America has double standards in fighting cyberwar

[Commentary] The hacking of the International Monetary Fund, Central Intelligence Agency and Citibank computer systems has raised fears that the US is on the brink of a cyberwar for which it is woefully unprepared. To deal with this growing threat, the Obama administration’s strategy is to treat destructive state-sponsored cyberattacks as an act of war that may even result in a conventional military response. This approach unfortunately has an unsustainable double standard: while Barack Obama’s strategy treats cyber­destruction by someone else as an act of war, his administration’s actions imply that cyber-destruction by America is a normal covert action, equivalent to espionage.

This double standard will undermine US attempts to confront cyberattacks and exacerbate one of the most intractable problems: how to attribute blame for such an attack. The US, along with Israel, is widely believed to be responsible for the creation and deployment of the Stuxnet computer worm now wreaking havoc with Iran’s nuclear programme. Stuxnet appears to have inflicted huge damage on Iran’s centrifuges, probably exceeding what could have been accomplished by an air raid, and set back its nuclear ambitions by several years. By the logic of the Obama cyber-strategy, this was an act of war against Iran.

[Wright is executive director of studies at The Chicago Council on Global Affairs]