Puisque les USA ont déclaré qu’ils pouvaient mener la guerre dans le cyberespace (on peut douter de la pertinence de l’emploi du terme de guerre, mais c’est un autre sujet), il n’est pas déraisonnable de se demander si les informatiques orphelines pourraient faire l’objet de telles attaques.

source

Quel intérêt à les prendre pour cibles ?

Les cyber attaques évitent de risquer des bombardiers ou des drones dans un espace aérien ennemi alors qu’on peut opérer de son bureau en toute sécurité.
Risquer un bombardier, c’est risquer une vie humaine alors que la guerre « zéro mort » est devenue un dogme. Zéro mort, c’est pour le camp du bien, évidemment, l’ennemi pouvant en déplorer un certain nombre.
Risquer un drone, c’est risquer une polémique sur sa capture (comme ce fut le cas avec l’Iran il y a quelque temps) et surtout s’exposer à un transfert de technologie involontaire.
Opérer depuis son bureau, c’est aussi éviter de risquer des commandos dont la mission serait de détruire des infrastructures du pays ennemi, et donc respecter le « zéro mort ».

Réponse

Le field manual 3-38 cyber electromagnetic activities (CEMA) expose la doctrine américaine matière d’activités électromagnétiques et cyber.
On y trouve tout d’abord l’intérêt de ces activités cybernétiques (p 17, §1-30 et 1-31) :
1-30. Attacking enemy and adversary networks and systems can disrupt and deny them freedom of action in cyberspace and the EMS. CEMA provide the commander with capabilities that can be employed to deceive, degrade, disrupt, deny, destroy, or manipulate across the continuum, and CEMA can exploit enemy and adversary systems to facilitate intelligence collection. These capabilities may be used to target enemy and adversary cyberspace and EW functions or create first-order effects in cyberspace and the EMS to create cascading effects into natural domains to affect weapons systems, command and control processes, and critical infrastructure and key resources.
1-31. CEMA enhance the lethality of traditional weapons systems. Examples include the use of data links and network based targeting systems, targeting and terminal guidance through laser designators, laser range finders, global positioning systems, and seeker weapons.
Puis, ce que sont les opérations offensives dans le cyberespace :
3-4. Offensive cyberspace operations are cyberspace operations intended to project power by the application of force in or through cyberspace (JP 1-02). Army forces conduct OCO across the range of military operations by targeting enemy and hostile adversary activity and related capabilities in and through cyberspace. OCO are designed to support the commander’s objectives and intent consistent with applicable authorities and legal frameworks. (See paragraph 3-38 for additional information on authorities and other legal considerations.)
3-5. OCO are conducted in and through cyberspace where information technology infrastructures, along with the people and systems that use them, exist in an area of operations and pervade an operational environment. To varying degrees, host-nation populations, governments, security forces, businesses and other actors rely upon these infrastructures and supporting networks or systems. Given these conditions, OCO require deliberate coordination and integration to ensure desired effects (changes in behavior which do not suggest the ways or means those changes were created) are created and focused at the right place and time in support of the commander’s objectives.
3-6. Using OCO, commanders can mass effects through the employment of lethal and nonlethal actions leveraging all capabilities available to gain advantages in cyberspace that support objectives on land. For example, cyberspace capabilities and other information-related capabilities may be directed at an enemy weapons system consisting of the targeted platform and its operators. The cyberspace capability could create degrading effects on the platform while an information-related capability influences, disrupts, corrupts, or usurps the decisionmaking of the operator. (See FM 3-13 for additional information on inform and influence activities (IIA) and information-related capabilities.)

Sans oublier la nécessité du renseignement :
3-12. Cyberspace information collection is an extension of information collection consisting of actions that facilitate CO primarily through deliberate network reconnaissance and surveillance and other enabling activities (including access to or control of those networks) in and through cyberspace. Cyberspace information collection includes activities in cyberspace conducted to gather intelligence from target and adversary systems that may be required to support future operations and enabling activities conducted to plan and prepare for follow-on military operations. Cyberspace information collection aligns with joint constructs for cyberspace intelligence, surveillance, and reconnaissance and cyberspace operational preparation of the environment as discussed in paragraphs 3-13 through 3-15 and depicted in figure 3-2.
3-13. Consistent with joint doctrine, cyberspace intelligence, surveillance, and reconnaissance includes activities in cyberspace conducted to gather intelligence from target and adversary systems that may be required to support future operations, including OCO or DCO. These activities synchronize and integrate the planning and execution of cyberspace sensors, assets, and processing, exploitation, and dissemination systems, in direct support of current and future operations. For the Army, cyberspace information collection expands joint cyberspace intelligence, surveillance, and reconnaissance by focusing on answering the commander’s critical information requirements thereby enabling understanding and decisionmaking.

Ce manuel est téléchargeable ici.
Dans la mesure où la nature des cibles n’est pas restrictive, nous voyons bien que l’informatique de production n’est pas à l’abri d’une opération offensive. Et comme la qualité d’ami et d’ennemi est très changeante dans le cyberespace, il peut être utile de se protéger…