be focused on military targets and should be proportional responsive to the reason an attack was deemed necessary.
Lewis adds that sometimes a good offense can be a key to a good defense.
"We've built a strong offensive capability, how do we use it to gain some defensive advantage?" he asks. "That is a crucial problem for the U.S. It doesn't make any sense to have one of the world's best defensive capabilities, but we are not going to use it to defend ourselves. It would not only be wasteful, but damaging."
SOURCE: http://www.federalnewsradio.com
