The Pentagon has adopted a new strategy that will classify major cyber attacks as acts of war, paving the way for possible military retaliation, the Wall Street Journal reported Tuesday.
The newspaper said the Pentagon plans to unveil its first-ever strategy regarding cyber warfare next month, in part as a warning to foes that may try to sabotage the country’s electricity grid, subways or pipelines.
“If you shut down our power grid, maybe we will put a missile down one of your smokestacks,” it quoted a military official as saying.
The newspaper, citing three officials who had seen the document, said the the strategy would maintain that the existing international rules of armed conflict — embodied in treaties and customs — would apply in cyberspace.
It said the Pentagon would likely decide whether to respond militarily to cyber attacks based on the notion of “equivalence” — whether the attack was comparable in damage to a conventional military strike.
Such a decision would also depend on whether the precise source of the attack could be determined.
The decision to formalize the rules of cyber war comes after the Stuxnet attack last year ravaged Iran’s nuclear program. That attack was blamed on the United States and Israel, both of which declined to comment on it.
It also follows a major cyber attack on the US military in 2008 that served as a wake-up call and prompted major changes in how the Pentagon handles digital threats, including the formation of a new cyber military command.
Over the weekend Lockheed Martin, one of the world’s largest defense contractors, said it was investigating the source of a “significant and tenacious” cyber attack against its information network one week ago.
President Barack Obama was briefed about the attack.