Rosenzweig said there are existing rules, "and they fit pretty well. Writing new rules opens up a can of worms. Who defines them? How are they verified, etc."
But the issue is definitely on the table, according to Marc Zwillinger. "There has been a lot of time spent by the military and thought leaders on how cyber attacks fit with the rules of engagement."
Beyond that are concerns about cyber weapons getting into the wild, out of a nation's control, and perhaps being used against it. "What would happen if we lost control of these systems? Could "the machine" that defends us become our enemy?"
Rosenzweig agrees that the risk is real. "It is nice to have offensive capability as a deterrent to attack, but as the most wired country in the world, we are also the most vulnerable to attack whether deliberate or inadvertent blowback," he said.
Zwillinger said the danger is similar to that of conventional weapons. "Even precise weaponry like predator drones can cause collateral damage," he said. "Just like other weapons, cyberweapons have to be designed and deployed to minimize that damage."
Both say cyberweapons will be a major element in the future of warfare, but will not supplant conventional weapons.
"Putting a virus into the enemy systems can be like putting sugar in the gas tank of the trucks in a convoy, or decrypting coded communications," Zwillinger said. "This is just a more modern version of the same thing.
"But traditional munitions and communications are never going away. Many of us keep copper wired phones in our homes, because in the event of a power outage, Verizon FIOS stops working, and our cell batteries will ultimately die, but low-voltage phone lines will still work," he said. "If we know, and the enemy knows that all computer-controlled weaponry and communications can be vulnerable to cyber attack, we'd all be foolish to only have those kinds of weapons."
Sign up for CIO Asia eNewsletters.