In the past six months, hackers have infiltrated the websites and internal servers of the United States Senate, the CIA, numerous other state and federal agencies, private corporations, and individuals. The onslaught seems unstoppable, and the FBI and other US law enforcement agencies struggle to identify and arrest the hackers responsible for the attacks. Many hackers are after money, concentrating on identify theft and other frauds that have allowed them to steal tens of millions of dollars, primarily from small businesses in the United States. More ominous, however, is the recent trend of attempted and successful cyber-infiltrations into government agencies, the military, and the email accounts of government officials and other individuals with high security clearances, in the United States as well as other nations.
At the same time that attacks are being launched against the United States, the United States has come much closer to launching its own cyber attacks. In early 2011, before leading conventional military strikes against Gaddafi's regime in Libya, the United States considered, and ultimately rejected, initiating a cyber attack against Libya's air-defense system, hoping to cripple its ability to act against the upcoming airstrikes. Although the United States rejected the plan, that it was even considered is strong evidence of the importance that the Obama administration has placed on cybersecurity, as it has become increasingly pressing for both homeland security and offensive military tactics.
Since taking office, Obama has taken unprecedented steps to develop a coherent United States policy on the issues surrounding cyberspace, particularly those relating to defense. The Obama administration was the first to appoint a Director of Cybersecurity and has released several publications detailing its cyberstrategy, starting with the Cyberspace Policy Review and the International Strategy for Cyberspace, in the first years of Obama's presidency. Published in July 2011, the Department of Defense Strategy for Operating in Cyberspace, as the title implies, outlined how the Pentagon, which is in charge of all military domains, would approach cybersecurity issues. The Obama administration has also pushed Congress to draft and pass comprehensive cybersecurity legislation, a move which has received bipartisan support. One factor that greatly complicates the issue of cyberdefense, however, is the fact that cyber attacks are not solely made against the government or other public networks, but rather against private companies. There is debate amongst experts about how much the government should be involved in ensuring private companies are adequately protected against cyber attacks.
The United States is also an active participant in international conversations about cybersecurity, where there is much less consensus about appropriate rules and norms. Broadly speaking, there are two different approaches to cybersecurity that countries tend to take. The first, which is exemplified by the policies of die United States and the United Kingdom, want to be able to crack down on cybercrime without inhibiting the free flow of information between and within countries. The second, primarily promoted by Russia and China, is concerned with limiting the flow of information across borders. Russian and Chinese leaders are concerned that free information could make their societies less stable. While the Obama administration has stated that it would support die creation of an international treaty on cyberspace, it seems unlikely that agreement could be reached on any such treaty in the near future, given the divergent views on the most pressing issues of cyberspace. …