The Pentagon’s new cyber strategy prioritizes defense from cyber attacks and expands military authority to prevent them, according to a summary unveiled Tuesday.
The strategy, a summary of which the Department of the Defense published on Tuesday, notes that “strategic competitors are conducting cyber-enabled campaigns to erode U.S. military advantages, threaten our infrastructure, and reduce our economic prosperity.”
“The Department must respond to these activities by exposing, disrupting, and degrading cyber activity threatening U.S. interests, strengthening the cybersecurity and resilience of key potential targets, and working closely with other departments and agencies, as well as with our allies and partners,” it explains. “Our primary role in this homeland defense mission is to defend forward by leveraging our focus outward to stop threats before they reach their targets.”
It then outlines three key components of the strategy:
First, we must ensure the U.S. military’s ability to fight and win wars in any domain, including cyberspace. Second, the Department seeks to preempt, defeat, or deter malicious cyber activity targeting U.S. critical infrastructure that could cause a significant cyber incident regardless of whether that incident would impact DoD’s warfighting readiness or capability.
Second, the Department seeks to preempt, defeat, or deter malicious cyber activity targeting U.S. critical infrastructure that could cause a significant cyber incident regardless of whether that incident would impact DoD’s warfighting readiness or capability.
Third, the Department will work with U.S. allies and partners to strengthen cyber capacity, expand combined cyberspace operations, and increase bi-directional information sharing in order to advance our mutual interests.
The new proposal comes amid growing concern over the impact of cyber attacks following conclusions that Russia has significantly expanded its cyber attack capabilities. North Korea is also considered a potent cyber threat following attacks that include stealing $81 million from Bangladesh’s central bank and a global attack on Microsoft computer systems through ransomware known as “WannaCry 2.0.”
As noted by CNN, government-sponsored hackers often establish their operations in a foreign country where they carry out such attacks against the U.S., meaning they could end up attacking networks located in countries allied with the U.S.
Last month, President Trump signed a directive rolling back Obama-era restrictions on how the U.S. engages in warfare that required several departments to approve the move. Secretary of Homeland Security Kirstjen Nielsen argued at the time that America’s response to cyber attacks must be “more than commensurate.”
“By the time that a country is attacking civilian networks, civilian assets, it’s not a fair fight,” she said. “It’s not how the international world has created norms and standards. And I don’t think that it should be commensurate, I think it should be more.”