U.S. military hackers have been cleared to access Russian cyber systems in order to move swiftly should officials detect election interference targeted at the midterms.
The Daily Beast (in partnership with Center for Public Integrity):
While U.S. national-security officials have so far reported only intermittent efforts by Russian sources to compromise political organizations and campaigns, they have been worried—in the aftermath of Russia’s digital contact with U.S. election systems in 2016—that Moscow might unleash more aggressive interference in the hours before voting begins, while the polls are open, or when the votes are being tabulated.
The existence of such a plan means that America is more fully integrating offensive cyberattacks into its overall military planning systems, a move likely to make cybercombat more likely and eventually more commonplace, sometimes without first gaining specific presidential approval. Cyberattacks are now on a more obvious path, in short, to becoming a regular currency of warfare.
The plan for retaliation against Russia is one of the first to be organized since President Donald Trump signed an executive order in August that simplifies and shortens the review for such operations.
It is unclear what exactly a U.S. retaliation effort would entail, but officials say the breach that warrants such a response would have to be more than a social media online influence operation.
The senior official clarified that it would be direct interference—efforts to tamper with voting registration and recording votes—that would bring “swift and severe action.” The reason, the official said, is “that fundamentally wrecks the natural process that we have established in this country.” That official didn’t describe what the U.S. action would be.
(...)
Officials say the new Trump cyberoperations order, National Security Presidential Memorandum 13 (NSPM 13), is designed to allow Defense Secretary James Mattis and Director of National Intelligence Dan Coats to approve retaliatory strikes without the approval of others in the government, and in certain cases without White House approval.
It replaces an Obama-era executive order that required more extensive review before cyberweapons could be used offensively, called Presidential Policy Directive 20 (PPD 20). That order was classified but became public when former National Security Agency contractor Edward Snowden leaked it in 2013, as part of a broader effort by him to expose the scale of American cyberspying.
One of the key, unpublicized consequences of the new directive is that military planners can prepare for cyberstrikes—as called for in interagency agreements in advance—by gaining access to the computer systems of potential targets well before any order has been given to attack, or even before a foreign attack has occurred, the officials said.
(...)
U.S. officials have never publicly claimed responsibility for the use of cyber weapons, although reports have tied U.S. government hackers to disruption of North Korea and Iran’s nuclear programs.
Full story: The Pentagon Has Prepared a Cyberattack Against Russia (The Daily Beast)