US needs offensive weapons in cyberwar: general

Oct 04, 2012
The United States needs to develop offensive weapons in cyberspace as part of its effort to protect the nation from cyber attacks, General Keith Alexander, director of the National Security Agency said.

The United States needs to develop offensive weapons in cyberspace as part of its effort to protect the nation from cyber attacks, a senior military official said Thursday.

"If your defense is only to try to block attacks you can never be successful," General Keith Alexander, director of the and commander of the US Cyber Command, told a Washington symposium.

"At times, the government has to look at what you have to do to stop an attack—stop it before it happens. Part of our defense has to consider offensive measures."

Alexander, who spoke at a cybersecurity summit sponsored by the , said any offensive cyber action would need to follow rules of engagement similar to those in other military situations.

"We have to have a discussion on this," he said.

Alexander's comments come as the US military has started studying various strategies in cyberspace, including offensive weapons.

The has begun studying building a platform for offensive capabilities in cyberspace and has called for participation from academic and industry experts.

The US government has stopped short of confirming involvement in such as the Flame and Stuxnet viruses that have targeted Iran, but many analysts say there is evidence of US or Israeli involvement.

Explore further: Twitpic to stay alive with new owner

add to favorites email to friend print save as pdf

Related Stories

Pentagon looks for weapons to wage cyber warfare

Nov 07, 2011

The Pentagon's researchers plan to bolster their efforts to create offensive weapons for use in cyber warfare, reflecting a growing concern over digital threats, US officials said Monday.

US, Iran dig in for long cyber war

Jun 02, 2012

The United States and Iran are locked in a long-running cyber war that appears to be escalating amid a stalemate over Tehran's disputed nuclear program.

US weighed cyber attack in Libya war: officials

Oct 19, 2011

The United States weighed launching a cyber-attack to disrupt Libyan air defenses before the start of an air campaign against Moamer Kadhafi's forces, officials said Tuesday.

US reviewing ways to fight cyber attacks: general

Sep 24, 2010

The White House is looking at boosting the authority of the US military and other agencies to protect the country's infrastructure from possible cyber attack, a top general said Thursday.

Iran 'mobilizing' for cyberwar with West: experts

Apr 26, 2012

Iran is busy acquiring the technical know-how to launch a potentially crippling cyber-attack on the United States and its allies, experts told a congressional hearing on Thursday, urging the US to step up ...

Recommended for you

Facebook dressed down over 'real names' policy

Sep 17, 2014

Facebook says it temporarily restored hundreds of deleted profiles of self-described drag queens and others, but declined to change a policy requiring account holders to use their real names rather than drag names such as ...

Yelp to pay US fine for child privacy violation

Sep 17, 2014

Online ratings operator Yelp agreed to pay $450,000 to settle US charges that it illegally collected data on children, in violation of privacy laws, officials said Wednesday.

User comments : 13

Adjust slider to filter visible comments by rank

Display comments: newest first

Aloken
3.5 / 5 (4) Oct 04, 2012
So I guess stuxnet and flame don't count as weapons, better build a whole new platform.
cantdrive85
1.4 / 5 (10) Oct 04, 2012
You're assuming the US created those weapons, however, evidence points to the real terror nation situated on the east coast of the Mediterranean.
antialias_physorg
5 / 5 (1) Oct 04, 2012
"If your defense is only to try to block attacks you can never be successful,"

Successful in what? Escalating cyber-warfare into a hot war?

I don't think he understands how cyberattacks work: They're carried out via proxies. So any 'retaliatory attack' just fries the computer of some unsuspecting shlob whose computer has been compromised and enslaved by the attacker.
kochevnik
3.9 / 5 (7) Oct 04, 2012
USA always wants to militarize everything. Fuck them.
VendicarD
2.3 / 5 (6) Oct 05, 2012
Another fine example of why all good people should work to destroy the sick and immoral American State.

America is an international Cancer.

kochevnik
2.2 / 5 (10) Oct 05, 2012
Another fine example of why all good people should work to destroy the sick and immoral American State.

America is an international Cancer.

Not America the country, VendicarD. American people are just brainwashed cogs caught in the machine. The once great US government, founded on opium and slavery, is now owned and operated by the Rothschilds bankster cartel. US impoverishes nations by policing and murdering for the bankster corporates and forces liquidation of natural resources to loansharks for debts impossible to pay. Those debts were incurred by US-installed puppets. Europe does this too, but apparently the US military wants to take it up a level in virgin territories like cyberspace and America itself.

The world is sick with several cancers. The UN wants to establis governance, and wants to tax all citizens of the planet. The banksters have multiple prongs in their fork to enslave and indebt humanity. US and UN bantering gives temporary respite.
Trenchant
1.8 / 5 (5) Oct 05, 2012
"but many analysts say there is evidence of US or Israeli involvement."

Inflammatory, non-referenced, garbage. This author has no credibility with such poor skills. What analysts? What evidence? Is it US or is it Israel? A rag news author on a scientific website.
bear_dressed_as_a_monkey
1 / 5 (4) Oct 05, 2012
... how cyberattacks work: They're carried out via proxies. So any 'retaliatory attack' just fries the computer of some unsuspecting shlob whose computer has been compromised and enslaved by the attacker.

Once these attack capabilities were officially stamped as valid military weapons, I imagine government owned facilities to launch and control them would be built. Park trucks carrying temporary micro data centers around the world, and run virtualized bot-nets. No need to rely on infected privately-owned hosts; you'd have a scalable, on-demand network of hosts running custom tools (it would no longer technically be malware).
In that scenario there would still be butt-loads of routing and address manipulation needed to keep bot-the net from being blocked by the targets, but you get the idea. That's just for the DDOS-type of attacks.
For deploying SCADA-killing or data-stealing attacks, yeah still lots of collateral damage.
VendicarD
5 / 5 (2) Oct 05, 2012
"What Stuxnet's Exposure As An American Weapon Means For Cyberwar" -

http://www.forbes...yberwar/

Stuxnet malware that has fascinated cybersecurity researchers since it was discovered in the fall of 2010 was in fact built by U.S. and Israeli government agencies and deployed to disrupt Iranian nuclear enrichment facilities.
Moebius
not rated yet Oct 07, 2012
We have the weapons, just not the will to use them. Seal Team 6, guns and shoot-to-kill orders. They do way more harm than a horde of Bin Ladens.
SteveL
not rated yet Oct 07, 2012
Does anyone really think America and other technically advanced nations such as the UK, France, Germany, Russia, China, Israel and others don't have offensive cyber warfare tools? The risk of having an aggressive countries' own networks, infrastructure and economy shut down is simply a new tool of the MAD (Mutual Assured Destruction) battle chest.
julianpenrod
2.3 / 5 (3) Oct 07, 2012
A crucial point to make clear is that in many, if not most, other areas of life, the government maintains a secret structure of operations of which a majority of people are unaware, surveillance at home, protective measures, programs to disrupt others. But the computer is open game to those who have a significant familiarity with programming languages and software. The information that can jeopardize the entire nation is allowed to be available to what used to be called misfits who frequent computer fairs and blogs! What used to be called "computer nerds", which greatly ignored their potential or actual threat, regularly trade information with similar "techies" at major computer related firms! It is not implausible that they have a grand scam at work, anonymously endangering systems, offering ways to "improve" systems to protect them, and building unseen weaknesses into the new systems! And the government doesn't care! Beceause it's all a swindle!
julianpenrod
2.3 / 5 (3) Oct 07, 2012
I suggested a number of times that a way around this was to, among other things, build systems with a mirror system that would implement the uncertain software a random number of times before it was used in the actual system. If the mirror system began behaving abnormally, the new software would be tagged. To an extent, requiring all new elements entering a system be authorized, so that nothing can sneak by, can be helpful. Also requiring the source code for a piece of software when the software is downloaded, and feeding that into a program that analyzes step by step what the new software will do can be helpful