At a Senate Armed Services Committee hearing yesterday on foreign cyber threats to the U.S., there were several references to the saying that “people who live in glass houses should not throw stones.” The point, made by DNI James Clapper, was that the U.S. should not be too quick to penalize the very espionage practices that U.S. intelligence agencies rely upon, including clandestine collection of information from foreign computer networks.
But perhaps a more pertinent saying would be “It takes a thief to catch a thief.”
U.S. intelligence agencies should be well-equipped to recognize Russian cyber threats and political intervention since they have been tasked for decades to carry out comparable efforts.
A newly disclosed intelligence directive from 1999 addresses “information operations” (IO), which are defined as: “Actions taken to affect adversary information and information systems while defending one’s own information and information systems.”
“Although still evolving, the fundamental concept of IO is to integrate different activities to affect [adversary] decision making processes, information systems, and supporting information infrastructures to achieve specific objectives.”
The elements of information operations may include computer network attack, computer network exploitation, and covert action.
See Director of Central Intelligence Directive 7/3, Information Operations and Intelligence Community Related Activities, effective 01 July 1999.
The directive was declassified (in part) on December 2 by the Interagency Security Classification Appeals Panel, and was first obtained and published by GovernmentAttic.org.
At a time when universities are already facing intense pressure to re-envision their role in the S&T ecosystem, we encourage NSF to ensure that the ambitious research acceleration remains compatible with their expertise.
FAS CEO Daniel Correa recently spoke with Adam Marblestone and Sam Rodriques, former FAS fellows who developed the idea for FROs and advocated for their use in a 2020 policy memo.
In a year when management issues like human capital, IT modernization, and improper payments have received greater attention from the public, examining this PMA tells us a lot about where the Administration’s policy is going to be focused through its last three years.
Congress must enact a Digital Public Infrastructure Act, a recognition that the government’s most fundamental responsibility in the digital era is to provide a solid, trustworthy foundation upon which people, businesses, and communities can build.