PerspectiveThe Department of Defense Should Not Wage Cyber War Against Criminal Hackers During the Coronavirus Crisis

Published 30 April 2020

Politicians and pundits in the United States have frequently described the challenge of controlling the COVID pandemic with the language of waging war. Erica D. Borghard writes that given this terminology, it can be tempting to look to the Department of Defense (DOD) to solve problems it was not meant to address. While nefarious actors in cyberspace are seeking to capitalize on scared and vulnerable individuals during the pandemic for criminal gain and national strategic objectives, “any efforts to leverage DOD capabilities in combating these efforts must distinguish between nation-state and criminal activity,” she writes.

Politicians and pundits in the United States have frequently described the challenge of controlling the COVID pandemic with the language of waging war. Erica D. Borghard writes for CFRthat given this terminology, it can be tempting to look to the Department of Defense (DOD) to solve problems it was not meant to address. While nefarious actors in cyberspace are seeking to capitalize on scared and vulnerable individuals during the pandemic for criminal gain and national strategic objectives, “any efforts to leverage DOD capabilities in combating these efforts must distinguish between nation-state and criminal activity,” she writes, adding:.

Recently, a bipartisan group of senators sent a letter [PDF] to the heads of the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency, National Security Agency, and U.S. Cyber Command calling for (among other things) the United States to “evaluate further action to defend forward [PDF] in order to detect and deter” cyber threats to the health-care sector and personnel. The letter was careful to identify threat actors associated with four nation-state adversaries: Russia, China, Iran, and North Korea. This is important because, as defined in Section 1642 of the 2019 National Defense Authorization Act, the DOD can take action as part of traditional military activity to “disrupt, defeat, and deter” cyberattacks from these threat actors.

Unlike defending forward to counter nation-state adversaries, doing so against cybercriminals would be a bad idea for three reasons. First, conducting offensive cyber operations against cybercriminals stretches the concept of defend forward beyond its original intent and dilutes the already limited resources that the DOD and Cyber Command currently have to pursue predefined national security missions in cyberspace.

….

Second, there are obvious civil liberties concerns. What if these criminal actors are U.S. citizens or U.S. persons or entities [PDF]?

….

Third, other government departments and agencies are equipped with the appropriate domestic authorities, capabilities, and international partnerships to pursue coronavirus-related malicious criminal behavior.