The U.S. needs to think about the unthinkable on cybersecurity

[Commentary] US officials have often said that the United States has unrivaled offensive cybercapabilities. Why hasn’t that deterred anyone? It’s simple. The United States is so reliant on computer networks that we’re afraid to launch a tit-for-tat exchange in cyberspace. We need to get tougher and more inventive. In the hope of inspiring others’ imagination, here are a few options that belong in the US toolkit:

• The next time North Korea uses its cadre of expatriate hackers in Kenya, Mozambique and other countries to attack the United States, we should demand that the host government expel the hackers. 
• Russia has allegedly loaded US electrical control systems with tools that could shut down the grid. It’s possible to build electro-magnetic pulse weapons the size of a large copy machine that can fry electronics for a few miles around. Why not install several such weapons in high-rise office spaces around Moscow, including a few places where they’ll be found? 
• Iran has a shown a willingness to use malware that leaves victim networks irretrievably damaged. If Iran did that to US systems, Iran’s remarkably vulnerable offshore oil platforms would be good targets for payback, from simple interruption of gas flows to complete destruction of as many platforms as are necessary to end or deter an attack.

[Stewart Baker served as general counsel of the National Security Agency from 1992 to 1994 and assistant secretary for policy at the Department of Homeland Security from 2005 to 2006]