In Cyber, US Must Demonstrate to Deter

Retired senior military leaders told Congress Thursday the US must demonstrate its offensive cyber capabilities in order to effectively deter adversaries from launching more cyber attacks on the US. “Using an appropriate, demonstrative, offensive capability can have a wonderfully clarifying effect on the minds of your enemies,” retired Adm. James Stavridis, former boss of US European Command, told the Senate Armed Services Committee. Retired Gen. Michael Hayden, agreed, saying, “We need to have far more openness as to … what our capabilities are.” The reluctance to do so “can lead some to underestimate our ability to retaliate,” explained Stavridis. The main reason the US has not taken greater cyber retaliatory action so far is “a lack of confidence in our ability to absorb a counter-retaliation,” said retired Lt. Gen. James Clapper. He told the committee that in late 2012, when he was Director of National Intelligence, Iranian hackers completed a series of denial-of-service attacks on US banks. At the time, “the initial interagency impulse was to counterattack.” They decided not to mainly because the government doubted its ability to “withstand a counter-retaliatory action, which may not be as measured and precise as we might employ,” Clapper said.