Skip to main content

Leaked presidential directive calls for the US to identify potential foreign cyberattack targets

Leaked presidential directive calls for the US to identify potential foreign cyberattack targets

Share this story

US Capitol
US Capitol

One day after revealing that the US government is utilizing a widespread internet surveillance tool called PRISM, The Guardian has now uncovered an 18-page directive that tasks President Obama's senior national security and intelligence officials (including directors of the FBI, CIA, and NSA) with preparing a list of potential foreign targets for cyberattacks coming from the United States. The classified directive, which was issued in October of last year and signed by the president in November, broadly outlines the country's cyber operations policy and specifically calls for the government to "identify potential targets of national importance where OCEO [offensive cyber effects operations] can offer a favorable balance of effectiveness and risk as compared with other instruments of national power." The document also states that OCEO "can offer unique and unconventional capabilities to advance US national objectives around the world with little or no warning to the adversary or target and with potential effects ranging from subtle to severely damaging."

This comes after a year in which the US has been hit by a number of cyberattacks believed to be originating from China — and while the document outlines the usage of defensive cyber effects operations (DCEO), it's also clear that the country is considering cyber warfare as a potential offensive tool. Indeed, earlier this year the head of the NSA said that the country was training 13 offensive cyberwarfare teams. The document also states that the US would "conduct all cyber operations consistent with the US Constitution and other applicable laws and policies of the United States" and that some cyber operations would require the approval of the president.

While the directive was widely reported on in November and is essentially an updated version of one that was first issued in 2004, it's still surprising to see such high-level classified documents leaked in full. What's less surprising is that the US is considering this type of preparation — the government has already spoken on the threat of cyber attacks, so it's not too shocking to learn that the country is preparing to use cyber operations both in offensive and defensive capacities.