Digital countermeasures in theory can encompass everything from the benign blocking of suspicious IP addresses to more aggressive and eye-opening efforts to poison hackers’ home bases. Done effectively, these tactics can help companies stop attacks or remove spies from their networks. But there’s always risk: Bad intelligence could lead a company to block legitimate Web traffic, for example, or perhaps kick perfectly legal Internet users offline. The most aggressive countermeasures — like actively hacking back a known hacker — are banned under current U.S. law.
As Congress rethinks the private sector’s powers to defend itself, however, lawmakers have struggled to provide a clear definition as to what companies can do and what legal protections they should receive. Exactly what the Obama administration seeks isn’t clear either. Alexander, for his part, has never revealed the full set of tools he believes companies should have at their disposal when acting on government intelligence. The NSA declined further comment — as did the Pentagon, where the general also leads U.S. Cyber Command.
A White House official speaking anonymously to POLITICO said the administration could support a change to law that allows companies to take some defensive countermeasures in cyberspace, with narrow legal protections and strong oversight. But the official said the White House hasn’t put forward its own definition of what qualifies as a “defensive countermeasure” because it’s not writing legislation.
Join the conversation as a VIP Member