Standardizing the military's rules of engagement where electronic and information-based offense and defense are concerned has been a priority for the DoD for several years, but the process has been stymied by the complicated nature of the digital realm.
Eric Rosenbach, Deputy Assistant Secretary of Defense for Cyber Policy, told American Forces Press Service that formulating a cyber operations strategy and rules of engagement in regards to the Law of Armed Conflict is still a work in progress.
“It is a challenge to have different organizations and different individuals understand [the term] ‘cyber’ in the same way. Even within the Department of Defense and around the world, it’s not clear to a lot of people what [cyber] means," Rosenbach said.
“We’re trying to think about cyber operations as a new form of policy tool that gives the president or the secretary of defense new options. We’re not actively looking to mount operations in cyberspace just to do it. We want to do it only when appropriate and when there’s a good reason to do it and when we can do it in a way that allows us to [avoid using] kinetic tools," Rosenbach explained.
Last month, Department of Defense officials informed a subcommittee of the House Armed Services Committee on that the Pentagon is in the process of finalizing guidelines for military operations in the cyberspace theater.
National Security Agency chief and head of U.S. Cyber Command, General Keith Alexander, told members of the subcommittee that finalizing the strategy for rules of engagement in cyberspace are “at the top of the list of the cyberthings that we’re working on right now”.
In July of 2011, the Department of Defense released a document that provided an outline for proposed military-based cyber operations titled Strategy for Operating in Cyberspace (pdf), which stated:
"Potential U.S. adversaries may seek to exploit, disrupt, deny, and degrade the networks and systems that DoD depends on for its operations. DoD is particularly concerned with three areas of potential adversarial activity: theft or exploitation of data; disruption or denial of access or service that affects the availability of networks, information, or network-enabled resources; and destructive action including corruption, manipulation, or direct activity that threatens to destroy or degrade networks or connected systems.
In December 2011, Congress officially sanctioned the option for the military to use offensive measures in cyberspace should the tactics be deemed necessary. Section 954 of the the FY 2012 defense authorization act states that “Congress affirms that the Department of Defense has the capability, and upon direction by the President may conduct offensive operations in cyberspace to defend our Nation, allies and interests."
The measure of a cyber attack and the corresponding response would be determined by evaluating the level of "death, damage, destruction or high-level disruption" caused by an attack. Under this strategy, a sizable event could prompt a significant military response given the level of damage incurred.