The White House released a new set of instructions on how government agencies should respond to major cyber security attacks. The Tuesday published directory was seen as an attempt to combat perceptions and criticisms on the Obama administration being inactive when addressing threats from sophisticated hacking foes.
The announcement was made amid suspicion in the U.S. government that Russia-hired hackers may have engineered the leak of emails stolen from the Democratic National Committee in an attempt to influence the Nov. 8 U.S. presidential election.
The directive, includes a five-point scale to grade the severity of an incident, provides the first public guidance on the specific roles of federal agencies in coordinating efforts to investigate and respond to cyber security breaches in government and the private sector.
“To put it bluntly, we are in the midst of a revolution of the cyber threat – one that is growing more persistent, more diverse, more frequent and more dangerous every day,” White House counter-terrorism adviser Lisa Monaco said at a cyber security conference in New York.
She said that the new presidential policy directive “will help answer a question heard too often from corporations and citizens alike – ‘In the wake of an attack, who do I call for help?’”
Monaco named Russia and China as cyber adversaries that have become more assertive and she noted that Iran and North Korea are capable and willing to carry out destructive attacks.
Cyber threats are “growing more persistent, more diverse, more frequent and more dangerous every day,” White House counter-terrorism adviser Lisa Monaco said at a cyber conference in New York on Tuesday.

The directive defines a significant cyber incident as one that is likely to result in harm to national security or economic interests, foreign relations, or the public confidence, health safety or civil liberties of the American people, according to a White House fact sheet.
An event would be designated as an emergency, or level 5, if it posed an imminent threat to wide-scale critical infrastructure, the stability of the government, or lives of Americans, according to a severity schema provided by the White House.
No attack against the United States so far would register as a five, and the hack on the Democratic Party organization would likely earn a lower grade, depending on how much evidence emerges on whether or not a foreign government is using the stolen information to try to influence the election, a source familiar with the policy discussions said.
The magnitude of a response will be determined by the severity assigned to an attack, Monaco said.
President Barack Obama has increasingly prioritized cyber security during his second four-year term, which has been marked by a spate of high-profile hacks against government agencies and private companies that exposed tens of millions of individuals’ personal data.
Lawmakers and cyber security experts have often criticized the administration for not developing a clear road map for how and whom companies should contact when facing a cyber-attack.
U.S. Department of Justice, working through the Federal Bureau of Investigation and National Cyber Investigative Joint Task Force, will be the lead agency for investigating criminal intrusions or those that could affect national security, according to the policy.
The U.S. Department of Homeland Security will serve as the lead contact in helping companies respond to breaches of their networks. Intelligence agencies will be in charge of gathering information in order to identify who is behind an attack.
Obama signed an executive order in April 2015 that allows for the U.S. to levy economic sanctions directly in response to cyber attacks. That authority has never been used.
Senators Chuck Grassley and Patrick Leahy, the Republican and Democratic leaders of the Senate Judiciary Committee, respectively, asked the Justice Department and the FBI for information on the DNC hacking probe.
The senators wrote in letters to the agencies that if foreign intelligence agencies were trying to undermine the electoral process, “the U.S. government should treat such efforts even more seriously than standard espionage.”

Source: Asharq Al-Awsat English, Reuters, 27 July 2016