US Considered Opening Pandora's Cyber Warfare Box for Libyan Campaign

There is a very interesting article in today's New York Times that reports that US defense officials considered launching a cyber attack "... to disrupt and even disable the Qaddafi government’s air-defense system, which threatened allied warplanes."

According to the Times, the objective would have been to sever the military communication links between Libyan early-warning radars and SAM sites.

However, the plan never was placed into action because there were worries over: (a) the precedent it would set, (b) the amount of time needed to launch such an attack, and, (c) whether Congress would have to be informed of such an attack under the War Powers Resolution.

As you may remember, the Obama Administration argued that it did not have to inform Congress about what it was doing in Libya under the War Powers Resolution because US forces were not engaged in "hostilities."

Its torture of logic on this subject would likely pale in comparison to any Administration argument trying to make the case that a cyber attack against Libyan military forces wasn't an engagement in hostilities. It also doesn't take much imagination to see how other countries would quickly use the same reasoning as they launched their own "non-hostile" cyber attacks.

What was also interesting in the Times article is that the idea was again considered - and rejected - for the operation against Osama bin Laden. The Times article states that, "... military planners suggested a far narrower computer-network attack to prevent Pakistani radars from spotting helicopters carrying Navy Seal commandos" who were flying to the compound where bin Laden was hiding.

I am curious about how the two cyber war planning episodes - the first in the February/March time frame and the other in March/April timeframe - influenced the US Department of Defense cyber war guidelines that were officially signed in June (or vice versa). The guidelines indicate that a cyber attack against the US could be considered as an act of war and trigger a convention military response. Or as one military official put it:

"If you shut down our power grid, maybe we will put a missile down one of your smokestacks."

I think it would be pretty hard for the US to argue that shutting down a radar system in a foreign country via a cyber attack wouldn't likewise be seen by that country - or its allies - as an act of war.

Related Stories

Risk Factor

IEEE Spectrum's risk analysis blog, featuring daily news, updates and analysis on computing and IT projects, software and systems failures, successes and innovations, security threats, and more.

Contributor
Willie D. Jones
 

Newsletter Sign Up

Sign up for the ComputerWise newsletter and get biweekly news and analysis on software, systems, and IT delivered directly to your inbox.

Advertisement
Advertisement