Obama Closer to Seizing Control of Cyberspace; Exec. Order Imminent
Joe Wolverton, II, J.D.
Wednesday, 24 October 2012
According to a copy of a draft executive order on cybersecurity obtained by the Associated Press (AP), President Obama will soon order “U.S. spy agencies to share the latest intelligence about cyberthreats with companies operating electric grids, water plants, railroads and other vital industries to help protect them from electronic attacks.”
For some time, government officials have insisted that Iran is planning a cyberattack on the electronic communications infrastructure of the United States. The AP reports that Defense Secretary Leon Panetta said that the U.S. armed forces are “ready to retaliate” should Iran — or any other country — attempt an attack on U.S. cybersecurity.
Promises of the White House’s imminent issuing of the edict have been coming for months. The AP reports that regardless of the latest leak, “the White House declined to say when the president will sign the order.”
On September 19, Department of Homeland Security Secretary Janet Napolitano said the executive order granting the president sweeping power over the Internet is “close to completion.”
In testimony before the Senate Committee on Homeland Security and Governmental Affairs, Napolitano said that the order is still “being drafted” and vetted by various high-level bureaucrats. But she also indicated that it would be issued as soon as a “few issues” were resolved. Assuming control of the nation’s Internet infrastructure is a DHS responsibility, Napolitano added.
“DHS is the Federal government’s lead agency for securing civilian government computer systems and works with our industry and Federal, state, local, tribal, and territorial government partners to secure critical infrastructure and information systems,” she informed senators.
Napolitano’s report on the role of DHS squares with the information revealed in the seven-page version of the order the AP has read. According to the report of their findings:
The draft order would put the Department of Homeland Security in charge of organizing an information-sharing network that rapidly distributes sanitized summaries of top-secret intelligence reports about known cyberthreats that identify a specific target. With these warnings, known as tear lines, the owners and operators of essential U.S. businesses would be better able to block potential attackers from gaining access to their computer systems.
The new draft, which is not dated, retains a section that requires Homeland Security to identify the vital systems that, if hit by cyberattack, could “reasonably result in a debilitating impact” on national and economic security. Other sections establish a program to encourage companies to adopt voluntary security standards and direct federal agencies to determine whether existing cyber security regulations are adequate.