Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

9/21/2018
11:30 AM
100%
0%

US Approves Cyber Weapons Against Foreign Enemies

The White House is changing the rules on its use of digital weapons to fight adversaries targeting US networks.

The Trump administration has authorized the use of "offensive cyber operations" against foreign enemies, officials confirmed in a news briefing this week.

Its announcement aligns with a new, broader policy to relax the rules governing US use of cyber weapons to deter adversaries. The White House is worried about foreign governments targeting US networks, specifically around the November elections. Its latest strategy includes a presidential instruction that replaced a previous order from the Obama administration.

Now, the US military and government agencies can use cyber operations to protect the nation's systems and networks. National security advisor John Bolton, who confirmed the strategy this week, did not share the specifics of these operations or the attacks they are meant to deter.

Overall, the presidential directive allows the military to use tactics that fall below the "use of force" or those that would lead to "death, destruction or significant economic impacts," according to a Washington Post report. The government's strategy is very similar to the Obama administration's national cybersecurity action plan, which was introduced in 2016.

While some officials don't believe the new strategy is forceful enough, it does follow a series of cybersecurity-related efforts from the government this week. The Pentagon released a new strategy this week highlighting Russia and China as top US adversaries.

Read more details here.

 

Black Hat Europe returns to London Dec 3-6 2018  with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
9/24/2018 | 11:02:38 AM
Unimpeded Attempts
I'm in favor of utilizing cyber weapons against nefarious actors that are threatening the facets represented in the article. I'm a firm believer in defense not being enough in these scenarios, instead if you attack your attacker it forces them to react instead of allowing them time to re-adjust their tactics when you are constantly defending from their bombardment. 
jcavery
50%
50%
jcavery,
User Rank: Moderator
9/26/2018 | 11:00:12 AM
Re: Unimpeded Attempts
As long as your attribution methods are rock-solid and you're attacking the right enemy, I agree. But I think we need better tools for attribution and identifying attackers before we get more aggressive in regard to cyber weapons.
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/17/2020
Cybersecurity Bounces Back, but Talent Still Absent
Simone Petrella, Chief Executive Officer, CyberVista,  9/16/2020
Meet the Computer Scientist Who Helped Push for Paper Ballots
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/16/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8225
PUBLISHED: 2020-09-18
A cleartext storage of sensitive information in Nextcloud Desktop Client 2.6.4 gave away information about used proxies and their authentication credentials.
CVE-2020-8237
PUBLISHED: 2020-09-18
Prototype pollution in json-bigint npm package < 1.0.0 may lead to a denial-of-service (DoS) attack.
CVE-2020-8245
PUBLISHED: 2020-09-18
Improper Input Validation on Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11....
CVE-2020-8246
PUBLISHED: 2020-09-18
Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-W...
CVE-2020-8247
PUBLISHED: 2020-09-18
Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-W...