Trump is rolling back restraints on US cyberwarfare

| August 18, 2018 | 14 Comments

cyber war

Wall Street Journal Link

President Donald Trump has removed restraints on how and when the US can launch cyberattacks on its adversaries — and it could make attacks on other countries more likely.

Trump signed an order earlier this week overturning a series of Obama-era rules, which defined a lengthy process of inter-agency approval before the US could launch cyber-offensives, people familiar with the matter told The Wall Street Journal.

The Journal said one administration official briefed on the decision described the change as an “offensive step forward.” The change is meant to support military operations and deter foreign interference in US elections.

The Trump administration is under pressure to show it is taking threats of foreign interference seriously in light of mounting evidence that Russia meddled in the 2016 US election.

The Obama-era rules, known as Presidential Policy Directive 20, meant agencies that wanted to launch a cyberattack had to gain approval from groups across the federal government. This was to ensure that existing defense operations were not harmed by the launch of a new attack, but added levels of bureaucracy, slowing effective response time.

The new policy applies to the Defense Department as well as other federal agencies, an administration official told The Journal. The person declined to say which other agencies would be affected.

Sources did not tell The Journal which rules were replacing the Obama-era directive, citing the classified nature of the process; as The Journal pointed out, the Obama-era rules were classified as well and were made public only in the 2013 Edward Snowden leaks.

More Obama era group-think bypassed, allowing rapid deployment of cyber warfare assets to attack against near real time adversaries.

Category: Military issues

Comments (14)

Trackback URL | Comments RSS Feed

  1. Roger in Republic says:

    They need to find every order signed by Obama and reverse it. They can’t do any more damage than he did, and may actually fix some things.

  2. Perry Gaskill says:

    I can’t help but wonder if at least part of the problem the government runs into is a deep-seated cultural issue. Some years ago, I worked as an IT contractor for a large city, and found things to be plagued with both a preoccupation for office politics and a sort of endemic inertia. The result is that a lot of the rock-star level programmers needed to seriously disrupt hacker attacks are probably not going to be interested in working for the government, especially if the money is better someplace else. It’s not a good fit.

    Without putting too fine a point on it, your typical really good programmer tends to keep odd work hours, and comes to work wearing flip-flops and a Hawaiian shirt. Such a comment might seem like a stereotype, but it’s also a reflection of reality in my own experience.

    There was a comment thread a few years ago on Ars Technica where Eddie Snowden was asking for some advice on how to automate the scut work of copying server logs over for back-up. During the copying, he wanted to both timestamp and rename the files in the process. Such a thing is usually done with a scheduled scripting tool. It’s not exactly IT kindergarten level, but it’s still at the level of IT grammar school. The relatively tricky part is in the renaming.

    Somehow, at least it seems to me, government IT usually gets the Eddie Snowdens while the hacker community, for better or worse, gets the kind of people who answer Snowden’s questions.

    Sorry if this veers off topic. It’s intended to merely point out that you can change the ROE for getting in-your-face with Russian or Chinese hackers, but you’re still going to need people able to do it.

    • Mason says:

      You’re right. Government IT is nowhere near the forefront of the curve. Here’s hoping that at least some spots of the cyberwarfare community are closer to the bleeding edge.

    • 26Limabeans says:

      I suspect there are quite a few “basement boys” and gals that are chomping at the bit to become cyber warriors. Years of Cheetos and soda (or worse) have them itching for fame and fortune as leaders of the “Cyber Force”. Space Force sounded cool but that is taken so Cyber Force will be their way of contributng to world peace. Or something like that. Yeah, I’m dreaming.

      • Mason says:

        Cyber Force uniform;
        -Cargo shorts over sandals worn with socks
        -Tie-died button down shirt, with no under shirt, top two buttons left open
        -Grooming standard mentions a neck beard, which is mandatory for males, encouraged for females

        APFT consists of a typing speed test and an endurance test consisting of remaining in a chair, immobile for the duration of all three Lord of the Rings movies (extended cuts of course) while consuming a gallon of Mountain Dew without leaving the chair once. Bonus points if the neck beard being tested can get his actual mom to bring him Pizza Rolls during the APFT exam.

        • Carlton G. Long says:

          There is still a push up test and run … if you can do more than three pushups, or run 100 yards in less than two minutes … you are a no-go at this station.

  3. FatCircles0311 says:

    The domestic enemy party is going to be furious.

Leave a Reply

Your email address will not be published. Required fields are marked *