Cybersecurity

Lawmakers, former officials debate next move in cyberspace

Image from Shutterstock.

The conversation in Washington has moved from North Korea's alleged complicity in the hack of Sony Pictures Entertainment to whether the Obama administration has responded effectively to the hack, and whether it needs more tools from Congress to do so.

President Barack Obama's vow of a "proportional" response to Pyongyang’s alleged cyber siege on Sony Pictures raises the possibility of the United States carrying out its own cyberattack, a scenario the administration has planned for via the four year-old Cyber Command.

"This is a whole new day in cyberspace for a host of reasons," said former House Intelligence Committee Chairman Mike Rogers, referring to the Sony Pictures hack, which wiped out a huge amount of data from the movie studio’s hard drives and reportedly could cost the studio millions of dollars. "Now the United States is going to have to show that it will not tolerate it because everyone’s watching. Iran is watching, Russia is watching, China is watching," added Rogers, who spoke Jan. 15 at a panel discussion hosted by the Bipartisan Policy Center.

Current and former policymakers like Rogers share a broad goal of making a destructive cyberattack on American firms less likely. But there is less agreement on how this should be accomplished.

Following the hack this week of U.S. Central Command's social media accounts by a pro-Islamic State group, House Homeland Security Committee Chairman Michael McCaul called for the administration to develop a strategy for responding to cyberattacks like the one on Sony Pictures. "Without laying out the rules of the game for offensive responses and having direct consequences, cyber threats and intrusions from our adversaries will continue and escalate," the Texas Republican said in a statement.

Not long before retiring at the end of the last Congress, Rogers said he would like to see the United States go on the offensive in cyberspace more than it does, but that there is not a clear understanding across government of what an offensive policy entails.

While offensive cyberattacks are part of Cyber Command’s charge, rules to govern them are still being developed.

At the BPC panel, former CIA and NSA Director Michael Hayden argued that Obama's pledge of proportionality might send the wrong signal to the North Koreans and would-be hackers. "I don't think we should give them comfort that our response will be proportional. Our response will be of our own choosing," the retired general said.

But Paul Stockton, a former assistant secretary of Defense, countered that the White House was right to mention proportionality.

"We're in an era now where cyber conflict is burgeoning and we lack the rules of the road, we lack the norms, we lack the principles derived from [the] law of armed conflict," Stockton said. "I believe proportionality is a standard that the United States ought to be espousing."

About the Author

Sean Lyngaas is a former FCW staff writer.

Featured

  • People
    Federal CIO Suzette Kent

    Federal CIO Kent to exit in July

    During her tenure, Suzette Kent pushed on policies including Trusted Internet Connection, identity management and the creation of the Chief Data Officers Council

  • Defense
    Essye Miller, Director at Defense Information Management, speaks during the Breaking the Gender Barrier panel at the Air Space, Cyber Conference in National Harbor, Md., Sept. 19, 2017. (U.S. Air Force photo/Staff Sgt. Chad Trujillo)

    Essye Miller: The exit interview

    Essye Miller, DOD's outgoing principal deputy CIO, talks about COVID, the state of the tech workforce and the hard conversations DOD has to have to prepare personnel for the future.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.