The US military is permitted to act pre-emptively if it detects an imminent threat of cyber attack.
US Defense Secretary Leon Panetta moaned to Reuters that under investment by America’s private sector and political gridlock in Washington stymied cyber security legislation.
In the meantime a presidential executive order was being considered “while we wait for Congress to act”.
Panetta warned that unnamed “foreign actors” were targeting computer control systems that operate chemical, electricity and water plants and those that guide transportation. Quite why China is training actors to attack US infrastructure is unclear. Perhaps it is hoping to use the Acadamy Awards as a cover for an attack.
Panetta said that he knew of specific instances where intruders have successfully gained access to these control systems. The hackers are building advanced tools to attack these systems and cause panic, and destruction, and even the loss of life.
At the moment aggressors could derail passenger trains, contaminate the water supply or shut down the power grid in much of the country.
In the private sector too few companies have invested in even basic cyber security.
The United States is making significant investments in cyber forensics to address the problem of identifying where the attacks come from.
He said that the country was seeing returns on those investments.
The Department of Defense had a mission to defend the country and would be ready to respond to attacks. Such pre-emptive action would occur only under certain, dire scenarios, he said.
If the US military detects an imminent threat of attack that will cause significant physical destruction in the United States or kill American citizens, it needs to have the option to take action against those who would attack them, he said.