News reports last week that U.S. President Donald Trump granted the CIA broad authority in 2018 to conduct offensive cyberattacks against Russia, China, Iran and North Korea have rightfully raised alarm among some in Washington’s national security set. Recent history indicates that when the White House has greenlighted items at the top of the CIA’s wish list, things haven’t always turned out well. See the Senate “Torture Report” and leaked documents on lethal drone attacks in South Asia for more details.
In light of these past CIA transgressions, the current handwringing is not unwarranted. Yet, as often happens with sensational stories about American spycraft, there is a risk that reporting about the mere existence of a secret CIA campaign of offensive cyberattacks obscures what this new “gloves off” approach might portend for the future of cyberwarfare at the global level.
If true, the revelations are definitely serious business—and so far, they have not been disputed. In 2018, the Trump administration issued a presidential finding that cleared the way for a series of covert cyberstrikes on targets linked to Russia’s Federal Security Service, also known as the FSB, and Iran’s Islamic Revolutionary Guard Corps. As the reporters at Yahoo who broke the story last week point out, the National Security Council often frames presidential findings around broad foreign policy objectives, such as countering ISIS or preventing Iran from obtaining nuclear weapons, but require White House sign-off for specific operations. In this instance, the presidential directive apparently expands CIA capabilities, at least in part, by giving the agency wider latitude to plan and launch offensive attacks against a designated adversary’s critical infrastructure, such as power grids and water systems. It is unclear, though, what the protocols are for designating such targets, or whether further authorization is needed from the White House for specific modes of attack on certain types of infrastructure. It also reportedly gives the CIA permission to run so-called “hack and dump” operations, like the cache of Democratic National Committee and Hillary Clinton campaign emails and documents released by WikiLeaks during the 2016 presidential campaign.