WASHINGTON, DC, USA, MAY 31, 2011—The U.S. military is prepared to use physical attacks in response to cyberattacks, the U.S. Department of Defense said Tuesday (May 31).
The agency, preparing its first cyberspace strategy, is prepared to defend U.S. national security through "all available means," a DOD spokeswoman said.
The Wall Street Journal reported Tuesday that the DOD's Defense Strategy for Operating in Cyberspace, due to be released within the next month, will conclude that physical attacks may be justified in response to cyberattacks on U.S. targets.
The DOD is prepared to "conduct the full spectrum of cyberspace operations" in response to a cyberattack, but the agency's potential response is not limited to cybermeasures, the spokeswoman said. "All appropriate options would be on the table," as they would be in response to a physical attack, she said.
The DOD's policy seems to be in line with President Barack Obama's International Strategy for Cyberspace, released in early May. Military options were among several potential responses to cyberattack that the White House said the government will consider.
"When warranted, the United States will respond to hostile acts in cyberspace as we would to any other threat to our country," the White House document said. "We will exhaust all options before military force whenever we can; will carefully weigh the costs and risks of action against the costs of inaction; and will act in a way that reflects our values and strengthens our legitimacy, seeking broad international support whenever possible."
It is vital for the U.S. to have the capability to deter cyberattacks, said Danny McPherson, chief security officer at VeriSign.
"You want people to know that there will be consequences if they attack key infrastructure," he said. "I think it is really important to have policies that say that we are absolutely going to respond and we will protect [cyberassets] like we protect our physical infrastructure."
The biggest challenge to implementing such a strategy is pinpointing the source of attacks, he said. "Once you get over that hurdle it becomes easier to say we are going to seek heavy retribution," he said.
Sign up for CIO Asia eNewsletters.