Modernizing Authentication — What It Takes to Transform Secure Access
Germany's Ministry of Defense recently acknowledged the existence of a military Computer Network Operations (CNO) unit focused on offensive cyber warfare.
"The admission, which appeared in parliamentary documents published on Tuesday, gave no details of the size of the unit much less any operations that it might have run," writes The Register's John Leyden. "However documents delivered to the German federal defence committee did reveal that the unit has been operating for six years since 2006, a year before the cyber-attack on Estonia and four years before the discovery of the infamous Stuxnet worm. 'The initial capacity to operate in hostile networks has been achieved,' the papers explain, adding that the Computer Network Operations Unit had carried out 'simulations' of attacks in a 'closed laboratory environment,' German press agency DPA reports."
"Although the German admission is not a huge surprise -- most countries are assumed to have cyber-offensive capabilities -- the clear declaration that the CNO has an attack role has reportedly caused controversy among the country’s legislators," writes Techworld's John E. Dunn. "The ambiguities are legion. Does the military have the legal or constitutional authority to launch cyber-attacks against third parties without the approval of Parliament and if so under what circumstances? Unlike physical attacks, cyber-weapons can’t be isolated from their surroundings with the same degree of certainty. If, as a growing body of evidence suggests, the US Government sanctioned the use of cyber-malware such as Stuxnet, are the authorities also held responsible should such campaigns hit unintended victims?"