Pentagon Confirms Military Action Is an Acceptable Response to Cyber-Attacks
title=Identifying the True Cyber-Attackers Remains a Challenge} The Pentagon's team of cyber-security experts are developing defenses that would block adversaries from breaching networks and make attackers pay a price for attacking the network, the report said. In addition to these "deny objectives," the DoD will maintain, and further develop, "the ability to respond militarily in cyber-space and other domains" if the defenses are not adequate, the report said. The report said "all necessary means" could include various electronic attacks or more conventional military tactics. However, the report did not provide any details about the kind of attacks that would qualify for physical retaliation.The use of network proxies and chaining them together would allow attackers to hide their tracks and lead investigators on "wild goose chases that could span the globe," ESET's Camp said. Being able to assign attribution with the "degree of certainty" necessary to support military action would be a "tough test," he said. Improving the attribution capability is "easier said than done," according to Camp. "If a bad actor is bent on causing larger nations to clobber each other (regardless of reason), this would seem to be a low-hanging fruit of the network underworld," Camp wrote. China is often blamed for cyber-attacks. While some of the attacks are launched by Chinese criminals, there are also accusations that the Chinese government or military is backing some of the attacks on the United States. Richard Clarke, former cyber-security czar for President George W. Bush, pulled no punches in a recent speech in Washington, D.C., where he explicitly called out China for conducting cyber-espionage against U.S. companies to benefit its own economic interests. The Office of the National Counterintelligence Executive, a U.S. intelligence arm, said in a report to Congress last month that China and Russia are using cyber-espionage to steal U.S. trade and technology secrets and that they will remain "aggressive" in these efforts. This kind of an aggressive stance may have a "me-too" effect on other nations, Camp said. "One can only wonder if this will usher in a fresh new arms race, this time not governed by the amount of missiles, tanks, ships and planes, but by networks, hackers, bandwidth and street smart young kids to run the whole thing," he wrote.
The challenge facing the United States military is to be able to definitely identify the perpetrators. Before launching a military strike, the army needs to improve its identification capabilities, the report said. The Pentagon is supporting research focused on tracing the physical source of an attack and developing behavior-based algorithms that can identify potential individuals as the attacker, according to the report.