The US could launch pre-emptive cyber strikes against countries it suspects of threatening its interests with a digital attack, under a new set of secret guidelines to safeguard the nation’s computer systems.
The rules – the country’s first on how it defends or retaliates against digital attacks – are expected to be approved in coming weeks, and are likely to be kept under wraps, much like the policies governing the country’s controversial drone programme.
A secret legal review into the new guidelines has already decided that President Barack Obama has the power to order such pre-emptive strikes if faced with credible evidence of a looming attack, according to the New York Times, which quoted unnamed officials involved in the review.
The revelations come just days after an array of American media organisations, including the New York Times and The Washington Post, said their computer networks had been infiltrated by Chinese hackers. The risk of digital attacks was also underlined by a recent US Department of Homeland Security (DHS) report which revealed that a computer virus had forced an unidentified US power plant to go offline for three days last year.
The US, meanwhile, is known to have conducted cyber attacks of its own, with President Obama reported to have approved a wave of assaults against Iran during his first term. The programme, code-named “Olympic Games”, targeted Iranian nuclear facilities with malicious computer worms. It began under President George W Bush, but Mr Obama is believed to have ordered an acceleration of the digital attacks when he took office. The details only came to light when the Stuxnet worm – believed to have been developed by the US and Israel – surfaced on the internet. Last month, the Iranian government officially denied it had any hand in a recent string of cyber attacks on US financial institutions.