Robert Morgus was quoted in FedScoop about the GOP cybersecurity plan:
“There is a distinct lack of clarity about rules of the road for peacetime, and the norms and laws that do and will govern offensive cyber operations in peacetime [are] still highly malleable,” explained Robert Morgus, a policy analyst with D.C.-based think tank New America.
“This means that operations conducted by the U.S. and others are highly influential in shaping those rules, and pushing the red line too far — while useful for short-term strategic goals like disrupting the Iranian nuclear program — may prove detrimental to global stability in the long run,” he added.
The platform’s ambiguous call to action, noted Morgus, offers no details about what it defines as going on cyber offense — “it’s important to draw a line between offensive cyber operations conducted for espionage or intelligence gathering purposes and offensive computer network operations,” he said.
Espionage, Morgus said, is an expected reality for nation-states but offensive computer network operations — like the Stuxnet cyberweapon which crippled Iran's nuclear program — could easily cross the threshold into "armed attack." In international law, nations are permitted to respond militarily to an armed attack.