By Ben Bain
April 29, 2009
The United States. policy and legal framework regarding launching
cyberattacks is "ill-informed, undeveloped and highly uncertain" and the
country needs a public national policy in that area that applies to
sectors of government, according to a report released today by the
National Research Council.
The report, from the council's Committee on Offensive Information
Warfare, said cyberattack capabilities greatly expand policymakers.
options and that an open discussion about the country's cyberattack
policy was needed. The group said much of the public policy debate has
focused on cyber defenses.
"We are of the opinion that the policy issues related to cyberattack are
important enough to the nation to warrant serious public discussion -
and I emphasize public discussion - about its significance and place in
the U.S. policy toolkit," Kenneth Dam, a co-chairman of the committee
and a professor at the University of Chicago law school, said at a news
The group also recommended that the government maintain and acquire
effective cyberattack capabilities and conduct high-level wargaming
exercises to understand the dynamics and potential consequences of cyber
conflict. The government should also support academic research on the
topic, the committee said.