This post was originally published on August 7, 2020.
Yahoo News has reported that the CIA was granted sweeping powers by President Donald Trump in 2018 to conduct cyberattacks against adversaries of its choice, breaking with established practices.
In the past, the U.S. spy agency had to seek White House approval before engaging in a covert attack in cyberspace. The action also had to be tied into a broader foreign-policy objective, such as preventing a country from acquiring nuclear weapons.
Now, however, a former U.S. official has revealed that a secret authorization permits the CIA to approve its own operations to target countries. The attacks don’t have to be tied to a foreign-policy goal either and can be purely offensive in nature.
[Interested in the latest cybersecurity news? Sign up for the ExpressVPN blog newsletter.]
Taking the fight to the enemy
Not part of any specific objective, the executive powers granted to the CIA broadly enhance the spy agency’s capabilities in cyberspace. The authorization calls out four countries, Iran, North Korea, China, and Russia, as intended targets, although it does say that the extra powers aren’t limited to operations against just those.
The new directives allow the CIA to engage in offensive cyberattacks. Ever since the CIA received these permissions, it’s been linked to disruptive attacks such as culling information from Russian servers and targeting members of Iran’s Revolutionary Guard. Overall, the agency is believed to have carried out over a dozen attacks, including what some suspect to be a fresh assault on Iran’s nuclear facilities.
This new authorization has lowered the amount of evidence needed to engage in an assault and significantly broadened the types of organizations it could go after. In the past, the CIA could only target specific arms of governments but now it has the go-ahead to include private organizations that are suspected of colluding with governments.
These include banks, financial institutions, charities, religious groups, media organizations, businesses, as well as specific individuals or agents. Another key change has been the mandate to expose key data on public forums, similar to WikiLeaks, in order to discredit opponents.
Also read: 6 massive government data breaches
What are the ramifications of this move?
The CIA’s new offensive capabilities come in the wake of years of attempts by Russian, Chinese, Iranian, and North Korean hacking teams to break into U.S. government systems.
For example, the cybersecurity breach in the U.S. Office of Personnel Management, which impacted over 20 million employee records, was the first salvo in this new age of electronic warfare. Russian meddling in the U.S. elections and North Korea’s purported hack of Sony Entertainment are further examples of state-sponsored interference in U.S. domestic affairs.
With the CIA’s newfound powers, we can expect there to be a sharp increase in the volume and sophistication of cyberattacks in the short to medium term. In July 2020 alone, we’ve seen hackers tied to the Russian government attempt to steal sensitive medical information from Canada, the UK, and the U.S., as well as a formal announcement from the UK stating that its free-trade agreement with the U.S. was targeted by foreign hackers.
Things are about to get way more complex.