US issues directive on govt response to major hacks
The Obama administration yesterday released a new directive outlining how the US government intends to respond to significant cyber attacks. The directive provides for the first time public guidance on the specific roles different federal agencies, such as the Federal Bureau of Investigation and the Department of Homeland Security, should play in coordinating efforts to investigate and response to cyber incidents that hit both government and the private sector.
The policy, years in the making, comes amid mounting suspicion that hackers working for Russia may be leaking emails stolen from the Democratic National Committee in an attempt to affect the US presidential election.
“To put it bluntly, we are in the midst of a revolution of the cyber threat - one that is growing more persistent, more diverse, more frequent and more dangerous every day,” White House counterterrorism adviser Lisa Monaco said at a cyber security conference in New York.
The new presidential policy directive “will help answer a question heard too often from corporations and citizens alike - ‘In the wake of an attack, who do I call for help?’” Monaco added. Monaco said the cyber world has grown increasingly dangerous. Russia and China have been growing more assertive, she said, while Iran and North Korea are nations capable and willing of carrying out destructive attacks.
The directive includes a five-point scale detailing how it grades the severity of an incident. A significant cyber incident is defined as one that is likely to result in harm to national security or economic interests, foreign relations, or the public confidence, health safety or civil liberties of the American people, according to a White House fact sheet. The magnitude of a response will be determined by the severity assigned to an attack, Monaco said. — Reuters