February 4, 2013
In a bit of news that will shock just about no one, the Obama administration did a legal review over what it’s allowed to do in making use of “cyberweapons,” and concluded that it has “broad powers” to do all sorts of stuff. The specifics, of course, will remain classified:
That decision is among several reached in recent months as the administration moves, in the next few weeks, to approve the nation’s first rules for how the military can defend, or retaliate, against a major cyberattack. New policies will also govern how the intelligence agencies can carry out searches of faraway computer networks for signs of potential attacks on the United States and, if the president approves, attack adversaries by injecting them with destructive code – even if there is no declared war.
Comforting, huh? And, by comforting, I mean “terrifying.” While we’ve already talked a few times about the US using “cyber weapons” against Iran (hello Stuxnet, Flame, etc.) this NY Times report suggests that the White House is being freed up to do much more, though one “concession” is that the use of such tools must be approved by the President, rather than allowing various agencies (Defense Department, mainly) to run off and starting attacking others electronically without first getting it approved by the President.