The newly-opened US Cyber Command is seeking authority to carry out offensive operations around the world to protect US interests.
These operations could include destroying, disrupting or degrading targeted computers or networks to prevent cyber attacks.
But senior US government policy makers and lawyers are uncertain about the legality of offensive operations, according to the Washington Post.
They want to want to limit the military's offensive computer operations to war zones such as Afghanistan.
The debate is part of a larger effort to draw up a coherent strategy to guide the government in defending the US against cyber attacks.
An action against a target in one country could unintentionally disrupt servers in another.
Policymakers are also struggling to delineate Cyber Command's role in defending critical domestic networks in a way that does not violate the privacy of US citizens.
The US military Cyber Command is charged with defending US Department of Defense (DoD) networks against cyber attacks.
The Fort Meade facility in Maryland is also in charge of all US federal cyber-warfare activities.