Biden Admin May Roll Back Trump Policy on Military Cyber-Offensive Operations

pcmag.com:

The Biden administration may hit the “undo” button on a 2018 Trump-administration document that gave the Department of Defense unusual flexibility to take offensive action against the computing systems and networks of adversaries. 

CyberScoop’s Suzanne Smalley reported this possible shift Thursday, citing “two sources briefed on the discussions” around an interagency review of National Security Presidential Memorandum-13 (NSPM-13), a classified directive issued in September 2018.

That document allowed the DoD to launch “actions that fall below the ‘use of force’ or a level that would cause death, destruction or significant economic impacts,” Washington Post national-security reporter Ellen Nakashima wrote at the time.  

The Trump administration then kept the details of this directive secret from the DoD’s designated overseers in Congress for over a year; members of the House Armed Services Committee finally got to read it in March 2020.

In 2019, Trump national security advisor John Bolton confirmed in a meeting hosted by the Wall Street Journal that the DoD had staged attacks under this directive to counter Russian influence operations before 2018 midterm elections. The Journal’s Warren P. Strobel reported then that in a classified operation called Synthetic Theology, “U.S. Cyber Command jammed servers belonging to the Internet Research Agency, a St. Petersburg, Russia, troll farm.”

NSPM-13 replaced a policy developed under the Obama administration that required presidential approval for such operations. In situations like Russian hacking operations against Democratic Party offices and individuals before the 2016 election, that White House decision-making process did not seem terribly swift or certain.

Smalley’s report