Trump wants to make it easier for the U.S. to launch cyberattacks

Donald Trump wants to make it much easier for the U.S. to launch offensive cyberattacks against its adversaries — but experts warn it could lead to even bigger problems.

According to a report by the Wall Street Journal, the U.S. president signed an order Wednesday rolling back an Obama-era policy that put significant restrictions on how and when the U.S. could deploy its so-called cyberweapons — particularly against foreign adversaries.

The move, championed by National Security Adviser John Bolton since his arrival in April, is designed to allow the U.S. to react more aggressively to foreign election interference as well as augment its traditional military responses.

This is an “offensive step forward,” one administration official told the newspaper.

Many lawmakers and intelligence officials frustrated at a lack of a comprehensive cyberwar strategy have been calling for a relaxation of the rules of engagement for cyberattacks.

"The U.S. removing cyberwarfare restrictions is long overdue,” Trevor Reschke, a former counterintelligence special agent with the U.S. Army, told VICE News. “Other countries openly attacking assets across the board has gone unchecked for far too long. Worse, the previous policy of agreeing not to use cyber capabilities only emboldened both China and Russia.”

Russia and China have been at the forefront of those attacking the U.S. in recent years, with the former focused on disrupting elections while the latter has been targeting cyber espionage and the theft of valuable intellectual property.

Trump used these attacks as a rallying cry during his 2016 election campaign.

“It will make certain that our military is the best in the world in both cyber offense and defense,” Trump said in a campaign speech. “As a deterrent against attacks on our critical resources, the United States must possess the unquestioned capacity to launch crippling cyber counterattacks. America’s dominance in this arena must be unquestioned.”

While some intelligence officials may welcome Trump’s move, others within the security industry are wary of the change, warning that without knowing what new rules have replaced the old ones, we don’t know exactly what powers Trump is handing to his intelligence agencies and the Pentagon.

“We need more from the administration,” Sam Curry, chief security officer at Cybereason, told VICE News. “We need to know what the Trump administration guidelines are, why the rules are being changed now and what scenarios are envisioned.”

Mikko Hypponen, chief research officer with F-Secure, said while it was unclear what spurred the rule changes, one thing is clear, U.S. Cyber Command has more tools at its disposal.

“We are once again living in the middle of an arms race. This time, it's a cyber arms race,” Hypponen told VICE News.

While China and Russia have been at the forefront of attacks, other nations including North Korea have been muddying the waters, making it harder to know who is conducting the attacks.

And this could prove problematic if the U.S. adopts a much more aggressive cyber offensive strategy.

“I am in favor of cyber offensive capabilities,” Joseph Carson, chief security scientist at Thycotic, told VICE News. “However, in cyberspace, the biggest problem we have is absolute attribution to knowing who exactly carried out the cyberattack and is it possible that it was a misdirection to put political pressure on two or more countries.”

Obama signed Presidential Policy Directive 20 in 2012, putting in place a system whereby a wide range of individuals and agencies have to be consulted before any cyber campaign was launched. It was designed in part to prevent one agency from interfering with classified cyber espionage campaigns being conducted by another agency.

The secret policy was made public in 2013 when whistleblower Edward Snowden leaked classified documents.

Curry hopes a similar leak won’t be necessary this time around.

“Hopefully it won't take another Snowden-like leakage or a massive conflict where new offensive cyber powers are exercised to give us more insight into the new rules of engagement and foreign policy stance,” Curry said.

Cover: President Donald Trump speaks at Fort Drum, N.Y., Monday, Aug. 13, 2018, before a signing ceremony for a $716 billion defense policy bill named for Sen. John McCain. (AP Photo/Carolyn Kaster)