U.S. Military Grapples With Cyber Warfare Rules
Reuters, Monday 8 November 1999 12:53 AM ET
WASHINGTON (Reuters) - The Defense Department last spring considered hacking into Serbian computer networks to disrupt military operations and basic civilian services, the Washington Post reported Monday.
But the Pentagon refrained from doing so because of continuing uncertainties and limitations surrounding the emerging field of "cyber warfare," the Post reported, quoting senior defense officials.
"We went through the drill of figuring out how we would do some of these cyber things if we were to do them," one senior military officer told the Post. "But we never went ahead with any."
As computers revolutionize many aspects of life, military officials have stepped up development of cyber weapons, suggesting soldiers at computer terminals could invade foreign networks to shut down electrical facilities, interrupt telephone service, crash trains and disrupt financial systems.
But midway through the war with Yugoslavia, the Defense Department's top legal office issued guidelines warning that misuse of cyber attacks could subject U.S. authorities to war crimes charges, according to the Post report.
It advised commanders to apply the same "law of war" principles to computer attacks that they do to the use of bombs and missiles, the Post said. These call for hitting targets that are of military necessity only, minimizing collateral damage and avoiding indiscriminate attacks.
The Post quoted defense officials as saying that concern about legalities was only one of the reasons U.S. authorities decided not to hack into Serbia's computer systems.
Other reasons included the untested or embryonic state of the U.S. cyber arsenal and the rudimentary or decentralized nature of some Yugoslav systems, which officials said did not lend themselves to computer assault.
U.S. forces did target some computers that controlled the Yugoslav air defense system, according to the Post. But the attacks were launched from electronic jamming aircraft rather than over computer networks from ground-based U.S. keyboards.
No plan for a cyber attack on Yugoslav computer networks ever reached the stage of a formal legal assessment, the Post said, quoting defense officials familiar with the planning.
Fifty pages of guidelines drafted by the Pentagon general counsel's office instructed commanders to be wary of targeting institutions that are essentially civilian, such as banking systems, stock exchanges and universities, even though cyber weapons now may provide the ability to do so bloodlessly.
The Post said other U.S. government agencies have sided with the Pentagon view that existing law and international accords are sufficient to govern information warfare. But Russia is challenging this view.
Over the past year, Moscow has tried to gather support for a United Nations resolution calling for new international guidelines and the banning of particularly dangerous information weapons.
In a formal response rejecting the Russian proposal, the Clinton administration said any attempt now to draft overarching principles on information warfare would be premature, the Post said.