The Obama administration outlined its strategy to identify and counter cyber intrusions into U.S. networks from foreign intelligence entities’ (FIE) in a new counterintelligence (CI) strategy document released Nov. 18.
The document, the National Counterintelligence Strategy of the United States of America 2016, was released by the National Counterintelligence and Security Center, within the Office of the Director of National Intelligence (ODNI) at both at the classified and unclassified level. It identifies five mission objectives to address the range of capabilities needed to counter threats to the sensitive information and assets of the United States, providing guidance for the CI programs and activities of the government intended to mitigate FIE threats.
Each government department and agency has a role in implanting this strategy in the context of its own missions and through the application of its responsibilities and authorities, although the strategy does not authorize agencies to conduct CI activities not otherwise authorized under statute law, policy, regulation, or executive orders.
Mission objective five of the unclassified version focuses exclusively on cyber activities, specifying the government must identify and counter the cyber activities of FIE that attempt to disrupt, exploit, or steal sensitive information from U.S. networks.
“The current and emerging CI challenges facing the nation require an integrated, whole-of-government approach that brings together our collective CI efforts and broadens their reach throughout the U.S. Government and private sector,” Bill Evanina, the National Counterintelligence Executive (NCIX) and Director of NCSC, said in a statement.
“Releasing an unclassified, in addition to a classified, version of the strategy enables greater distribution, transparency, and integration of U.S. Government agencies’ and private sector activities to counter FIE threats,” Evanina added.
More generally, the strategy “sets forth a coordinated plan to detect, deter, and disrupt foreign threats by strengthening bonds and information sharing among government, academic institutions, and the private sector. It elevates the focus on countering cyberespionage and provides guidance to U.S. entities to unify efforts at home and abroad against today’s threats while preparing for those of tomorrow,” Obama wrote in the document’s forward.
The explanation of objective five notes FIEs continue to use computer network operations to exfiltrate sensitive data and assets from the government and private sector, alluding to recent cyber breaches like the Office of Personnel Management hack.
“The loss of sensitive data, information, and assets through computer network operations conducted by or on behalf of FIEs has the potential to cause significant economic, technological, scientific, and national security harm and introduce counterintelligence and cybersecurity vulnerabilities,” the document said.
Network compromises may also increase options for opponents to disrupt communications networks and critical infrastructure systems. The document highlighted that the challenge of current information speeds necessitates U.S. government CI and security programs to include a tightly woven and robust capability to defend against adversarial computer network operations.
In accordance with these challenges the strategy said departments and agencies will:
- expand support to cyber effects operations;
- pursue programs and activities that enhance understanding of FIE cyber intentions, capabilities, and operations affecting U.S. networks;
- advance attribution capabilities to support disruption of cyber attacks and exploitation linked to FIEs;
- enhance the relationship among CI elements, security, and IT to ensure personally identifiable information (PII), and other sensitive information and assets of interests to FIEs is protected;
- pursue programs and activities that counter FIE cyber operations directed against sensitive U.S. information; and
- leverage expertise across the CI, security, and information technology mission sets to identify and assess stolen content, analyze and mitigate risks, and define protection requirements.
The ODNI said the implementation of these actions will enhance the ability of agencies and departments to analyze incidents and attribute suspicious network behavior to FIE activities. Other success indicators include a continued increase in threat information sharing across all sectors and collaboration on mitigation strategies.
The strategy was released in accordance with the Counterintelligence Enhancement Act of 2002, requiring the NCIX to produce a strategy for CI programs and activities of the government at least every three years with the president’s approval. The last strategy was released in 2012 but only in a classified form.
The other mission objectives include deepen the U.S. understanding of FIE plans, intentions, and capabilities. And operations targeting U.S. national interests; disrupt FIE’s capabilities, plans, and operations that threaten U.S. national interests and sensitive information and assets; detect, deter, and mitigate threats from insiders with access to sensitive information and assets; and safeguard sensitive information and assets from FIEs’ theft, manipulation, or exploitation.
The strategy also identified two enabling objectives to “provide the foundation for the mission objectives’ success by highlighting the need for these activities to be undertaken as part of an effective, responsible, and collaborative effort.” These include strengthen secure collaboration, responsible information sharing and safeguarding, and effective partnerships; as well as strengthen the nation’s programs to counter threats from FIEs.
“Achieving the mission and enabling objectives in this National Counterintelligence Strategy of the United States of America 2016 is paramount to increasing our ability to counter FIE threats,” ODNI said.
“Department and agency executives must become the change agents in implementing these mission and enabling objectives. Integrating our collective CI efforts and broadening their reach throughout the U.S. Government is vital to our success.”