Claiming that there is a “revolution” ongoing in the nature of computer-based threats, the White House today issued their formal directive on US responses to future cyberattacks, laying out a color-coded system to rate the scale of the threat, and assigning the FBI to take charge in responding to such incidents.
The directive aims to center the response concurrently on investigating the culprits, protecting targeted assets, and launching retaliatory attacks to “degrade or mitigate adversary threat capabilities.” A Cyber Unified Coordination Group is to be established to ensure agencies impacted work together on the response.
The color-coded system lays out five different levels of attacks, and the directive will only impact attacks at or above level three, those involved in “US interests.” There has never been a level 5 attack per the definition of the new system.
Conspicuously absent from the directive is any detail on how the US would actually come by determinations of the culprits in such incidents, which is a serious problem because the administration has repeatedly blamed foreign nations for cyber attacks without offering any evidence, oftentimes just going after whoever would be a convenient scapegoat.
This is doubly important because just last month, NATO announced that they intend to respond to certain cyber attacks with military force, having declared “cyberspace” a formal military zone in which the alliance operates.
The Democrats appear particularly keen to lay out higher profile retaliation for cyberattacks, right now, as WikiLeaks recently leaked a number of embarrassing documents from the DNC. Officials have blamed Russia for the release, but as usual offer little evidence. Russia has denied the allegations.