CyberwarfareU.S. cyberstrikes against adversaries to require presidential authority

Published 6 February 2013

Under a new administration policy, the president would have the authority to order a pre-emptive cyberattack against an adversary if the United States receives credible evidence of a major cyberattack being planned against the country from overseas. So far, the administration is known to have launched a sustained cyberattack only once – against Iran’s uranium enrichment facilities – in an operation code-named Olympic Games.

Under a new administration policy, the president would have the authority to order a pre-emptive cyber attack against an adversary if the United States receives  credible evidence of a major cyber attack being planned against the country from overseas.

Defense Systemsreports that   officials  reviewing the existing powers of the U.S. president when it comes to a cyber attack, have confirmed that authority.  The review is also focusing on how U.S. intelligence agencies can search a computer network outside of the country for evidence on an cyberattack against the United States.

According to one senior official, the cyber attacks the United States could launch are so powerful that they should only be used on direct orders from the president. The rules have been in development for more than two years, and are being completed as the threat of cyber attacks on American companies and infrastructure increases daily.

There is only one known case of president Obama  approving a cyberattack — the series of cyberattacks against Iran’s nuclear enrichment facilities. The attack was carried out by the NSA.

The United States never acknowledged the attack on Iran. Insiders said that  Obama insisted that the cyberattacks on Iran be watered down a bit so that power disruptions and other measures taken to damage Iran’s capacity to enrich uranium would not affect hospitals or power supplies to citizens.

In the past the president has also expressed his concerns that America’s use of cyberattacks could be used by other as justification for attack on the U.S.

When it came to writing in the rules, the repercussions of a pre-emptive strike were specifically analyzed. The most debated part of the legal review was in defining “what constitutes reasonable and proportionate force” when it comes to halting or retaliating against an attack on the United States, according to an official involved in the review.

Cyberattacks in general have increased in recent years, and experts say that the United Statesis extremely vulnerable to a massive coordinated cyberattack.