recommended reading

White House rejects terrorism-related cyberwar provisions in House bill

The Obama administration objects to a House proposal that specifies the term cyberwar includes clandestine actions against terrorists online.

The language, which House members folded into the 2012 Defense Department authorization bill, asserts that the Pentagon has the power to conduct military activities in cyberspace, including covert operations to support conflicts covered by a post-Sept. 11 authorization to use "all necessary and appropriate force" against foreign-based terrorists. Defense also would be allowed to employ cyber tactics to deflect cyberattacks on its assets.

White House officials agree that certain military operations in cyberspace are vital to national security, according to a position statement the Obama administration released Tuesday afternoon. But officials want to resolve certain concerns with Congress so that any law "adds clarity and value to our efforts in cyberspace."

The full House began considering the bill, H.R. 1540, Tuesday night and is scheduled to continue debate on Wednesday.

White House spokesman Nick Shapiro said the administration welcomes congressional ideas for strengthening cybersecurity but wants clarification from lawmakers on the intent of the wording. "We plan to review the language and further discuss it with Congress to ensure we have a thorough understanding of the legal and policy implications of the provision," he said on Wednesday. "We'll continue to take a careful and deliberate approach to ensure any legislative changes improve security."

An accompanying report by the House Armed Services Committee noted that al Qaeda and the Taliban increasingly are relying on the Internet for command and control, as well as for disseminating technical information to aid attacks on U.S. and coalition forces. Terrorists use the Web, lawmakers stated, because their affiliates are scattered across the world. But U.S. troops have no legal guidance on how to deal with online threats.

"The committee recognizes that because of the evolving nature of cyberwarfare, there is a lack of historical precedent for what constitutes traditional military activities in cyberspace," the report stated.

Some House Democrats, including Rep. James R. Langevin, D-R.I., a committee member who chairs the Congressional Cybersecurity Caucus, support the measure. A Langevin staffer said the lawmaker hopes to work with the administration and come to an agreement on all cyber issues.

The committee report added that the section is not meant to spell out all possible military activities in cyberspace or limit the definition of cyberwar.

"Military activities may not be confined to a physical battlefield," the lawmakers wrote. "In certain instances, the most effective way to neutralize threats and protect U.S. and coalition forces is to undertake military cyber activities in a clandestine manner."

The legislation is intended to clarify that the Defense secretary's authority includes conducting "clandestine military activities in cyberspace in support of military operations pursuant to an armed conflict for which Congress has authorized the use of all necessary and appropriate force," the report stated.

The Pentagon would have to brief Congress quarterly on all cyber operations covered under the provision.

Threatwatch Alert

Network intrusion / Stolen credentials

85M User Accounts Compromised from Video-sharing Site Dailymotion

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.