The Pentagon’s new cybersecurity strategy includes an unprecedented focus on offensive cyber weapons, according to multiple reports.
The Defense Department has always been hesitant to say publicly exactly what role the military’s cyber warriors should play. But the new document clarifies the Pentagon’s position on the controversial topic.
{mosads}The DOD, it says, “should be able to use cyber operations to disrupt an adversary’s command and control networks, military-related critical infrastructure and weapons capabilities,” The Associated Press reported.
The report — set for official release Thursday afternoon during Defense Secretary Ashton Carter’s speech in Silicon Valley — is only the Pentagon’s second cybersecurity strategy. The initial document, released in 2011, had little mention of offensive cyber responses to the rising tide of foreign cyberattacks.
Carter told reporters during a flight to California that the Pentagon wanted to bring more transparency to its cyber efforts, partly in the hopes it would have a deterrent effect.
“I think it will be useful to us for the world to know that, first of all, we’re going to protect ourselves, we’re going to defend ourselves,” he said.
The document specifies how the DOD might protect the country in cyberspace.
“The United States must be able to declare or display effective response capabilities to deter an adversary from initiating an attack,” it says, according to Reuters.
The new strategy also marks another DOD first in its larger focus on specific threats from foreign countries. One section directly addresses China’s ongoing cyber espionage and digital theft of intellectual property. It says the U.S. will work with Beijing to “reduce the risks of misperception and miscalculation.”
The China attention follows President Obama’s recently updated National Security Strategy, which called out the Asian power for hacking U.S. companies and stated the government would defend its private networks against such intrusions.
It was the administration’s first National Security Strategy since 2010.
The Pentagon’s new document also includes brief discussions of the cyber threats from Russia, Iran and North Korea. Russia’s cyber capabilities are top-notch, but its goals are often unclear, it says. Iran and North Korea are “less developed” in the cyber realm, the report adds, but have an unambiguous intent to hamper U.S. interests.
Carter is unveiling this new strategy in Silicon Valley as part of the administration’s broader push to engage the tech sector. It comes two months after Obama called on companies to help thwart hackers during a day-long White House cybersecurity conference at Stanford University.
The Pentagon has said it wants to try and recruit more top cyber talent from the private sector to work part-time in the National Guard and reserves.
But Silicon Valley and the administration have been at odds since leaker Edward Snowden revealed the existence of massive government surveillance programs.
The two sides are sparring over encryption standards. As tech companies have moved to lock out government investigators from getting at customer data, Obama has pushed for some form of guaranteed legal access to that data.
Carter acknowledged the difficulty of bridging the “coolness” gap with Silicon Valley.
“To be relevant in today’s world you have to have a coolness factor, so we want that, we want our mission to be exciting to people, for them to feel like it’s cool to be part of something that’s bigger than themselves,” he said.