You have reached a collection of archived material.

The content available is no longer being updated and may no longer be applicable as a result of changes in law, regulation and/or administration. If you wish to see the latest content, please visit the current version of the site.

For persons with disabilities experiencing difficulties accessing content on, please use the DoD Section 508 Form. In this form, please indicate the nature of your accessibility issue/problem and your contact information so we can address your issue or question.

United States Department of Defense United States Department of Defense

DoD News

Bookmark and Share

 News Article

Doctrine to Establish Rules of Engagement Against Cyber Attacks

By Donna Miles
American Forces Press Service

BALTIMORE, Oct. 20, 2011 – New doctrine under review by the Joint Staff will lay out rules of engagement against an attack in cyberspace, the commander of U.S. Cyber Command said today.

The doctrine, once adopted, will help to define conditions in which the military can go on the offensive against cyber threats and what specific actions it can take, Army Gen. Keith B. Alexander told reporters at an International Systems Security Association conference here.

It will support the Defense Department’s strategy for operating in cyberspace, released in July, and President Barack Obama’s international cyberspace strategy, the general added.

Once the doctrine is approved, Cyber Command will put out guidance to its cyber warriors spelling out, “Here is how we operate in cyberspace,” and tailor its training accordingly, Alexander said. In the meantime, the laws of land warfare and law of armed conflict apply to cyberspace, he said. The challenge, he explained, is how to translate laws that govern physical space to cyberspace – now a fifth domain of conflict.

“That is what the Defense Department and others are working right now: to come up with the standing rules of engagement and those different parts,” he said.

Among issues the Defense Department is considering, Alexander said, is what constitutes a war in cyberspace.

The United States also must determine what represents a reasonable and proportional response to a cyber attack, he said. The law of armed conflict authorizes a reasonable, proportional defense against a physical attack from another country. Extending that logic to cyberspace, Alexander said, it remains unclear if it includes authority to shut down a computer network, even if it’s been taken over by a malicious cyber attacker intent on destruction.

If it does, also left unanswered so far is who would have that authority: the FBI, the National Security Agency, the military, the Internet service provider or another entity.

“That is something policymakers are going to have to tell us: ‘Here is what you are authorized to do,’” Alexander said.

The way doctrine, laws, policy and standing rules of engagement address these and other issues will shape how the military trains its cyber warriors, the general said. Current training focuses predominantly on ways to secure DOD networks, Alexander said, but he added that he expects that training to broaden to include more “full-spectrum” operations against threats.

Cyber Command will “train our force to the standard and ensure that we do it exactly right,” he said.

Alexander emphasized the importance of that capability against a growing array of ever-more-dangerous cyber threats.

“I think that nation states, non-nation state actors and hacker groups are creating tools that are increasingly more persistent and threatening, and we have to be ready for that,” he said. “So the security frameworks we are putting in place are forward-looking, based on what we are seeing.”


Contact Author

Army Gen. Keith B. Alexander

Related Sites:
Special Report: Cyber Security

Related Articles:
Special Report: Cybersecurity


Article is closed to new comments.

The opinions expressed in the following comments do not necessarily reflect those of the U.S. Department of Defense.

11/18/2011 2:47:59 PM
"Extending that logic to cyberspace, Alexander said, it remains unclear if it includes authority to shut down a computer network, even if it’s been taken over by a malicious cyber attacker intent on destruction." Any such malicious cyber attacker would be deeply embedded within one's own vital computer network, making shut down practically impossible. And that is the abiding enigmatic dilemma which will defeat all present SCADA Command and Control systems which have sensitive secrets that admin would prefer to remain generally unknown because of the unfair and inequitable advantage they may deliver to disadvantage everyone else.
- amanfromMars,

Additional Links

Stay Connected