Don’t Rush to Judge the CIA’s Covert Cyber Offensive

Don’t Rush to Judge the CIA’s Covert Cyber Offensive
The floor of the main lobby of the Central Intelligence Agency in Langley, Va., Jan. 21, 2017 (AP file photo by Andrew Harnik).

News reports last week that U.S. President Donald Trump granted the CIA broad authority in 2018 to conduct offensive cyberattacks against Russia, China, Iran and North Korea have rightfully raised alarm among some in Washington’s national security set. Recent history indicates that when the White House has greenlighted items at the top of the CIA’s wish list, things haven’t always turned out well. See the Senate “Torture Report” and leaked documents on lethal drone attacks in South Asia for more details.

In light of these past CIA transgressions, the current handwringing is not unwarranted. Yet, as often happens with sensational stories about American spycraft, there is a risk that reporting about the mere existence of a secret CIA campaign of offensive cyberattacks obscures what this new “gloves off” approach might portend for the future of cyberwarfare at the global level.

If true, the revelations are definitely serious business—and so far, they have not been disputed. In 2018, the Trump administration issued a presidential finding that cleared the way for a series of covert cyberstrikes on targets linked to Russia’s Federal Security Service, also known as the FSB, and Iran’s Islamic Revolutionary Guard Corps. As the reporters at Yahoo who broke the story last week point out, the National Security Council often frames presidential findings around broad foreign policy objectives, such as countering ISIS or preventing Iran from obtaining nuclear weapons, but require White House sign-off for specific operations. In this instance, the presidential directive apparently expands CIA capabilities, at least in part, by giving the agency wider latitude to plan and launch offensive attacks against a designated adversary’s critical infrastructure, such as power grids and water systems. It is unclear, though, what the protocols are for designating such targets, or whether further authorization is needed from the White House for specific modes of attack on certain types of infrastructure. It also reportedly gives the CIA permission to run so-called “hack and dump” operations, like the cache of Democratic National Committee and Hillary Clinton campaign emails and documents released by WikiLeaks during the 2016 presidential campaign.

Keep reading for free!

Get instant access to the rest of this article as well as three free articles per month. You'll also receive our free email newsletter to stay up to date on all our coverage:

Or, Subscribe now to get full access.

Already a subscriber? Log in here .

What you’ll get with an All-Access subscription to World Politics Review:

A WPR subscription is like no other resource — it’s like having your own personal researcher and analyst for news and events around the globe. Subscribe now, and you’ll get:

  • Immediate and instant access to the full searchable library of 15,000+ articles
  • Daily articles with original analysis, written by leading topic experts, delivered to you every weekday
  • Weekly in-depth reports on important issues and countries
  • Daily links to must-read news, analysis, and opinion from top sources around the globe, curated by our keen-eyed team of editors
  • Your choice of weekly region-specific newsletters, delivered to your inbox.
  • Smartphone- and tablet-friendly website.
  • Completely ad-free reading.

And all of this is available to you when you subscribe today.

More World Politics Review