More From the 'Leaked Document' File: Obama's Cyber-Attack Directive
Yet another thing you always wanted to know about the workings of the U.S.
government ... but didn't know to ask
Megan Garber Jun 7 2013, 4:46 PM ET
If "Things We're Learning About the Security Workings of the U.S.
Government" were a late-night infomercial, today would be the point in the proceedings when the giddy announcer tells us, "But wait! There's more!"
Because more, it seems, there is.
The Guardian has just posted a new revelation about top-secret U.S.
government activities, based on a new leaked document: a directive that President Obama, late last year, sent to senior national security and intelligence officials. The directive orders them to, among other things, create a list of potential overseas targets for U.S. cyber-attacks.
The 18-page, classified document, Presidential Policy Directive 20, was issued in October 2012. (It was discussed in a November article in The Washington Post, but not published until now.) The memo was sent to Joe Biden, Hillary Clinton, and pretty much every other high-ranking member of the Executive branch, and it proposes what it calls Offensive Cyber Effects Operations (OCEO) -- essentially, a plan for strategic cyber-attacks against other countries, carried out abroad and, potentially, within the U.S.
The point of such attacks, per the document? To "offer unique and unconventional capabilities to advance U.S. national objectives around the world with little or no warning to the adversary or target and with potential effects ranging from subtle to severely damaging."
So. Stuxnet -- the computer worm suspected, though not fully confirmed, to have originated from a partnership between the U.S. and Israel -- might have been a harbinger of things to come. As Guardian writers Glenn Greenwald and Ewen MacAskill note, the directive is significant in part because it defines the criteria for offensive cyber operations beyond simple retaliatory actions, and toward "vaguely framed" ideas about the advancement of "U.S.
national objectives around the world."
Then again, like so many other pieces of incendiary news that have made their way to the public this week, we don't know the full story here. We don't know whether there are later-issued documents that might have changed the framework proposed in the directive. We don't know how the many powerful people copied on the memo reacted to it. (Per the Post piece on the as-yet-unpublished document, "Officials say they expect the directive will spur more nuanced debate over how to respond to cyber-incidents.")
And though Greenwald and MacAskill note that the directive could indicate "the increasing militarization of the Internet," the document emphasizes cyber-attacks as a potential alternative to physical attacks. The government, the directive says, will "identify potential targets of national importance where OCEO can offer a favorable balance of effectiveness and risk as compared with other instruments of national power."
So we, ultimately and unsurprisingly, have more questions than answers when it comes to this particular piece of governmental secret-document-ing. It's worth noting, though, that the most surprising thing about a secret strategy for cyber warfare would be if such a strategy didn't exist. As the document puts it:
The United States has an abiding interest in developing and maintaining use of cyberspace as an integral part of U.S. national capabilities to collect intelligence and to deter, deny, or defeat any adversary that seeks to harm U.S. national interests in peace, crisis, or war. Given the evolution in U.S. experience, policy, capabilities, and understanding of the cyber threat, and in information and communications technology, this directive establishes updated principles and processes as part of an overarching national cyber policy framework.
(F)AIR USE NOTICE: All original content and/or articles and graphics in this message are copyrighted, unless specifically noted otherwise. All rights to these copyrighted items are reserved. Articles and graphics have been placed within for educational and discussion purposes only, in compliance with "Fair Use" criteria established in Section 107 of the Copyright Act of 1976.
The principle of "Fair Use" was established as law by Section 107 of The Copyright Act of 1976. "Fair Use" legally eliminates the need to obtain permission or pay royalties for the use of previously copyrighted materials if the purposes of display include "criticism, comment, news reporting, teaching, scholarship, and research." Section 107 establishes four criteria for determining whether the use of a work in any particular case qualifies as a "fair use". A work used does not necessarily have to satisfy all four criteria to qualify as an instance of "fair use". Rather, "fair use" is determined by the overall extent to which the cited work does or does not substantially satisfy the criteria in their totality. If you wish to use copyrighted material for purposes of your own that go beyond 'fair use,' you must obtain permission from the copyright owner. For more information go to:
THIS DOCUMENT MAY CONTAIN COPYRIGHTED MATERIAL. COPYING AND DISSEMINATION IS PROHIBITED WITHOUT PERMISSION OF THE COPYRIGHT OWNERS.