Stockpiling arms against cyberattacks

[Commentary] The global cyber-arms race is a reality.

By deploying a computer worm known as Stuxnet in a covert operation intended to damage Iran’s equipment for enriching uranium, the United States crossed a line. Stuxnet was designed to do physical harm. What if other nations do the same — and do it to us? The U.S. government has revealed little about its offensive activities in this sphere. We think this is shortsighted. Two years ago, the National Research Council found that the government’s policy and legal framework for offensive cyber-programs was “ill-formed, undeveloped and highly uncertain.” Is it any different today?

An open, vigorous debate is needed about the threat of cyberwar and the potential response. We had a decades-long debate about nuclear weapons, and it was healthy for the country and the world. We ought to bring the discussion about offensive cyber-conflict out of the shadows.