The Pentagon says cyberspace is an operational domain on par with land, sea, air and outer space, and there is little doubt that a global cyberarms race is getting underway. The United States is already well engaged in this race, as evidenced by reports of the computer worm Stuxnet, used to attack Iran’s nuclear enrichment equipment. But so far these efforts have largely been kept secret and conducted as intelligence operations.
DARPA’s workshop points again to the need for more transparency. The United States still has no open, overarching doctrine to govern a cyberweapons program. A good place to start would be a declaratory policy that would lay out when and under what circumstances offensive weapons such as Stuxnet might be used. After that, an open discussion is needed about rules of engagement for this complex new field, along with additional study of such issues as how and whether the military should protect non-military assets in government and the private sector.