Faced with increasingly troubling attacks on its cyber infrastructure, the United States has outlined new measures intended to help it respond more effectively to attacks that might compromise public safety or its national security interests.
On Tuesday, President Obama approved a directive that lays out how federal agencies will respond to “significant cyber incidents," with the FBI to be formally in charge of investigating.
Although the President has made cybersecurity a priority, the U.S. continues to confront attacks targeting the private sector and the federal government, the White House said.
Some of these include “significant cyber incidents” which the President defines as attacks that will likely harm the U.S.’s national security, economy, civil liberties or public confidence.
“Cyber incidents are a fact of contemporary life,” he wrote. “And significant cyber incidents are occurring with increasing frequency.”
As part of his directive, the President is ordering the FBI to take the lead in investigating and dealing with perpetrators of major cyber attacks.
The Department of Homeland Security, meanwhile, will be in charge of lessening the damage and patching any vulnerabilities from the attack.
Both the FBI and the Department of Homeland Security already investigate many major cyber crimes, but Tuesday’s directive better clarifies their roles.
Obama approved the directive weeks after hackers stole confidential documents from the Democratic National Committee. Those documents have now leaked to the public and could influence the outcome of the U.S. presidential election.
Although private security firms suspect that Russian state-sponsored hackers are behind the intrusion, the FBI is still investigating the matter and the President is waiting for the results.
Tuesday’s directive doesn’t provide clarity on what Obama might do if the FBI finds that Russia was involved with the DNC breach. But the private sector has been asking the White House for a guideline on the federal government’s role in fighting cyber crimes.
While existing policies can handle more minor threats, the U.S. needs a unified response to deal with severe attacks, the President said in his directive.
The White House has also come out with a color-coded scale that federal agencies will use to judge the severity of cyber incidents. It runs from zero to five, and threats evaluated at level 3 or higher will be deemed significant and trigger the FBI to investigate.
In addition, the Office of the Director of National Intelligence will function in a support role to both gather intelligence and even “degrade” the perpetrators’ capabilities.
In a statement, U.S. Representative Michael McCaul, a Republican from Texas, said he approved of the directive and called it an “important step” to ensuring that federal agencies can respond to domestic cyber attacks.
However, he also said that the President should clarify the rules of engagement for cyber warfare. That might mean the U.S. defining when a cyber attack should be construed as an act of war.
U.S. lawmakers have proposed a bill, still under review, that would direct the President to design such a policy.
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.