For the first time, the United States has officially disclosed plans to develop counterattack measures against foreign nations' cyberattacks. General Keith Alexander, chief of the military's Cyber Command and the NSA, told Congress yesterday the military is training 13 teams of programmers and computer experts to carry out offensive attacks.
As disclosures to Congress go, this is about as ass-kicking as you can get:
"I would like to be clear that this team, this defend-the-nation team, is not a defensive team," Gen. Keith Alexander, who runs both the National Security Agency and the new Cyber Command, told the House Armed Services Committee. "This is an offensive team that the Defense Department would use to defend the nation if it were attacked in cyberspace. Thirteen of the teams that we're creating are for that mission alone."
There will be an additional 27 teams that will be focused on surveillance and training. These defensive teams will "monitor incoming traffic to the United States through private 'Internet service providers'". That sounds ominous, and there will obviously be a lot of back and forth about what can be done legally, and what is actually being done. But cyberattacks like Stuxnet and Shady Rat are evidence enough that the government needs to take very seriously.