The Trump administration has rolled back Obama-era rules governing the use of cyberweapons. U.S. government hackers will now have more latitude to respond to and deter cyberattacks by adversaries.
For the military—especially U.S. Cyber Command, which has long desired more freedom to maneuver—this is welcome news. Other agencies, especially those with sensitive intelligence and diplomatic equities at stake, are surely less enthusiastic about the prospect of turning up the temperature in the cyberwars.
Cyber policy is shaped by a trade-off between deterrence on the one hand and intelligence collection and diplomatic standing on the other. A relaxed cyber engagement policy increases U.S. deterrence capabilities—if you hit us, we can hit back. But it could also endanger existing spy operations. Robert Chesney, a University of Texas legal scholar, has observed that if the National Security Agency “is in a target system and reaping important intelligence, an offensive operation that imperils that collection may or may not be in the country’s net national interest.” If the military goes on a cyberoffensive, it could also undermine the standing of U.S. diplomats when they call for international norms supporting a free and open internet.