It isn't necessarily hypocrisy. It makes sense for them to be leery of acting without first talking about the limits they believe should be applied to cyberwarfare. A single act may be consistent with many different interpretations, and the United States could easily be blamed if one of their allies committed some heinous act and justified it using a doctrine they extrapolated from Stuxnet and other acts condoned or committed by the United States.
As an analogous example, parents, knowing that many people think in crude categories such as "drugs" and "illegal," would not simply pot in front of their children without explanation. They would not want to discover later that their kids were doing meth or shoplifting and hear, "What are you angry about? You smoked illegal drugs right in front of me. How is this different?" The parents would likely find themselves accused of hypocrisy, by their kids and by others who honestly or disingenuously failed to understand the distinctions the parents drew between smoking pot and doing meth, or smoking pot and shoplifting.
I don't know if the United States has an official stance on the acceptable use of cyberwarfare, but the fact that they chose to leak their involvement in Stuxnet rather than openly admit it and justify it suggests that they have no official policy to cite (though it may also be that they don't want to officially acknowledge responsibility for Stuxnet's collateral damage.) If there is no official articulation of policy, we really are setting unpredictable precedents that are likely to implicate us in future disasters.
Also I am not at all sure that terrorists are going to care whether the US says they have used weapons like this. I would suggest that "we are worried about cybersecurity" is a much larger green light than "we are using cyberweapons."
I am not aware of the last time a terrorist attacked us with an F-15 or a B-2.....
The much larger issue though is that by releasing Stuxnet, the government had to release tools that terrorists could use into the wild. These can then be reverse compiled, hacked, and turned against us. That's bad news. It would be like leaving behind a large number of Predators or something in terrorist hands.
Actually it is worse than that. With actual airplanes, you have maintenance issues and costs, and the fact is that you have limited quantity and little ability to produce more. With Stuxnet, these limits are not there.
As an analogous example, parents, knowing that many people think in crude categories such as "drugs" and "illegal," would not simply pot in front of their children without explanation. They would not want to discover later that their kids were doing meth or shoplifting and hear, "What are you angry about? You smoked illegal drugs right in front of me. How is this different?" The parents would likely find themselves accused of hypocrisy, by their kids and by others who honestly or disingenuously failed to understand the distinctions the parents drew between smoking pot and doing meth, or smoking pot and shoplifting.
I don't know if the United States has an official stance on the acceptable use of cyberwarfare, but the fact that they chose to leak their involvement in Stuxnet rather than openly admit it and justify it suggests that they have no official policy to cite (though it may also be that they don't want to officially acknowledge responsibility for Stuxnet's collateral damage.) If there is no official articulation of policy, we really are setting unpredictable precedents that are likely to implicate us in future disasters.