Offensive cyber operationsPentagon mulls “byte for a byte” cyber retaliatory operations

Published 24 November 2014

Much has been made of the phrase “an eye for an eye” throughout history, and it is beginning to appear that the oft-used motto will extend to the new fields of cyber warfare as well.This “approach is something our adversaries will readily understand,” one analyst writes. “If they escalate, we escalate. They know they will lose because we have far more cyber resources to draw on than they have, and we can cause real harm if they mess with us.”

Much has been made of the phrase “an eye for an eye” throughout history, and it is beginning to appear that the oft-used motto will extend to the new fields of cyber warfare as well.

As theHuffington Post reports, the U.S. Department of Defense has been preparing for certain contingencies, involvinga major cyberattack on the United States, with what is called “Plan X” – showing that that the Pentagon is viewing cyberattacks as an increasingly more realistic threat.

The details of Plan X are secret, but the sense is that the United States is not only becoming increasingly worried about such threats, but that it also anticipates the need for cyber countermeasures.

“For the past decade the U.S. has tolerated cyber attacks on the critical infrastructure,” writes Rebecca Abrahams writes in the Post. “Government agencies have tried to help private sector companies and organizations, but that’s done little to stem the assault on critical infrastructure. In fact, securing computer networks is an uphill battle.”

Abrahams adds the America’s decades-long reliance on Chinese-made computer components is also a problem. Commercial off-the-shelf systems (COTS) and other hardware such as USB flash drives, motherboards, and mobile phones all offer avenues for hacking, surveillance, and theft built into the very devices themselves.

Further, much of the problem has come down to attitude.

“There is a prevailing attitude in American, even at the highest level, that security vulnerabilities are not too big a concern. That is why some of our top officials don’t hesitate to use compromised smartphones for sensitive conversations…Spyware can migrate rapidly into sensitive and classified networks and give an adversary control over virtually all government and industrial transactions. Even worse, it gives the adversary the know how to compromise or destroy any network at will,” writes Abrahams.

All this leaves the United States with a need of a comprehensive strategy. Abrahams proffers that the country should move out of its current passive phase when it comes to cyber policy, and into something much more proactive.

Her solution?

“A byte for a byte,” meaning that if foreign hackers target a U.S. infrastructure, organizations, or institution, they can expect a similar response in turn.

“[This] approach is something our adversaries will readily understand,” she wrote. “If they escalate, we escalate. They know they will lose because we have far more cyber resources to draw on than they have, and we can cause real harm if they mess with us.”