The Wall Street Journal reports:
The Pentagon has concluded that computer sabotage coming from another country can constitute an act of war, a finding that for the first time opens the door for the U.S. to respond using traditional military force.
The Pentagon’s first formal cyber strategy, unclassified portions of which are expected to become public next month, represents an early attempt to grapple with a changing world in which a hacker could pose as significant a threat to U.S. nuclear reactors, subways or pipelines as a hostile country’s military.
In part, the Pentagon intends its plan as a warning to potential adversaries of the consequences of attacking the U.S. in this way. “If you shut down our power grid, maybe we will put a missile down one of your smokestacks,” said a military official.
Recent attacks on the Pentagon’s own systems—as well as the sabotaging of Iran’s nuclear program via the Stuxnet computer worm—have given new urgency to U.S. efforts to develop a more formalized approach to cyber attacks. A key moment occurred in 2008, when at least one U.S. military computer system was penetrated. This weekend Lockheed Martin, a major military contractor, acknowledged that it had been the victim of an infiltration, while playing down its impact.
The Associated Press reports:
This cyber attack didn’t go after people playing war games on their PlayStations. It targeted a company that helps the U.S. military do the real thing.
Lockheed Martin says it was the recent target of a “significant and tenacious” hack, although the defense contractor and the Department of Homeland Security insist the attack was thwarted before any critical data was stolen. The effort highlighted the fact that some hackers, including many working for foreign governments, set their sights on information far more devastating than credit card numbers.
Information security experts say a rash of cyber attacks this year — including a massive security breach at Sony Corp. last month that affected millions of PlayStation users — has emboldened hackers and made them more willing to pursue sensitive information.
“2011 has really lit up the boards in terms of data breaches,” said Josh Shaul, chief technology officer at Application Security, a New York-based company that is one of the largest database security software makers. “The list of targets just grows and grows.”