US government assembled international target list for cyberattacks

The US government is once again drawing international outcry over its cyber policies, this time over a possible list of international attack targets.

The Guardian has posted a leaked memo said to have come directly from the White House, asking various agencies to assemble a list of cyberattack targets on foreign soil. According to the report, the targets could include both sources of intelligence and vital infrastructure which could be targeted to disable communications or cause real-world damage in targeted regions.

“The United States has an abiding interest in developing and maintaining the use of cyberspace as an integral part of US national capabilities to collect intelligence and to deter interests in peace, crisis or war,” the document reads.

“Given the evolution in US experience, policy capabilities, and understanding of the cyber threat, and in information and communications technology, this directive establishes updated principles and processes as part of an overarching national cyber policy framework.”

The directive then goes on to describe how the government could use Offensive Cyber Effects Operations (OCEO) activities to strike at enemies during possible military operations, potentially allowing cyberwarfare tactics to be utilised alongside conventional tactics.

“OCEO can offer unique and unconventional capabilities to advance US national objectives around the world with little or no warning to the adversary or target and with potential effects ranging from subtle to severely damaging,” the order reads.

“The development and sustainment of OCEO capabilities, however, may require considerable time and effort if access and tools for a specific target do not already exist.”

The US is widely believed to already be involved in cyberattack operations. The government has been accused of working at least in part on the development of the Stuxnet malware families and has been accused by China of trying to compromise millions of its systems.

The leak comes just one day after the US saw its PRISM data collection programme outed to the public. The database includes information collected from top messaging and social networking platforms and has been said to have been accessed by UK authorities as well.