President Barack Obama’s internal directive on cyber warfare was disclosed in public last week, showing for the first time details of U.S. policies for waging both offensive and defensive digital operations by military forces and intelligence agencies.
The directive, known as PPD-20, defines the use of what it terms as “defensive cyber effects operations” (DCEO) and “offensive cyber effects operations” (OCEO) against foreign target networks.
It also revealed plans for the use of what the White House calls “Emergency Cyber Action”: urgent responses to cyber attacks or offensive counter cyber actions taken when there is an imminent threat to U.S. government networks or critical private sector infrastructure.
“The United States has an abiding interest in developing and maintaining the use of cyberspace as an integral part of U.S. national capabilities to collect intelligence and to deter, deny, or defeat any adversary that seeks to harm U.S. national interests in peace, crisis, or war,” the order states.
“Given the evolution in U.S. experience, policy, capabilities, and understanding of the cyber threat, and in information and communications technology, this directive establishes updated principles and processes as part of an overarching national cyber policy framework.”
It is the first time the Obama administration policy on cyber warfare was revealed. The 18-page document, “U.S. Cyber Operations Policy,” is labeled “Top Secret/Noforn,” a term barring non-U.S. citizens from access. The directive was disclosed by Britain’s Guardian newspaper.
