In a new Morning Consult poll, 54 percent of respondents said the best response to cyber intrusions from abroad is to enhance cybersecurity at home. The other courses of action garnered much weaker support: 13 percent said the U.S. should respond by launching cyberattacks against perpetrators; 21 percent said the federal government should threaten sanctions against countries where the attacks originate from; and 3 percent said no action should be taken.
Support for a defensive approach cut across every demographic. Fifty-four percent of Democratic voters said their preferred approach is for the U.S. to beef up its cybersecurity, a view shared by 53 percent of Republicans and 56 percent of independents.
Even 58 percent of voters who consider national security the most important policy issue said defensive measures are the best approach. That puts some GOP presidential candidates at odds with their base.
Last month, Sen. Marco Rubio (R-Fla.) advocated for retaliation. “If we’re going to be attacked in cyber by China, we have to show a willingness to do the same,” he said.
Following a high-profile data breach at the Office of Personnel Management that compromised the personal information of more than 20 million Americans, Director of National Intelligence James Clapper said China is the leading suspect behind the cyber theft. The Chinese government has denied any involvement, and the Obama administration has not publicly blamed China for the data breach.
Republican presidential candidate Mike Huckabee, the former governor of Arkansas, was more blunt in a campaign website post, titled “Time to Hack China Back.”
“The response and retaliation to this behavior is simple – America should hack the Chinese government,” Huckabee wrote. “We should hack the cell phones of some prominent Communist party leaders, hack the bank accounts of intelligence officials, publicly humiliate Chinese families for political corruption, or wipe-out a few critical Chinese computer systems.”
Critics of the practice known as “hacking back,” or responding to a data breach by hacking the alleged perpetrators, say the approach can easily escalate into a cyber war. Still, some members of Congress have signaled a willingness to underscore their preference to retain that approach as a military response option.
The Senate next month is expected to resume consideration of a cybersecurity bill – S. 754, sponsored by Senate Intelligence Committee Chairman Richard Burr (R-N.C.) – that includes language emphasizing that the Secretary of Defense has the authority to “conduct a military cyber operation in response to a malicious cyber activity carried out against the United States or a United States person by a foreign government or an organization sponsored by a foreign government or a terrorist organization.”
The poll was conducted from Aug. 14 through Aug. 16 among a national sample of 2,013 registered voters. Results from the full survey have a margin of error of plus or minus 2 percentage points.