Obama signs guidelines for US cyber-ops

Last updated 13:39 15/11/2012

Relevant offers

Digital Living

Windows 10 uses customers' computers to distribute updates Google fighting French order to apply 'right to be forgotten' outside Europe Reports shows Russians hackers used Twitter, photos to breach US computers Will the Internet of Things listen to your private conversations? Computer coding could join education's 'three Rs' under Labour plan Google apologises after contractor threatens to remove gay bars from search engine Pluto shows public still fascinated by space as Nasa asks US government to restore funding Wellington university students take to social media to warn about crime Online romance seekers targets for international drug cartels New wi-fi service for Porirua CBD

President Barack Obama has signed a classified directive laying out new guidelines for cyber-operations that national security planners can use to protect US computer networks from attack, a senior administration official said Wednesday.

"It continues to be our policy that we shall undertake the least action necessary to mitigate threats and that we will prioritize network defense and law enforcement as the preferred courses of action," the official, who asked not to be named, said in an email.

The document provides no new authorities to the military, intelligence community or other US government arms, the official said.

Instead, it spells out "principles and processes for the use of cyber-operations so that cybertools are integrated with the fully array of national security tools we have at our disposal," the official said in the email.

The directive updates one from 2004 as part of an administration push to shore up networks that handle financial transactions, power grids and other essential services.

James Lewis, a cybersecurity expert at the Center for Strategic and International Studies, said the directive lays out a chain of command and establishes thresholds for action.

"I don't see why the whole thing has to be secret, though," Lewis said.

The Washington Post said on Wednesday that Obama had signed, in mid-October, what the paper identified as Presidential Policy Directive 20, clearing the way for the military to act more aggressively to thwart cyber-attack on US networks.

Chinese elements are "the world's most active and persistent perpetrators of economic espionage," the Office of the National Counterintelligence Executive, an intelligence community arm, said in a public report to Congress in October 2011.

One of the hallmarks of Chinese intrusion is the extent to which operators maintain access to compromised systems, according to a bipartisan commission that advises the US Congress on China.

"With little notice, a compromise could switch to become disruptive or destructive," the US-China Economic and Security Review Commission said in its annual report released Wednesday. Chinese Foreign Ministry spokesman Hong Lei condemned the commission's report as indicative of a Cold War mentality.

US Defense Secretary Leon Panetta said last month that unnamed foreign elements had been targeting computer control systems that operate chemical, electricity and water plants and those that guide transportation.

"Potential aggressors should be aware that the United States has the capacity to locate them and to hold them accountable for actions that may try to harm America," he said.

Ad Feedback

"If we detect an imminent threat of attack that will cause significant physical destruction in the United States or kill American citizens, we need to have the option to take action against those who would attack us," Panetta said at the time.

The procedures outlined in Obama's directive are consistent with the US Constitution, including the president's role as commander in chief, and other applicable law and policies, the senior administration official said by email.

For years, US cyber-operations have been the subject of inter-agency wrangling over such matters as how to balance offensive and defensive operations.

The issue is important because of the potential to cause unintended harm to vital services for civilians.

- Reuters


Special offers

Featured Promotions

Sponsored Content