* New presidential directive updates 2004 document
* U.S. policy to remain “least action necessary” to meet threats
* China has been identified by U.S. intelligence as top cyberthreat
By Jim Wolf
WASHINGTON, Nov 14 (Reuters) - President Barack Obama has signed a classified directive laying out new guidelines for cyber-operations that national security planners can use to protect U.S. computer networks from attack, a senior administration official said Wednesday.
“It continues to be our policy that we shall undertake the least action necessary to mitigate threats and that we will prioritize network defense and law enforcement as the preferred courses of action,” the official, who asked not to be named, said in an email.
The document provides no new authorities to the military, intelligence community or other U.S. government arms, the official said.
Instead, it spells out “principles and processes for the use of cyber-operations so that cybertools are integrated with the fully array of national security tools we have at our disposal,” the official said in the email.
The directive updates one from 2004 as part of an administration push to shore up networks that handle financial transactions, power grids and other essential services.
James Lewis, a cybersecurity expert at the Center for Strategic and International Studies, said the directive lays out a chain of command and establishes thresholds for action.
“I don’t see why the whole thing has to be secret, though,” Lewis said.
The Washington Post said on Wednesday that Obama had signed, in mid-October, what the paper identified as Presidential Policy Directive 20, clearing the way for the military to act more aggressively to thwart cyber-attack on U.S. networks.
Chinese elements are “the world’s most active and persistent perpetrators of economic espionage,” the Office of the National Counterintelligence Executive, an intelligence community arm, said in a public report to Congress in October 2011.
One of the hallmarks of Chinese intrusion is the extent to which operators maintain access to compromised systems, according to a bipartisan commission that advises the U.S. Congress on China.
“With little notice, a compromise could switch to become disruptive or destructive,” the U.S.-China Economic and Security Review Commission said in its annual report released Wednesday. Chinese Foreign Ministry spokesman Hong Lei condemned the commission’s report as indicative of a Cold War mentality. (L3E8ME27L)
U.S. Defense Secretary Leon Panetta said last month that unnamed foreign elements had been targeting computer control systems that operate chemical, electricity and water plants and those that guide transportation.
“Potential aggressors should be aware that the United States has the capacity to locate them and to hold them accountable for actions that may try to harm America,” he said.
“If we detect an imminent threat of attack that will cause significant physical destruction in the United States or kill American citizens, we need to have the option to take action against those who would attack us,” Panetta said at the time.
The procedures outlined in Obama’s directive are consistent with the U.S. Constitution, including the president’s role as commander in chief, and other applicable law and policies, the senior administration official said by email.
For years, U.S. cyber-operations have been the subject of inter-agency wrangling over such matters as how to balance offensive and defensive operations.
The issue is important because of the potential to cause unintended harm to vital services for civilians.