The Pentagon would consider a military response in the case of a cyber attack against the United States, a US defense official said on Wednesday.
Asked about the possibility of using military force after a cyber assault, James Miller, undersecretary of defense for policy, said: “Yes, we need to think about the potential for responses that are not limited to the cyber domain.”
But he said it remained unclear what constituted an act of war in cyberspace.
“Those are legal questions that we are attempting to address,” Miller said at a conference in Washington, adding that “there are certainly a lot of grey areas in this field.”
He said hostile acts in cyberspace covered a wide range, from digital espionage to introducing false data into a network, that did not necessarily represent full-blown war.
But he said the threat to US networks from terrorists, criminals and others was real and growing.
“Over the past decade, we’ve seen the frequency and the sophistication of intrusions into our networks increase,” he said. “Our systems are probed thousands of times a day.”
The Defense Department has about 90,000 employees and troops using computer networks, with about seven million computer devices, he said.
The US military recently created a new cyber command that will be led by Lieutenant General Keith Alexander, head of the secretive National Security Agency. Alexander was confirmed in his post by the US Senate last week.
In his written testimony to Congress, Alexander said that the new cyber command would be prepared to wage offensive operations as well, despite the risk of sustaining damage to US networks.
He told lawmakers that he expected digital operations to take place as part of a wider military campaign, but that special legal authority would be required to respond to a cyber attack staged from a neutral country.