We assess that nations, including Russia and China, have the technical capabilities to target and disrupt elements of the US information infrastructure and for intelligence collection. Nation states and criminals target our government and private sector information networks to gain competitive advantage in the commercial sector. Terrorist groups—including al-Qa’ida, HAMAS, and Hizballah—have expressed the desire to use cyber means to target the United States. Criminal elements continue to show growing sophistication in technical capability and targeting, and today operate a pervasive, mature on-line service economy in illicit cyber capabilities and services available to anyone willing to pay.
Each of these actors has different levels of skill and different intentions; therefore, we must develop flexible capabilities to counter each. It is no longer sufficient for the US Government to discover cyber intrusions in its networks, clean up the damage, and take legal or political steps to deter further intrusions. We must take proactive measures to detect and prevent intrusions from whatever source, as they happen, and before they can do significant damage.
At the President’s direction, an interagency group reviewed the cyber threat to the US and identified options regarding how best to integrate US Government defensive cyber capabilities; how best to optimize, coordinate and de-conflict cyber activities; and how to better employ cyber resources to maximize performance. This tasking was fulfilled with the January 2008 issuance of NSPD-54/HSPD-23, which directs a comprehensive national cybersecurity initiative. These actions will help to deter hostile action in cyber space by making it harder to penetrate our networks.
