When hackers a continent away attack a military computer system, using computers belonging to unsuspecting private citizens or businesses as cover, what are the rules when the U.S. fights back?
As U.S. officials struggle to put together plans to defend government networks, they are faced with questions about the rippling effects of retaliation. Taking action against a hacker could affect foreign countries, private citizens or businesses — ranging from hospitals to power plants — whose computers might get caught up in the electronic battle.
Difficult questions about how and when the U.S. military conducts electronic warfare have stalled the creation of the Pentagon's Cyber Command for months as senators dig into such scenarios involving the rules of the digital battlefield, according to congressional officials.
Government leaders have grown increasingly alarmed as U.S. computer networks face constant attacks, including complex criminal schemes and suspected cyber espionage by other nations, such as China. But the nation's ability to protect its networks and respond to attacks are largely kept secret because of national security concerns and the government's slowly evolving cyber security plans.
Electronic warfare by U.S. forces is not new. For example, in the Iraq war, U.S. forces jammed cellular phone networks in Fallujah in 2004 to disrupt communications between enemy insurgents, and interrupted radio signals designed to trigger roadside bombs.
But U.S. officials refuse to discuss any current offensive cyber operations or monitoring, particularly anything that involves other countries or terror organization.
The nomination of Lt. Gen. Keith Alexander to head Cyber Command has given senators leverage to delve into the complex world of cyber warfare. Later this week, a Senate committee will face off with Alexander during a hearing on his nomination.
The Cyber Command would oversee military networks and take on what U.S. authorities see as a growing national security threat — cyber terrorists looking to steal sensitive technologies, disrupt critical services, or infiltrate classified networks.
In recent months, according to several congressional officials, senators have called in defense officials for meetings, gathered for a Cyber 101 session with a top general, and put together dozens of pages of questions for the Pentagon and Alexander, digging into the military's rule book on electronic warfare.
In response, the Pentagon drafted carefully worded responses, walking a delicate line between satisfying the Senate's concerns while closely guarding the high-tech secrets of its digital weaponry, said the officials, who spoke on condition of anonymity to discuss internal deliberations.
One concern involves Alexander's position as head of the National Security Agency, which oversees electronic intelligence-gathering. Lawmakers and others question whether the secretive spy agency should have control over cyber issues.
"We are obviously concerned about the nomination of Lt. Gen. Alexander," said Marc Rotenberg, executive director of the Washington-based Electronic Privacy Information Center. "The NSA has broad authority to conduct electronic surveillance against U.S. citizens and the oversight system simply does not work."
Another issue, Rotenberg said, is that the NSA is seeking to expand its ability to monitor domestic communications through the development of Einstein 3, a government network monitoring system currently being tested. The program would both detect and take action against cyber attacks on federal systems.
Homeland Security Department officials began the Einstein 3 trial program late last summer, and started testing it on one federal agency's network traffic a couple weeks ago. Officials have not identified which agency is being used for the test, but have stressed all along that extensive privacy protections are in place.
James Lewis, a cybersecurity expert and senior fellow at the Washington-based Center for Strategic and International Studies, downplayed the privacy concerns. The main issues, he said, involve who can authorize an offensive cyber strike, what are the command's legal authorities, and how will it interact with the NSA and DHS when other government or critical networks are attacked.
Lewis said Cyber Command, which will report to U.S. Strategic Command based in Omaha, Neb., would likely support the other agencies, much like the North American Aerospace Defense Command supports the Federal Aviation Administration. NORAD often launches fighters during aviation incidents — such as the bomb scare triggered by a Qatari diplomat earlier this week when the man reportedly slipped into the bathroom for a smoke and joked about trying to set his shoes on fire.
Several congressional officials said there is no strong opposition to Alexander taking on the dual NSA and Cyber Command posts. Still, senators have many questions.