Thu, Apr 15, 2010 - Page 7 News List

NSA asserts right to return cyber attacks

ESCALATIONObama’s pick for head of Cyber Command said US military networks are a ‘strategic vulnerability’ and that ensuring their safety would be a great challenge


The US must fire back against cyber attacks swiftly and strongly and should act to counter or disable a threat even when the identity of the attacker is unknown, the director of the National Security Agency (NSA) has told Congress.

Lieutenant-General Keith Alexander, who is the the administration of US President Barack Obama’s nominee to take on additional duties as head of the new Cyber Command, also said the US should not be deterred from taking action against countries such as Iran and North Korea just because they might launch a cyber attack.

“Even with the clear understanding that we could experience damage to our infrastructure, we must be prepared to fight through in the worst case scenario,” Alexander said in a Senate document.

Alexander’s answers reflect the murky nature of the Internet and the escalating threat of cyber terrorism, which defies borders, operates at the speed of light and can provide deep cover for assailants who can launch disruptive attacks from continents away using networks of innocent computers.

The three-star army general laid out his views on Cyber Command and the military’s role in protecting computer networks in a 32-page Senate questionnaire. He answered the questions in preparation for a Senate Armed Services Committee hearing on Thursday on his nomination to head Cyber Command.

US computer networks are under constant attack, and Obama last year declared that the cyber threat is one of the nation’s most serious economic and national security challenges.

Alexander offered a limited, but rare description of offensive US cyber activities, saying the US has “responded to threats, intrusions and even attacks against us in cyberspace,” and has conducted exercises and war games.

It’s unclear, Alexander added, whether those actions have deterred criminals, terrorists or nations.

In cyberspace, it is difficult to deliver an effective response if the attacker’s identity is unknown.

But commanders have clear rights to self-defense, he said. He added that while “this right has not been specifically established by legal precedent to apply to attacks in ­cyberspace, it is reasonable to assume that returning fire in cyberspace, as long as it complied with law of war ... would be lawful.”

Senators noted, in their questions, that police officers don’t have to know the identity of a shooter in order to shoot back. In cyberspace, the US may be able to counter a threat, rebuff an electronic probe or disable a malicious network without knowing who is behind the attack.

The nation’s ability to protect its networks and launch counterattacks, however, is shrouded in secrecy. Alexander gave the panel a separate classified attachment that provided more details on how and when the military would launch cyber attacks and under what legal and command authorities.

Among the classified responses was his answer to whether the US should first ask another government to deal with a cyber attack that came from within its borders.

He repeatedly stressed that any US response to a cyber attack must be authorized by the president and must conform to international law and guiding military principles. Those guidelines require the reaction be deemed militarily necessary and in proportion to the attack.

Noting that there is no international consensus on the definition of use of force, in or out of cyberspace, he said that uncertainty creates the potential for disagreements among nations.

Comments will be moderated. Keep comments relevant to the article. Remarks containing abusive and obscene language, personal attacks of any kind or promotion will be removed and the user banned. Final decision will be at the discretion of the Taipei Times.

TOP top