Yesterday, the Director of the NSA, Lt. Gen. Keith Alexander, now the Presidential nominee to head the new Cyber Command, stated that we should be allowed to counter cyber attacks if we can determine the attacker. Alexander mentioned the US has already responded to attacks but did not comment on the strength of the response. He informed Congress there was no data as to whether or not the response was a useful deterrent. Alexander stated that we have a clear right to self-defense. He believes that a counter cyber attack should necessitate authorization by the President and conform to international law as well as guiding military principles.
The Geneva Convention states that only infrastructure used to support the military should be engaged, possibly ruling out widespread attacks on critical infrastructure. Some military bases have their own power and water systems, does this mean we would be allowed to attack those and who would be the best at attacking them. I know people often marvel at NSA’s ability to hack systems. I’ve dealt with some of their people and while they were good, I don’t believe they are as special as we make them out to be, nor do they have much hands on experience with control system. If I had to guess who they would choose, I think they would start with INL and vendors.
I have a couple questions for our community. First, do you think the government would ask any of us in the private ICS security arena to assist in an attack? Second, if asked do you think you would assist? I understand it is unlikely to happen but it is an interesting question, even to ask oneself. In case you are wondering, I am not polling on behalf of the government. Of course, if I was polling at their behest, I would probably have to deny it.