Pentagon: computer virus an "act of war", can respond with military force
May 31, 2011 7:43 AM   Subscribe

This won't 100 END well.
posted by eriko at 7:45 AM on May 31, 2011 [11 favorites]

I wish I had an army at beck and call for my computer troubles
posted by infini at 7:47 AM on May 31, 2011 [2 favorites]

The People's Daily would like you to know that "China's cyber squad is for defense".
posted by Trurl at 7:47 AM on May 31, 2011

ooooh matthew broderick is fucked
posted by nathancaswell at 7:48 AM on May 31, 2011 [25 favorites]

I bet there's a lot of dangerous hackers in oil and mineral rich countries.
posted by fleetmouse at 7:48 AM on May 31, 2011 [56 favorites]

I don’t think the Department of Defense is in a position to “conclude” what is or isn’t an “act of war”.
posted by davel at 7:48 AM on May 31, 2011 [35 favorites]

This shouldn't surprise anyone, really. We've been told repeatedly over the past few decades that the next big war will be a cyber war. I think this announcement simply codifies this belief into a plan for response.
posted by Thorzdad at 7:49 AM on May 31, 2011

And here I thought Acts of War were declared by Congress
posted by Blasdelb at 7:51 AM on May 31, 2011 [12 favorites]

Now that they've reached this conclusion, I'm sure they won't object when Iran attacks Israel in self-defense.
posted by Trurl at 7:53 AM on May 31, 2011 [15 favorites]

This isn't a legal ruling of any kind, it's just the DOD saying that in the event of spikes sent they're ready to start dropping bombs. In other news the Pentagon has declared that American is #1
posted by theodolite at 7:53 AM on May 31, 2011 [2 favorites]

Wait, the Pentagon has found a justification for military force being used?!?!?!?!

Color me surprised...
posted by Windopaene at 7:54 AM on May 31, 2011 [2 favorites]

So Stuxnet was an act of war against Iran?
posted by furiousxgeorge at 7:55 AM on May 31, 2011 [7 favorites]

Oh hey look everybody, the DOJ just found another reason to justify blowing shit up! HURRAY!
posted by thsmchnekllsfascists at 7:56 AM on May 31, 2011 [3 favorites]

I was not aware that the US still felt it needed reasons to go to war.
posted by Legomancer at 7:58 AM on May 31, 2011 [20 favorites]

So Stuxnet was an act of war, and Iran can respond with military force?
posted by atheist.zen at 8:02 AM on May 31, 2011 [1 favorite]

I guess Iran can attack over Stuxnet then, eh?
posted by Meatbomb at 8:04 AM on May 31, 2011 [1 favorite]

Anyone mention Stuxnet yet?
posted by desjardins at 8:06 AM on May 31, 2011 [11 favorites]

If this precedent is acceptable, then I guess Israel will get attacked because of Stuxnet.
posted by cashman at 8:06 AM on May 31, 2011 [1 favorite]

Also! Stuxnet!
posted by FatherDagon at 8:07 AM on May 31, 2011 [7 favorites]

I too suspect that goi g to war with China would not be a good idea.
posted by Artw at 8:08 AM on May 31, 2011 [1 favorite]

The DOD should really change their name back to Department of War.
posted by Harpocrates at 8:09 AM on May 31, 2011 [12 favorites]

OK, kneejerk "USMILITARYCOMPLEXLAWLS" reactions aside, can someone explain how cyber attacks on, say, the security systems of another nation aren't acts of war or espionage?

I totally agree that this decision is one that is ripe for abuse--teenage hacker in Germany is now DECLARING WAR ON US!--but shit, given how integrated modern technology is with real-world control of things like missiles I think cyber attacks involving national security kind of should be taken seriously. I'm surprised this policy wasn't already in place.
posted by schroedinger at 8:11 AM on May 31, 2011 [1 favorite]

Does this mean we'll be going to war with every country with some shitty scriptkiddies and botnets slamming us?
posted by yeloson at 8:11 AM on May 31, 2011 [2 favorites]

Blasdelb: And here I thought Acts of War were declared by Congress

It's not about declaring acts of war, but redefining when acts of war can be declared.

The Pentagon's first formal cyber strategy, unclassified portions of which are expected to become public next month, represents an early attempt to grapple with a changing world in which a hacker could pose as significant a threat to U.S. nuclear reactors, subways or pipelines as a hostile country's military.

...

One idea gaining momentum at the Pentagon is the notion of "equivalence." If a cyber attack produces the death, damage, destruction or high-level disruption that a traditional military attack would cause, then it would be a candidate for a "use of force" consideration, which could merit retaliation.
The War on Cyber Attacks

...

For instance, if computer sabotage shut down as much commerce as would a naval blockade, it could be considered an act of war that justifies retaliation, Mr. Lewis said. Gauges would include "death, damage, destruction or a high level of disruption" he said.

Harpocrates: The DOD should really change their name back to Department of War.

The best defense is a good offense?
posted by filthy light thief at 8:12 AM on May 31, 2011 [2 favorites]

Gauges would include "death, damage, destruction or a high level of disruption" he said.

My neighbor's intemperate use of Netflix has highly disrupted my torrent download of the Borgias. This means War.
posted by storybored at 8:19 AM on May 31, 2011 [9 favorites]

Pentagon officials believe the most-sophisticated computer attacks require the resources of a government. For instance, the weapons used in a major technological assault, such as taking down a power grid, would likely have been developed with state support, Pentagon officials say.

Okay, now they're just trolling.
posted by swift at 8:24 AM on May 31, 2011 [3 favorites]

"Talking out of turn? That's a[n act of war].
Lookin' out the window? That's a[n act of war].
Staring at my sandals? That's a[n act of war].
Paddlin' the school canoe? Oh, you better believe that's a[n act of war]."
                                             - Jasper
posted by blue_beetle at 8:26 AM on May 31, 2011 [5 favorites]

Does this mean we'll be going to war with every country with some shitty scriptkiddies and botnets slamming us?

That's why I want my own private 5 sided building and attendant robo soldiers to play with
posted by infini at 8:27 AM on May 31, 2011 [3 favorites]

Don't ask the barber if you need a haircut.
posted by workerant at 8:29 AM on May 31, 2011 [15 favorites]

@swift

They know this because they tried to get private innovators and entrepeneurs to do this without state support, but no dice.

This statement comes from experience. Trolling this is not. Hah.
posted by honeybunny at 8:30 AM on May 31, 2011

Others using hacks against us = WAR!!
Us using them against others = Keeping people free, doing what we have to, etc.

Now just change hacks to torture, normal operating procedure lately. :P
posted by usagizero at 8:34 AM on May 31, 2011 [4 favorites]

...early attempt to grapple with a changing world in which a hacker could pose as significant a threat to U.S. nuclear reactors, subways or pipelines as a hostile country's military.

Wait we have public transit now? Since when?
posted by thsmchnekllsfascists at 8:44 AM on May 31, 2011 [3 favorites]

It's practically impossible to prove or disprove the source of a cyber attack, or even to prove to an outside observer that an attack happened at all.

So I guess we can now declare war on anyone at any time, no verifiable evidence required. Good job, warmongers! But I guess Bush already set the precedent for that.
posted by qxntpqbbbqxl at 8:44 AM on May 31, 2011 [3 favorites]

A huge percentage of "hackers" are just curious kids who figured out how easy it is to get in. Most hacks are the pretty much the equivalent of jiggling the handle to see if the door is unlocked.

If we make that an act of war, then we will not have the resources to wage war on all the potential targets. Declaring war over hacking will be the international relations equivalent of arresting someone for resisting arrest.
posted by idiopath at 8:46 AM on May 31, 2011 [1 favorite]

Coming Soon:

"Pirates are launching a cyber war against america's entertainment companies. According to the RIAA and MPAA, piracy annually cost the US economy more than a dozen 9/11s. So today, I've authorized the CIA to launch a predator drone at the Pirate Bay headquarters."
posted by empath at 8:49 AM on May 31, 2011 [5 favorites]

In all seriousness, I can think of some cyberattacks which would constitute an act of war -- for example, creating a computer virus than infects the computers that control a country's nuclear program might count. I think a country that was the victim of an attack like that could probably justify a military response.
posted by empath at 8:51 AM on May 31, 2011 [6 favorites]

See, this takes all the fun out of cyber war. It is supposed to be about hacker vs. hacker, road warrior battles along the information super highway. It is the war for the smart kids. The Pentagon's response is, like, "smart people being smarter than us... HULK SMASH!!!".

Actually, I understand what their point is, but good luck at conclusively proving that any government was behind an attack. Because our current murky wars over real attacks (or imagined threats thereof) just needed to get murkier in the future.
posted by charred husk at 8:56 AM on May 31, 2011 [3 favorites]

Cyber Tonkin
You're tellin' me lies, yeah
Cyber Tonkin
You wear a disguise
Cyber Tonkin
So misunderstood, yeah
Cyber Tonkin
You really no good
posted by George_Spiggott at 9:15 AM on May 31, 2011 [1 favorite]

"I will not have a networked computer device on this ship while I am still in command."

Also, did anyone mention Stuxnet?
posted by T.D. Strange at 9:21 AM on May 31, 2011 [5 favorites]

"It's not about declaring acts of war, but redefining when acts of war can be declared."

Article I, Section 8, Clause 11 of the United States Constitution, sometimes referred to as the War Powers Clause, vests in the Congress the exclusive power to declare war, in the following wording:

"[Congress shall have Power...] To declare War, grant Letters of Marque and Reprisal, and make Rules concerning Captures on Land and Water;"

All the Pentagon can constitutionally say is that it will suggest to Congress that they declare war in the event of this, that, or the other. Of course none of this means that anyone in our fucking government has read the damn thing much less understood it, so, foreign governments would be wise to consider themselves warned.
posted by Blasdelb at 9:22 AM on May 31, 2011 [2 favorites]

Echoing the earlier comments - it's really remarkably difficult to prove the source of a sophisticated attack. I mean, if China's going to "hack" our nuclear control systems, it's not like the traffic is going to have some "p.s. - I'm from china" flag set. (AFAIK, no one's really implementing the evil bit) If you were a foreign agent, and not just some script kiddie, you wouldn't even use your home countries' computers.

Though I understand the reasoning, and in theory I can agree - a cyber attack on say, government nuclear control systems or industrial SCADA systems could, in some circumstances, be considered and act of war. In practice, reliably determining where it came from and if state resources were involved is just too difficult to drop bombs over.

tl;dr - "lol i'm behind 7 proxies", as they say.

It also feels like it's breaking some hacker moral code, like if someone totally hacked you, and you went out and burned their house down. Really gauche.
posted by mrgoat at 9:36 AM on May 31, 2011 [1 favorite]

Article I, Section 8, Clause 11 of the United States Constitution, sometimes referred to as the War Powers Clause, vests in the Congress the exclusive power to declare war

The Constitution is pre-9/11 thinking.
posted by Trurl at 9:44 AM on May 31, 2011 [3 favorites]

This would be a good chance to get those Nigerian email scammers on a street corner and have snipers take them out.
posted by zzazazz at 9:46 AM on May 31, 2011

Okay, so in a few years the public will be defending the interests of Zuckerburg and Goldman Sachs?
posted by effluvia at 9:47 AM on May 31, 2011 [2 favorites]

So Stuxnet was an act of war, and Iran can respond with military force?

Iran, like any other state, can respond with military force to any provocation it wants to use military force against. Stuxnet. Manipulation of its politics by the CIA. Insults to Islam. The Eurovision results. The conclusion, or lack thereof, to Single Female Lawyer.
posted by ROU_Xenophobe at 9:48 AM on May 31, 2011 [5 favorites]

ooooh matthew broderick is fucked

yea I'm sure he knows that since his marriage in 1997
posted by stormpooper at 10:01 AM on May 31, 2011 [1 favorite]

The Constitution is pre-9/11 thinking.

The age of the Constitution doesn't matter one iota. The right of Congress to 'declare war' is completely exclusive.

The president can send troops 'in theater' to attempt to wage a war, but cannot legally declare war per se; at this point, Congress can either agree with the President's decision or not. If they don't agree with his decision they will call our troops back and stop any action from being taken them if they feel the war is not in our countries best interests.

Politics are fickle, so it's an exercise in futility trying to figure out which they will do in any given situation.
posted by schade at 10:02 AM on May 31, 2011

Y'know, I'm pretty sure that the last two times my WoW guild got hacked and our vaults were looted, it was the work of Chinese prisoners. This, to me, certainly merited indiscriminate airstrikes.

Srsly.
posted by scaryblackdeath at 10:04 AM on May 31, 2011 [2 favorites]

This is the DOD saying "Watch your ass, 4chan."
posted by mr_crash_davis at 10:05 AM on May 31, 2011 [2 favorites]

The DOD should really change their name back to Department of War.

Or if they wanted to be really accurate they could change it to the Department of Offense.
posted by AElfwine Evenstar at 10:06 AM on May 31, 2011 [1 favorite]

Our military uses buggy software. Enemies exploit the bugs to do us harm. Well, what do you expect? That shouldn't even be illegal, in my opinion.

If our military procured correct, secure software, there would be no "cyber war" (or, at least, not against us). Good software is expensive, though, so they're not going to do that. Not while they can build up all this bullshit political crap around a problem that is, at root, entirely technical.
posted by Crabby Appleton at 10:27 AM on May 31, 2011

I used to think the cyberwarfare stuff was an inflated threat but in the past couple of years my thinking has reversed. Stuxnet was a big deal, a deliberate act of cyberwarfare by the US and Israel against Iran. China's hacking of Google was also a big deal; aimed at individual activists, not countries, but still a big thing. The recent attacks against RSA SecurID and now Lockheed Martin are troubling. This isn't script kiddies stealing some Warcraft accounts, this is focussed espionage against the US military.

One of the problems with cyberwarfare is it's not clear how to apply international law to it. What is "proportionate response" to a break-in that disables a radar installation? How do you even identify an attacker when the attack was a virus that was planted six months ago on USB sticks? This report says the Pentagon is moving to take these questions seriously. It's about time.
posted by Nelson at 10:28 AM on May 31, 2011

For instance, the weapons used in a major technological assault, such as taking down a power grid, would likely have been developed with state support, Pentagon officials say.

Yes, because a single tree falling near Canada certainly wouldn't ever shut down a giant portion of the northeastern power grid. That's never happened.
posted by odinsdream at 10:31 AM on May 31, 2011 [3 favorites]

odinsdream: "
Yes, because a single tree falling near Canada certainly wouldn't ever shut down a giant portion of the northeastern power grid. That's never happened."

Don't give Palin and her ilk any suggestions for an even larger war against nature (and/or Canada)... kthxbai
posted by symbioid at 10:35 AM on May 31, 2011

loloolol Pentagon is a a bunch of moran!

Do you really think the highly trained individuals at the NSA,CIA or wherever are going to go off half-cocked calling for missle strikes every time someone takes over an IRC channel or a tree falls in canada? Or that they are going to be thrown off by those slippery foreign intelligence agencies launching attacks from some cyber-cafe?

Good software is expensive, though, so they're not going to do that

We could also build an impenetrable dome around the US, but those bean counters only care about the bottom line.

The alternative is far worse. We come under some sort of "cyber attack" ( I don't pretend to know what that would look like) and we are unprepared. I imagine the thread on MetaFilter(if there still is a MetaFilter) would be "why didn't those moran at pentagon think of this, call 4chan".
posted by Ad hominem at 10:45 AM on May 31, 2011 [1 favorite]

Don't give Palin and her ilk any suggestions for an even larger war against nature (and/or Canada)

I still say she's not running. But James Howard Kunstler thinks she is. And he says: You know who else sought to rule a nation?
posted by Trurl at 10:55 AM on May 31, 2011

The age of the Constitution doesn't matter one iota. The right of Congress to 'declare war' is completely exclusive.

Congress doesn't seem to agree, as they've largely ceded the power to declare war to the Bush/Obama interpretation: "If the Executive Branch does it, it's not illegal."
posted by T.D. Strange at 10:56 AM on May 31, 2011 [2 favorites]

To keep our options open, why don't we just declare not at war with England and Australia.

Oh, and Poland. I almost forgot.
posted by snofoam at 11:01 AM on May 31, 2011 [1 favorite]

I was not aware that the US still felt it needed reasons to go to war.

The Department of Defense also concluded recently that attempting to draw a distinction between a reason to go to war and an excuse for going to war was an act of war.

Nobody really commented on it, because, y'know.
posted by mhoye at 11:05 AM on May 31, 2011 [1 favorite]

United States Department of Hammers Locates Potential New Source of Nails - film at 11
posted by facetious at 11:11 AM on May 31, 2011 [1 favorite]

I know there's alot of LOL and GRAR going around about this, but a large scale attack on critical infrastructure (of which the internet is now a part, yes) has always been considered an act of war.

I'm surprised they didn't do this twenty years ago.
posted by chimaera at 11:12 AM on May 31, 2011

Congress doesn't seem to agree, as they've largely ceded the power to declare war to the Bush/Obama interpretation: "If the Executive Branch does it, it's not illegal."

From reading your link, it seems you need to re-read the article. It specifically states that those members of Congress present for this 'briefing/consultation' were questioning why the articles of the War Powers' act was not being followed through upon.

Quotes from first page:

Before they started, Chairman John Kerry, D-Mass., apologized; the senators were "under the gun" with meetings at the White House, where the drama over the debt ceiling vote was playing out.

...and again further down the page:
At the hearing on Thursday, Kerry gave reason after reason to be optimistic that the whole "congressional authorization" discussion might not matter.

End of Quotes

This smacks of 'smoke and mirror' political wrangling to get around an uncomfortable situation that we have no actual control over.

Furthermore, as this is a UN/NATO operation, it 'technically' doesn't fall under the provisions of the War Powers act as defined by the current sitting Congressional body.

This is the kind of untenable situation that we, the American people, really don't want to be in. I believe this is one of the many kinds of situations the War Powers Act was originally written to prevent from occurring.
posted by schade at 11:13 AM on May 31, 2011

Congress doesn't seem to agree, as they've largely ceded the power to declare war to the Bush/Obama interpretation
---

U.S. operations in Libya hit the 60-day mark [on May 20], but Congress has grown largely silent on the administration’s unilateral intervention into the war-torn North African nation.
posted by Trurl at 11:18 AM on May 31, 2011

Sometime in 2014

Private: sir, /b/ has responded
General:…they saw the big board?
Private: No, sir, just this “The ass is in the hat”
General: No power means no internets…agree to the Pringles and free medical pot for all
Private: for all sir?
General: fuckin A private now get me Assange, these rouge pirates have another thing coming
Private: Shall I activate Operation Judas Priest.
General: No…we shall wait to unleash that. Now get me a vaporizer....remember this....I'm surprised they didn't do this twenty years ago. I was looking at the Latiin motto o our seal, i thought of this, do you now why private.
Private: why what sir
General: Why it was never successful

Private: B-52's sir?

General: that and bombers.
posted by clavdivs at 11:20 AM on May 31, 2011 [4 favorites]

I don't know about you but when the country is attacked, I don't want congress to take time to convene and come to an agreement. whats the point with nuclear weapons and in this case cyberatacks on critical infrastructure, we have oversight committees for this.
posted by clavdivs at 11:24 AM on May 31, 2011

From reading your link, it seems you need to re-read the article. It specifically states that those members of Congress present for this 'briefing/consultation' were questioning why the articles of the War Powers' act was not being followed through upon.

Congresscritters are great at talking about following all the proper procedures, not dropping the ball, holding people accountable, and so on and so forth.

If you'll stop to take a look at what they do, rather than the river of foul smelling brown liquid that comes out of thier mouth, you might notice that it's now over 70 days since the Libya intervention, and still no vote.
posted by T.D. Strange at 11:27 AM on May 31, 2011 [1 favorite]

...on the administration’s unilateral intervention into the war-torn North African nation.

I don't think you said what you think you said - your use of unilateral says that the US went into Libya alone, without the agreement of any other nation. This is not the case... A group of arab nations, including a few diplomats (no longer employed now) from Libya itself asked the United Nations to invoke a no-fly zone over Libya to protect the innocent civilians. Not only is this not a US-only mission, we aren't even the primary...
posted by schade at 11:27 AM on May 31, 2011

Have you any hard evidence that the US was behind Stuxnet?
posted by Postroad at 12:17 PM on May 31, 2011 [1 favorite]

Plausible deniability is the hallmark of the anonymous hackers, no matter how much acclaim or important their task. The system would be designed in that way i would imagine
posted by infini at 12:21 PM on May 31, 2011

Creepy mission creep.
posted by orthogonality at 12:25 PM on May 31, 2011

Have you any hard evidence that the US was behind Stuxnet?

It's difficult for me to imagine what evidence would convince you short of Robert Gates publicly confessing.

Aside from our abundantly documented hostility towards Iran's nuclear program, there's this astonishing coincidence:

The United States was advised to adopt a policy of "covert sabotage" of Iran's clandestine nuclear facilities, including computer hacking and "unexplained explosions", by an influential German thinktank, a leaked US embassy cable reveals.

Also:

... there is vanishingly little doubt that the United States played a role in creating the worm. Some of the evidence for this is lying in plain sight: a consistent pattern of coincidences ties Stuxnet’s evolutionary stages to milestones in the development of Iran’s nuclear program. At each of these points, which often led to heightened tensions between the U.S. and Iran, Stuxnet upped its game.
posted by Trurl at 12:53 PM on May 31, 2011

In other Pentagon news: Military Orders Millions of Employees to Spy on Each Other
posted by homunculus at 1:23 PM on May 31, 2011

Have you any hard evidence that the US was behind Stuxnet?

Well this guy didn't really deny it.
posted by T.D. Strange at 1:36 PM on May 31, 2011 [1 favorite]

It's worth mentioning that a key component of these attacks is carelessness, either by the people who wrote and audited the code running on the systems or by the people operating them. If only we invested a small fraction of the defense budget on writing secure, open-source software then these intrusions would be entirely preventable and the security improvements would benefit everyone.
posted by howlingmonkey at 1:40 PM on May 31, 2011 [1 favorite]

Have you any hard evidence that the US was behind Stuxnet?

I don't have hard evidence on who was behind Stuxnet. My belief is supposition based on who has the capability and interest to destroy Iran's nuclear production. Also there's been a lot of winky-winky statements from US and Israeli military folks implying state involvement. Also many experts believe Stuxnet was carried out by Israel and the US. I'm inclined to believe them.

I can tell you this: Stuxnet sure as hell wasn't a few kids from 4chan hanging out on an IRC channel. But those kids grow up and some of them become soldiers. They need rules of engagement.

I thought this quote from Obama today was interesting

Obama said Dempsey and Winnefeld would make "an extraordinary team" on the Joint Chiefs of Staff. "Between them they bring deep experience in virtually every domain," he said. "Land, air, space, sea and cyber."

posted by Nelson at 3:16 PM on May 31, 2011 [1 favorite]

But do they stand a chance against a Kuang Grade Mark Eleven icebreaker running on an Ono-Sendai Cyberspace 7?
posted by George_Spiggott at 3:58 PM on May 31, 2011 [1 favorite]

Depends on whether they have access to the Dixie Flatline's ROM construct.
posted by Crabby Appleton at 4:12 PM on May 31, 2011

Go talk to the Finn.
posted by His thoughts were red thoughts at 4:38 PM on May 31, 2011 [1 favorite]

Presumably, this means they'll start to send 14 year old script-kiddies off to Guantanamo too.
posted by mmagin at 8:12 PM on May 31, 2011

'The Pentagon has concluded that computer sabotage coming from another country can constitute an act of war, a finding that for the first time opens the door for the U.S. to respond using traditional military force.'

Oh shit, some kid with a proxy and a bit more knowledge than the average internet user is going to get the ukraine blowed up.
posted by hal_c_on at 9:09 PM on May 31, 2011 [1 favorite]

I eagerly await the first Gulf of Tonkin cyber-attack.

The cyberwar threat has been hyped up non-stop for the past two years. Michael McConnell has been pushing the fear in an attempt to implement a more controlled Internet.

Relatedly, and unknown to most people, there has been a political fight over the cyberwar turf between the DHS, NSA other other agencies. Last year, the NSA won that war. It will now lead domestic cyber security in the US. Fear was also used by the NSA to push for more power here.

But the really scary thing about this is that the details of any cyberattack would likely be classified due to the sensitive intercept and analysis methods used. So the Pentagon can essentially declare that force is necessary without needing to provide evidence to the public.
posted by formless at 9:30 PM on May 31, 2011

Go talk to the Finn.

he doesn't listen
posted by infini at 1:45 AM on June 1, 2011

Go talk to the Finn.

Linus can't help you with that.
posted by Crabby Appleton at 7:18 AM on June 1, 2011 [1 favorite]