back to article Leaked Obama brief reveals US cyber defense, offense policy

The Obama administration has told government agencies to compile a list of potential targets for offensive cyberwarfare actions, where such actions could benefit the interests of the United States, a leaked report reveals. President Obama signed off on Presidential Policy Directive 20 last November, but its full contents have …


This topic is closed for new posts.
  1. John R. Macdonald
    Big Brother

    After all these leaks will The Grauniad be named as a criminal "co-conspirator" by the US?

    1. Matt Bryant Silver badge

      Re: John R. Macdonald

      Strangely, given their Liberal background, The Guardian has always been a leading light for the US haters. Sometimes it was so extreme as to be senseless, including their infamous celebration of the assassination of Abraham Lincoln! Considering how Lincoln abolished slavery it seems ludicrous that The Guardian's take on his death was "Of his rule, we can never speak except as a series of acts abhorrent to every true notion of constitutional right and human liberty ..." Their rather bizarre selection of causes to support over the years has included the Communists in the Spanish Civil War, establishment of the State of Israel in 1948, yet bitterly opposing the introduction of the National Health Service in the UK. It seems they are just too addicted to being sensationalisticly anti.

    2. Anonymous Coward
      Black Helicopters

      Re: John R. Macdonald

      "After all these leaks will The Grauniad be named as a criminal "co-conspirator" by the US?"

      Well the NSA will already know whether or not they've done anything actionable, given that the Guardian Newspapers Group is a Google Enterprise Apps customer....

  2. btrower


    Re: On the whole, the directive requires the US government to conduct OCEO and DCEO only in ways consistent with the US Constitution and applicable United States and international laws – "and, as applicable, the law of armed conflict."

    That's OK, then. In related news, they will also be supporting the new program allowing pedophiles to pair up with kids 'consistent with keeping children safe'.

    OMG. Is there ever going to be anything outrageous enough to get a rise out of the public?

    1. NukEvil

      Re: FTW

      Hey, look at this brand-new, shiny iPhone. Ooh, and don't forget, you don't want your family to starve to death because your boss saw your protest plans on Facebook and acted "in accordance with national interests" to protect your freedom.

    2. cortland

      Re: FTW

      Odd you should mention that. From a Spam bucket:

      From: "True" <

      To: [redacted]

      Subject: Get Matched Today – Search for Singles in Your Area

  3. Anonymous Coward
    Anonymous Coward

    Directive 20: SNAFU

    I wished they would of leaked Directive 19 or 21, or are they all just confirmation of what the public already knows? The last few days have been riddled with government "leaks", but these leaks are just confirmation, not incrimination. Where's the beef?

    1. Destroy All Monsters Silver badge
      Big Brother

      Re: Directive 20: SNAFU

      > but just

      I don't know where this "but just" comes from. I think it should be "and sadly but unexpectedly".

      Obama is such a douche one would think he was playing in Games of Thrones.

  4. jake Silver badge

    During the meanwhile ...

    ... in all my years of network security related work (that's over a third of a century, for those of you not paying attention), I have NEVER met a manager who uses the term "cyber" seriously who has any clue whatsoever about how the actual system works. It's a buzzword that self-selects people who can be safely ignored. Handy flag, that.

    1. Ole Juul

      Re: During the meanwhile ...

      Are you sure you're looking the right way? I rather think of the term "cyber" as code for crazy attempts at make work schemes. In this case it certainly looks like it will create jobs. Think of as digital medicine men.

    2. NomNomNom

      Re: During the meanwhile ...

      guess you've never worked anywhere that has to deal with frequent attacks by cybermen then.

      lucky you /sarc

      1. jake Silver badge

        @NomNomNom (was: Re: During the meanwhile ...)

        You've actually worked somewhere that was frequently attacked by made-up-for-TV critters?

        That would explain most of your posts on this Esteemed Red Topped Organ.

        1. This post has been deleted by its author

        2. Anonymous Coward
          Anonymous Coward

          Re: @NomNomNom (was: During the meanwhile ...)

          If you stepped down from your high horse you might be able to read the word "sarc" at the end of his posting.

          hint: it's short for sarcasm

    3. Michael Wojcik Silver badge

      Re: During the meanwhile ...

      Agreed - it's a damn useful shibboleth.

      Anyone who applies the prefix "cyber"1 to anything other than cybernetics is demonstrating at least a failure of comprehension and a lack of technical sophistication, and probably an inability to think critically.2 And the "cybernetics" exemption only applies to those who can demonstrate an understanding of Norbert Wiener's work.

      (Disclosure: I had an article in the special issue of Works and Days that carried the subtitle "The Geography of Cyberspace". In my defense, I did not choose the subtitle, and I was young and needed the CV line.)

      1Or, worse, uses it as a freestanding term; that should be a flogging offense.

      2Double points off for "cyborg", unless citing the work of Clynes and Klein, Halacy, Caidin, or Haraway; and then it should be accompanied by disclaimer, and preferably an observation on the infelicity of the term. (All organisms are cybernetic, in that they self-regulate using feedback mechanisms, so the term is a tautology if taken literally, and just dumb if taken in the sense coined by Clynes and Klein. And "Cyborg Manifesto" is probably Haraway's weakest work.)

  5. Anonymous Coward
    Anonymous Coward

    Act of war

    Blockading a port is considered an act of war.

    Would "Offensive Cyber Effects Operations" also qualify?

    1. Tim99 Silver badge

      Re: Act of war

      Yes, probably, if it was port 80...

    2. Anonymous Coward
      Anonymous Coward

      Re: Act of war

      "Would "Offensive Cyber Effects Operations" also qualify?"

      Not generally, because done properly the originator can't be proved, and going to war with made up evidence now has a very bad name.

      But if electronic attacks aren't an act of war, this means it is opening up new "cold war" opportunities between nations, and better still, almost everybody can come to this party. And this new cold war includes proxy fighting, and proxy targeting (eg take a European nation's financial sector off line, implicate the real target, then when the US want to act against the target, they get a more receptive hearing).

      Personally I'd think the Yanks would be better off putting the resource into defending their own infrastructure and working out better tracing of attacks,rather than wasting their time trying to find ways of turning off the fridges in Tehran.

  6. Anonymous Coward

    keeps getting worse

    The revelations about the NSA having backdoors into most major US internet companies has been likened to getting caught with your pants down.

    Having an active plan to develop and launch cyber attacks, along with various sources who claim they do this all the time already - that's like getting caught with your pants down, cock in hand, with a box of tissues and an array of embarrassingly deviant reading material in front of you.

    1. Anonymous Coward
      Anonymous Coward

      Re: keeps getting worse

      No, most governments have "active" plans for all kinds of contingencies, this one just happens to be about electronic warfare instead of the physical world. Would you rather governments NOT have active plans to develop and launch cyber attacks? I'm hoping my government has all kinds of such plans and they are regularly evaluated and updated as threats emerge or wane.

    2. Michael Wojcik Silver badge

      Re: keeps getting worse

      that's like getting caught with your pants down, cock in hand

      This is the public posture which the US Federal government has always preferred: viz Manifest Destiny, the Opening of Japan, the war on Communism, and so forth. It may have taken Teddy R. to coin the phrase, but our unofficial motto has ever been "We have a Big Stick".

      These latest revelations are perfectly in keeping with this policy. The Feds love to say "no one else should do this, but we may"; it's a demonstration of power. Individual figures in the Federal government may on occasion be embarrassed, but the institution as a whole is immune to that condition.

  7. Tony Green

    "Where actions could benefit the interests of the United States"

    Not just "defending the US if it's attacked". This means essentially they can (and no doubt will) use it to spy on non-US companies to benefit US big business.

    And they call Iran a "rogue state"!

    1. Anonymous Coward
      Anonymous Coward

      Re: "Where actions could benefit the interests of the United States"

      Indeed, this is exactly what they're accusing the Chinese of doing - orchestrating hacking attacks for both military and commercial advantage.

      Those in glass houses.....

  8. Grikath

    What's the actual news here?

    The combined internet has progressed to a "real" landscape, where just about everything and anyone in the physical world has a "presence". With the added advantage that you do not have to travel at all to "reach" a particular place or person. Where there are checkpoints, walls or doors in place, their actual quality in keeping unwanted eyes out varies, and there have always been people who have made it a career to sneak by such obstacles, for several sets of reasons.

    Unless you've been living under a rock, it's really hard to not realise that the more the internet resembles the physical world, the more it will be subject to actions equivalent to the real world, including crime, (counter)intelligence, and indeed warfare. No nation state can afford to not engage in activities in these areas, as it would not only leave a nation extremely vulnerable, but it would also mean that if they ignore this arena they are essentially failing in the duty of protecting their citizens.

    So the US has proper protocols in place to conduct "cyberwarfare". Whoop-te-doo! Amazing, Mike! The US intelligence agency has ways of getting their data from the Source, and actually shares the relevant bits with it's allies. Oh shocker! It's not as if the US has not had a fat finger in world politics and (counter)intelligence since the post WW II pen-and-paper era. I would be really, really, shocked if the US had not been engaging in the same activities in the "cyber" landscape. After all, no-one else would be so dastardly to try this.. [/sarcasm]

    1. Anonymous Coward
      Anonymous Coward

      Re: What's the actual news here?

      But you don't think it's a tad hypocritical to keep complaining about the Chinese hacking for military secrets and commercial gain, when you know that your own country is doing exactly the same, and you've even signed the documents to authorize it?

      I can only imagine the smirk on Xi Jinping's face when Obama raises the subject at the summit, as he claimed he would before all this erupted.

  9. Will Godfrey Silver badge

    The lunatics have not only taken over the asylum, they're building new bigger 'better' ones.

  10. nuked

    Western view: Let's create peace by waging war against anyone who might possibly destroy peace. And we'll continue to do this until, err, there's no one left.

    Great plan.

  11. Hull


    Funny, these things are leaked to the press right before the US negotiates at the highest level with the chinese about these things.

    Probably by parties concerned with the state of human rights and the constitution in the US, right?

    1. John Smith 19 Gold badge

      Re: Coincidences

      "Funny, these things are leaked to the press right before the US negotiates at the highest level with the chinese about these things."

      Here's the thing.

      If you're going to play the "moral high ground" card in international affairs ("We don't do this sort of thing, that's only authoritarian Godless Commies (TM) that do this sort of thing") you'd better either a) Not be doing them

      b)Not leave the evidence around for someone to find.

      Otherwise be honest and admit it. The US is no better in this regard than China.

      1. Fatman

        Re: Coincidences

        Otherwise be honest and admit it. The US is no better in this regard than China.

        You are so damn right.

        The best choice would be BOTH a) and b).

  12. Anonymous Coward
    Anonymous Coward

    Asshats gunna asshat

    Your post may be recorded for training purposes.

  13. Michael H.F. Wilkinson

    Having plans in place is not a problem

    Running around like a headless chicken when the proverbial shit hits the fan is. So yes, it makes sense to have plans in case war breaks out.

    Thus, I do not find it at all surprising that there are plans in place for both defensive and offensive action. What is a problem is their constant data gathering on everything. Adding more data to a pool indiscriminately is like wall-of-death fishing: you catch and kill all sorts of stuff you did not intend to. I also do not buy the argument that they have "advanced data-mining algorithms". Data mining is a fancy word for pattern recognition in big data. To stay in the parlance of mining, let data be the ore, and information be the metal you want to extract. As the percentage of metal in the ore becomes lower, it makes less and less sense to extract the ore from the ground in the first place, unless the metal is very very precious. Even then, it is possible to be sidetracked by things that look like the metal, but aren't. Fool's gold (iron pyrite) springs to mind.

    Likewise, if you gather data about everybody, looking for a minute percentage of people that actually hate the US sufficiently to do it real harm, the chances are false positive rates will skyrocket. This is a very real danger. It is much better to gather information in a far more directed manner, instead of implicitly suspecting everybody of ill will (which in itself seems to be a self-fulfilling mode of action).

    As I have said over and over again: adding hay does not make finding needles easier. In mining parlance, there may be gold in them there hills, but it is better to drive a well-chosen shaft than indiscriminately removing the whole range of hills from the face of the earth, and sifting through tons of worthless rubble.

    Given that the earlier leaks were about the far more dangerous data snooping, a cynic (who? me?!), might think this leak is there to distract from the more dangerous issues.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2022