'Little or no warning': Obama draws up worldwide cyber-attack target list

President Barack Obama ordered national security leaders to compile a list of potential overseas “adversaries” for US cyber-attacks which could be targeted with “little or no warning”, a top secret document reveals.

The 18-page, classified document, entitled Presidential Policy Directive 20, outlines plans for
Offensive Cyber Effects Operations (OCEO), cyber-attacks which would target US adversaries around the world.

“OCEO can offer unique and unconventional capabilities to advance US national objectives around the world with little or no warning to the adversary or target and with potential effects ranging from subtle to severely damaging,” the Washington Post cites the document as saying. “The United States government shall identify potential targets of national importance where OCEO can offer favorable balance of effectiveness and risk as compared with other instruments of national power,” it continues.

The directive also mulls the potential use of cyber actions within the US, though any such operations must be conducted with prior authorization of the White House, unless “it qualifies as an Emergency Cyber Action.”

Under the heading "Policy Reviews and Preparation", a section marked "TS/NF" - top secret/no foreign - states: "The secretary of defense, the DNI [Director of National Intelligence], and the director of the CIA … shall prepare for approval by the president through the National Security Advisor a plan that identifies potential systems, processes and infrastructure against which the United States should establish and maintain OCEO capabilities…," the Guardian reports. The deadline for the plan is six months after the approval of the directive.

It further recognizes the potential for collateral damage in the wake of cyber operations, noting: “even subtle and clandestine operations, may generate cyber effects in locations other than the intended target, with potential unintended or collateral consequences that may effect [sic] US national interests in many locations.”

The document states that all cyber operations should conform with US and international law, noting that any operations which are "reasonably likely to result in significant consequences require specific presidential approval."

The directive, which was distributed to virtually every high-ranking member of the US Executive, was first signed by President Obama in mid-October though it was never published.

In November, a senior administration official told the Post how the directive was part and parcel of the White House effort to delineate between what constitutes an “offensive” or “defensive” action in the mercurial world of cyber-war and cyber-terrorism.

“What it does, really for the first time, is it explicitly talks about how we will use cyber-
operations,” the official said. “Network defense is what you’re doing inside your own networks. . . . Cyber-operations is stuff outside that space, and recognizing that you could be doing that for what might be called defensive purposes.”

Select statements from the memo were declassified in January, though no mention was made of US efforts to draw up a target list or bolster its offensive capability.

When asked about efforts to ratchet up US offensive capabilities as outlined in the directive, a senior administration official told the Guardian: "Once humans develop the capacity to build boats, we build navies. Once you build airplanes, we build air forces."

The official added: "As a citizen, you expect your government to plan for scenarios. We're very interested in having a discussion with our international partners about what the appropriate boundaries are."

Reports of the directive came as Chinese President Xi Jinping met with President Obama for an informal two-day summit in the resort city of Rancho Mirage, California on Friday. 

In a bid to rebuff media reports that China regularly targeted the US military and corporations with cyber-attacks, President Xi told reporters with Obama at his side: “China is a victim of cyber- attacks and we hope that earnest measures can be taken to resolve this matter.”

Obama opted not to publicly accuse China of being behind a raft of cyber-attacks targeting US facilities and institutions. Rather, he called for “common rules of the road,” adding that China and the US should work together for a mutually beneficial cyber-security regime.  

“As China continues in its development process and more of its economy is based on research and innovation and entrepreneurship, they’re going to have similar concerns, which is why I believe we can work together on this rather than at cross-purposes,” Obama said.

Despite Obama’s reticence to challenge China, Secretary of Defense Chuck Hagel recently issued a stern warning to China over its alleged cyber-attacks against the US: “We are also clear-eyed about the challenges in cyber. The United States has expressed our concerns about the growing threat of cyber intrusions, some of which appear to be tied to the Chinese government and military.”

Hagel’s comments came in the wake of a US Defense Science Board report which claimed around 40 Pentagon weapons programs and almost 30 other defense technologies had been compromised by Chinese hackers, some purportedly tied to the military or government.

In April, Gen. Keith Alexander, who heads both the National Security Agency and the new Cyber Command, signaled that the United States would more aggressively counter cyber-attacks from abroad with offensive operations.

Alexander told Congress that of 40 new CYBERCOM teams currently being assembled, 13 were being established to counter foreign cyber-attacks. Regarding the 13 teams of programmers and computer experts, the NSA chief stressed: “this defend-the-nation team, is not a defensive team.”