At some point in October this year, President Obama signed the slightly creepy-sounding and secret Presidential Policy Directive 20, a source tells The Washington Post. According to the Post, the directive gives the military license to “act more aggressively” when combating cyber-attacks directed at major U.S. networks.
In essence, anyone waging war on the country via the internet is on notice:
The new directive is the most extensive White House effort to date to wrestle with what constitutes an “offensive” and a “defensive” action in the rapidly evolving world of cyberwar and cyberterrorism, where an attack can be launched in milliseconds by unknown assailants utilizing a circuitous route. For the first time, the directive explicitly makes a distinction between network defense and cyber-operations to guide officials charged with making often-rapid decisions when confronted with threats.
Policy Directive 20 is a refresh of a presidential directive signed during the Bush administration and falls in line with the Obama administration’s concerns regarding internet-based threats to the nation’s infrastructure.
Given the reported mid-October signing of Directive 20, it’s worth noting the timing of Secretary of Defense Leon Panetta’s October 11 speech about cyber threats. In his address, Secretary Panetta outlined a nightmare scenario combining real and cyber attacks, resulting in what he termed a “cyber Pearl Harbor.” Mr. Panetta said such devastating actions would result in “physical destruction and loss of life, paralyze and shock the nation, and create a profound new sense of vulnerability.”