White House: Let’s Get It On with Cyber Ops

The White House’s National Cyber Strategy was received by many with yawns and expressions of puzzlement, as the administration of President Trump had been pruning cyber expertise from within the ranks of those advising the National Security Council (NSC). To embrace this as ho-hum would be in error.

The strategy quietly sets the stage and signals the United States is ready for a fight within the cyber domain, especially given the adjustments with respect to Presidential Policy Directive 20 (PPD-20), which loosens even further the restrictions under which the U.S. Cyber Command may operate. There is no need for specific presidential approval for the U.S. military to retaliate to a cyberoffensive attack.

For those following along, the PPD-20 is the same document Edward Snowden purloined and may have provided to the Russians and Chinese as part of his barter arrangements during his 2013 run to Moscow. It was at that time that the world learned that President Obama had authorized, “… unique and unconventional capabilities to advance U.S. national objectives around the world with little or no warning to the adversary or target and with potential effects ranging from subtle to severely damaging.” He then somewhat hogtied that statement with, “… require specific presidential approval,” meaning every operation would require the president’s sign-off.

The question remains for all, Does this signal sufficiently to the nation’s adversaries who continue to probe, compromise, infiltrate and deliberately manipulate public and private networks and data sets that their days of acting with impunity are coming to an end? Will there now be an onslaught of cyberattack-backs from the United States?

What Circumstances May Warrant a Cyberattack?

Logically, an attack against a military element engaged in hostilities would be fair game and met with immediate retaliation. Indeed, one could conjure up a multitude of scenarios in which setting the battlefield for a future escalation would require offensive acts by Cyber Command.

But questions remain about other scenarios, which are worthy of approbation:

  • Is an attack on a defense contractor enough basis to launch a cyberattack on the attacking entity?
  • What of those attacks on national infrastructure? Will that be sufficiently damning as to warrant a cyber response?
  • What provisions are there to keep a cyber engagement from evolving to a kinetic one? How badly would the U.S. economy be damaged if a cyber- and kinetic attack was made against the global servers of key service providers, such as AWS?
  • Is a cyberattack acceptable to assist an ally?
  • Can a cyber domain be used as a response to hardware manipulation or compromise?

Then we have the recent exposé from Bloomberg that revealed China has compromised processor chips that are being used in the U.S. infrastructure and military components. That said, the U.S. government, Super Micro, AWS and Apple have all pushed back—and pushed back without ambiguity—regarding the claims made in the Bloomberg piece.

Let’s assume for a moment it is true. Would this not constitute China setting its plate for a future cyber or armed conflict with an adversary? Putting in place cyber back doors for later use makes good strategic sense: Make the capability ubiquitous and then turn on those you need in a specific scenario. With these “hot” chips in place, could China at a time and place of its liking turn out the lights, turn off the sensors or cause military systems to fail?

This rings the klaxon loudly as the importance of being precise in pinning that tail on the donkey called attribution.

Has the new National Cyber Strategy, which no longer requires cyberattacks to require specific presidential permission, put the country at risk or made it stronger?

Is this a time for caution or a time for boldness?

Featured eBook
451 Research: Securing Open Source

451 Research: Securing Open Source

In this report, we look at how the boom in OSS adoption has also led to an increase in awareness of open source risks, from licensing issues to security – and the measures required to protect organizations against those risks. We examine two incidents in particular – the Heartbleed vulnerability and the 2017 Equifax data ... Read More
WhiteSource

Christopher Burgess

Christopher Burgess (@burgessct) is a writer, speaker and commentator on security issues. He is a former Senior Security Advisor to Cisco and served 30+ years within the CIA which awarded him the Distinguished Career Intelligence Medal upon his retirement. Christopher co-authored the book, “Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century”. He also founded the non-profit: Senior Online Safety.

burgesschristopher has 72 posts and counting.See all posts by burgesschristopher