The US has made a landmark decision in the online world, by declaring cyber attacks against government systems to be considered an act of war; opening up for the use of force against those that perpetrate such attacks. This could make for interesting viewing, with China’s occasional attacks against US businesses and facilities making things rather strenuous already.
The decision was jointly made by the Pentagon and central command for the U.S. Armed Forces, making this the first step into real digital warfare predicted in many a science fiction novel. It will be interesting to see if long time allies of the US follow suit soon after, or at least consider similar measures.
This change in policy is likely to have been spearheaded because of several high profile data leaks and cyber probes by domestic and foreign threats. There was the wikileaks data leak, the sale of military flash drives, a 2008 infection of US systems in Iraq and the breach of Lockheed Martin’s servers several times.
The key part of this legislation is in what conditions could the use of force be sanctioned against an agressor. It’s been laid out in terms of equivalency. If the cyber attack causes damage similar to that of a physical attack – in terms of shutting down systems or facilities – then it would be considered necessary and applicable to respond in force.
Charles Dunlap, a retired Air Force Major General and professor at Duke University law school comments; “A cyber attack is governed by basically the same rules as any other kind of attack if the effects of it are essentially the same.”
The report also takes into consideration international law when it comes to warfare, and applies the same terms to cyber attacks. Just as certain actions would be considered above and beyond acceptable actions during war, the same must be said for digital attacks.