An Offensive Cyber Strategy

The Air Force has released an updated instruction outlining guidance and procedures for cyber capabilities that appears to go beyond the Pentagon’s typical defensive cyber rhetoric. Unlike, the Defense Department’s recently released cyber strategy, which focused primarily on preventing cyber attacks, the new policy directive specifically addresses offensive cyber capabilities, requiring “a thorough and accurate legal review” of all offensive cyber actions. The document also offers a clear definition of those capabilities, including “any device or software payload intended to disrupt, deny, degrade, negate, impair, or destroy adversarial computer systems, data, activities, or capabilities.” The Assistant Secretary of the Air Force, according to the document, is responsible for ensuring the legality of all cyber weapons and for monitoring the “the lethal characteristics and accuracy of weapons under review.” That’s not an easy task, according to the online Secrecy News, which maintains that law and policy regarding cyberspace rarely are clearly defined and, when they do exist they are “inconsistent with the use of offensive cyber tools.”