By Kevin Coleman
Defense Tech Cyber Warfare Analyst
Cyber Command says they’re developing a wide range of cyber weapons to provide all options when it comes to offensive and defensive retaliation in the cyber domain. These capabilities include tools that would allow U.S. cyber forces to deceive, deny, disrupt, degrade, and destroy information and information systems and more!
All these capabilities are necessary. But, the biggest challenge Cyber Command, and the rest of those working in cyber security and warfare and intelligence face, is the ability to attribute acts of cyber aggression back to the real originating source.
General Keith Alexander, head of U.S. Cyber Command said, “We have to have offensive capabilities, to, in real time, shut down somebody trying to attack us.’’
In a recent cyber warfare working group, I was involved in a conversation with several lawyers. They were all quick to point out the absence of case law that is frequently used for framing decisions, and retaliatory actions is basically non-existent when it comes to the cyber domain. The debate continued about what evidence would be required and in what form the evidence would have to exist before military leaders or the White House would feel comfortable enough to initiate an aggressive response (cyber or conventional).
One individual felt the current state of attribution capabilities fell far short of what is needed before action could be taken. If that is true, what should be done?