Though there are no details of the malware that was reportedly placed inside Russia’s power grid system, the NYT reported that National Security Presidential Memoranda 13, a classified document, grants the Department of Defense (DoD) the power to conduct offensive online operations without receiving presidential approval.
Specifically, General Paul Nakasone, commander of the US Cyber Command, holds that authority to make these decisions about offensive strategies. Without confirming that the DoD is taking more aggressive measures, House minority whip Steve Scalise told Meet the Press on June 16, “I’m glad the administration has been taking aggressive actions.”
“An offensive cyber-strategy is a necessary component of a larger military and diplomatic strategy against a determined US adversary like Russia. After all, let’s not forget that Russia has been targeting US utilities for several years, at least,” said Carlos Perez, R&D practice lead at TrustedSec.
“US-CERT warned just last year about Russia’s cyber-operations against multiple US utilities. We’ve also seen Russia put these capabilities to real-world effect, as in the case of the two cyber-induced power outages that affected Ukraine. We have to take this threat seriously, and having a cyber-response ready to go is of paramount importance.”
Perez clarified that the operations described by the New York Times also do not constitute cyber-war, nor do they exceed the legal restrictions set by our own government.
“The Department of Defense Law of War Manual has codified cyber operations, which this current action falls within. As you’ll notice, these guidelines include such operational objectives as reconnaissance, acquiring and securing access to key systems, and implanting access tools into infrastructure for the purpose of acquiring foreign intelligence, gaining information about an adversary’s capabilities and gathering information to determine intent, just to name a few.”
While trying to avoid the risk of escalating the situation with Russia, Perez said that this action and others taken by US cyber-ops teams are aimed at preparing the battle space with Russia, so that the US will be ready at some future point, should direct action need to be taken.
“This is also about deterrence, as we are signaling to Russia that we have the technical means and capabilities and the will to use them if we have to. As for the risk of ending up in a full-scale cyber-war, the reality is that we have been close to it with several events that have happened but remained in an economic, intelligence and influence conflict with Russia, as well as other countries, like China, Iran and, to a lesser extent, North Korea. These are low-intensity conflicts but they could escalate at any point, even without us engaging in our own offensive cyber-ops.”
Source: Infosecurity Magazine