The White House just released new guidelines that detail how the federal government will respond to large scale hacks, including details on how it gauges the significance of particular hacks. The new plan specifically deals with major cyber breaches “affecting the homeland, US capabilities, or US interests.” It makes you wonder: what took them so long?
The federal government has struggled to deal with major breaches like the ones at the IRS and the Office of Personnel Management. Meanwhile, devastating hacks like the recent email leaks from the Democratic National Committee continue to make headlines. So it’s a good look for the White House to make progress in coming up with effective ways of dealing with breaches when they happen.
According to the White House, the new plan will clarify which federal branches should respond to major hacks and in what capacity. The policy directive, signed by President Obama this morning, will create a “Cyber Unified Coordination Group similar in concept to what is used for incidents with physical effects, and enhanced coordination procedures within individual agencies.”
The newly formed “Cyber Response Group” will include representatives from the FBI, NSA, CIA, to the departments of State, Treasury, Defense, Justice, Commerce, Energy, and Homeland Security. This group will plan and strategize how to deal with the next cyber attacks. It will also be called in to create an action plan, when a breach is detected. In a sense, the group is basically like the Avengers but for federal responses to huge hacks, both inside the government and in the private sector.
The new response plan comes after the federal government has been the victim of some large scale attacks of late. Last year, hackers were able to pilfer records stored by the Office of Personnel Management, essentially the federal government’s HR department. (Estimates of the number of records stolen have continues to increase and currently sits at 21.5 million by the government’s count.) And of course, last year, hackers stole 700,000 records from the IRS. With this in mind, it’s encouraging to see the White House put together a plan for cyber attacks on physical infrastructure and key databases.
Having a group in place to deal with major hacks—both those that threaten to expose the sensitive personal data of Americans and those that could damage or interfere with critical infrastructure—should help us all feel a little safer. After all, it’s been over four years since Obama scared the shit out of us with a Wall Street Journal column about how hackers could make trains derail and dump poison all over America. But we now have a color-coded guide to dealing with an imminent cyber disaster. Do you feel safe?