WASHINGTON (AP) — The United States would use cyber weapons against an adversary's computer networks only after officials at the highest levels of government approved of the operation because of the risks of collateral damage, a senior U.S. military official said Tuesday.
The director of intelligence at U.S. Cyber Command, Rear Adm. Samuel Cox, said that cyberattacks can do significant damage to a country's infrastructure and should never be carried out in a cavalier manner. Offensive cyber operations are difficult to conduct with precision to avoid casualties and collateral damage to unrelated systems, he said.
"If you're trying to do precision strike in cyberspace with a very high degree of confidence," Cox said, "that takes enormous amounts of intelligence, planning, great care and very carefully crafted cyber tools that won't boomerang against you down the road."
Cox also downplayed the prospect that an enemy of the United States could completely disable the nation's electric power grid or shut down the Internet because these systems are designed to withstand severe cyberattacks.
"There's huge amounts of resiliency and redundancy built into the system nowadays that makes that kind of catastrophic thing very difficult," he said.
Cox's remarks at a cybersecurity conference in Arlington, Va., opened a small window into a subject U.S. authorities rarely discuss in public.
Cyber Command is in charge of defending U.S. military networks from attacks and intrusions. The command's top officer, Army Gen. Keith Alexander, also is the director of the secretive National Security Agency, which gathers electronic intelligence from foreign governments. Both NSA and Cyber Command are headquartered at Fort Meade, Md.
The Defense Department is developing rules of engagement for how commanders will operate in cyberspace and what missions they can conduct under their own authority.
During congressional testimony last month, Alexander said decisions on how to respond to adversaries in cyberspace would be made by the president and secretary of defense. But military commanders would have authority to take action if the cyberattack were about to cause harm and immediate action was needed.
"Our job would be to defend and protect and to stop some of these attacks analogous to the missiles coming in and give the administration options of what they could do to take it to the next step, if they choose," Alexander told the Senate Armed Services Committee.
Copyright 2012 The Associated Press.