Citing Cyber ‘Revolution,’ Obama Issues Attack Response Plan
WASHINGTON – The White House warned Tuesday of a “revolution” of computer-generated threats to the U.S. stoked by growing cyber aggression by traditional U.S. foes like Russia and North Korea, and issued a color-coded response plan for the federal government to use after major cyberattacks.
Lisa Monaco, President Barack Obama’s homeland security and counterterrorism adviser, said while Russia and China grow “more assertive and sophisticated” online, Iran has attacked U.S. banks and North Korea is showing a willingness to attack companies and countries alike. She also warned that non-governmental actors, like the Islamic State group and “hacktivists,” are finding it easy to advance their goals through the internet.
“To put it bluntly, we are in the midst of a revolution of the cyber threat – one that is growing more persistent, more diverse, more frequent and more dangerous every day,” Monaco said at a cybersecurity conference in New York. “Unless we act together – government, industry, and citizens – we risk a world where malicious cyber activity could threaten our security and prosperity. That is not a future we should accept.”
Aiming to streamline Washington’s response to major attacks, Obama released a presidential policy directive that establishes six levels of severity for attacks, a color-coded system that evokes the terror alert system formally used by the Homeland Security Department.
A high-level federal response following the directive’s guidelines will be triggered anytime there’s an attack at or above a level three – orange – indicating an attack likely to affect public health or safety, economic or national security or other U.S. interests. A level 5 – black – is an emergency that poses an “imminent threat” to critical infrastructure, government stability or U.S. lives.
The directive lays out which federal law enforcement and intelligence agencies take the lead coordinating the various parts of the response to the attack.
Though long in the works, the directive comes amid heightened concern and attention to cybersecurity following the hack of Democratic National Committee emails, which Hillary Clinton’s campaign has blamed on Russia. The U.S. government hasn’t formally accused Russia of involvement and Moscow has called the accusations “paranoid.”