The Pentagon has a list of approved cyber weapons, including viruses, that it will use against enemies of the US.
This follows a statement from the Ministry of Defence (MoD) earlier this week stating that it will recruit hundreds of cyber experts to shore up UK defences.
The revelation that the US list exists and has been in use for several months was made to the Washington Post by anonymous military officials.
The military needs presidential approval to attack a foreign network, except when war has been declared, in which case the approval may be given in advance. However, approval does not need to be given to penetrate networks to see how they operate.
So presidential approval would be needed for an attack like that of the Stuxnet worm, which severely hindered Iran's nuclear programme last year.
The report also revealed that the US decided not to launch a cyber attack against an online jihadist magazine called Inspire last year, but the UK made the attack instead. The magazine's launch issue was largely unreadable as a result.
However, a second, readable version was published two weeks later.