Official: No options ‘off the table’ for U.S. response to cyber attacks

By JEFF SCHOGOL | STARS AND STRIPES Published: May 8, 2009

ARLINGTON, Va. — The U.S. military’s response to a cyber attack would not necessarily be limited to cyberspace, the head of U.S. Strategic Command said Thursday.

"The Law of Armed Conflict will apply to this domain," said Air Force Gen. Kevin P. Chilton.

The United States’ response to a cyber attack would be decided by the president and Defense secretary, Chilton told reporters during a breakfast roundtable.

"Our job would be to present them options, just as every other combatant commander would do," he said.

Chilton would not rule out a kinetic response to a cyber attack.

"I don’t think you take anything off the table when you provide options to the president to decide," he said. "You don’t take any response options off the table from an attack on the United States of America. Why would we constrain ourselves on how we would respond?"

The Defense Department’s networks are probed thousands of times per day, Chilton said.

The intrusions are geared toward espionage — gathering information rather than slowing or manipulating the department’s computers, he said. Information stolen includes personnel and medical records.

While those intrusions were against unclassified networks, the information is still important, he said.

Chilton said the threats range from bored teenagers to criminals and to nations — although he did not name which nations.

"They’re all threats, but what we’re finding is we’re getting and better and better at our defenses, and so the capabilities to come at our networks are going to require more sophisticated efforts, and I think what you’ll see is that requires resources.

"And so that would logically take you to the probably bigger threats, would be nation-state approach or a well funded, well organized, well educated and equipped other organization that may be a non nation-state that had that capability," he said.