The Senate’s recently passed defense authorization bill calls on the secretary of Defense to prioritize cyber resiliency efforts across the department with a task force to establish an information operations campaign and directives to assess software and technological capabilities.
Several amendments added to the Senate’s version of the National Defense Authorization Act (NDAA) for fiscal year 2018 passed on Sept. 18 urge the Department of Defense to integrate efforts across organizations to take stock of vulnerabilities in current cyber offensive and defensive applications.
Sen. Rob Portman (R-Ohio) included an amendment calling on the secretaryto establish a cross-functional task force responsible for developing a DoD strategic framework for cyber-enabled information operations across all department entities.
The head of the task force, to be appointed by the secretary, would be responsible for overseeing coordination of military deception, electronic warfare strategic information operations and deterrence planning.
Portman’s amendment is intended to iron out the DoD’s role in creating common operating procedures for combating foreign adversary influence, deception, and propaganda activities, specifically in the cyber domain. The NDAA language builds on a bipartisan bill, Countering Disinformation and Propaganda Act, passed in Dec. 2016 by Portman and Sen. Chris Murphy (D-Conn.).
“Last year, the United States took a critical step towards confronting the extensive, and destabilizing, foreign propaganda and disinformation operations being waged against us by our foreign adversaries by passing the bipartisan Countering Foreign Propaganda and Disinformation Act. But more must be done,” said Portman in a statement following NDAA’s passage. “By better coordinating and synchronizing our government’s response to foreign propaganda and disinformation, the United States will be more successful in ensuring that our ideas win. I am confident that, with the help of our bipartisan bill and proper coordination between government agencies, the disinformation and propaganda used against us, our allies, and our interests will fail.”
Under the amendment, Each commander of a combatant command is tasked with forming their own plan for deterring information operations campaign. The head of the designated task force must also submit a report, no later than 90 days after NDAA’s enactment, reviewing DoD’s strategy for operations in the information environment.
The Senate bill also includes a couple of amendments aimed at forcing the DoD to take stock of their offensive and defensive cyber capabilities, and their ability to produce the necessary software tools to support these efforts.
A second amendment from Portman calls on the secretary to submit a report to Congress, no later than 180 days after the NDAA is enacted, clarifying the potential offensive and defensive cyber applications related to protecting blockchain database tools. The report must also detail the ability of foreign adversaries to make use of the same cryptological tools used to disrupt blockchain networks.
Blockchain technology involves encrypted databases used to protect or disseminate critical information. The DoD report must assess the current use of such technologies and the tools used to protect them.
Sen. Thom Tillis (R-N.C.) also included an amendment designed to better leverage the DoD’s software licensing powers, and allowing the department to release source code and technical data into a public repository location.
“The Secretary of Defense shall create a prize for a research and develop program or other activity for identifying, capturing, and storing existing Department of Defense custom-developed computer software and related technical data,” the Senate writes in its bill.
Tillis’ amendment is designed to create increased incentives for improving, re-purposing or re-designing existing software to better support DoD missions.