Special thanks to Jeffrey Carr for writing this guest post and helping us take a closer look at covert action and cyber-espionage. -Jack

As the U.S. government expands its cyber warfare capabilities including the development and use of offensive weapons, I thought it would be valuable to look at the process of planning and getting approval for a covert action. The President has the ability under Executive Order 12333 and Title 50 of the US Code to authorize a covert action whose purpose is “to influence political, economic, or military conditions abroad, where it is intended that the role of the United States Government will not be apparent or acknowledged publicly”. [1] This includes the use of cyber weapons if the plan can secure the approval of the National Security Council’s National Security Planning Group (NSPG) which is the NSC’s committee overseeing covert action. [2] During the Reagan administration, which is time of reference for this recently de-classified document [3], members of the NSPG included the Vice President, SECDEF, SECSTATE, the DCI, the assistant for National Security Affairs, the White House Chief of Staff, his deputy and the President’s counselor.

There are specific approval procedures in place that every proposed covert action (or “special activity” as they’re called in EO 12333) must comply with. In general, these procedures include [4]:
– The President must sign off on it personally. This is known as a “Presidential Finding”.
– CIA will run the operation, unless the President designates a different agency.
– If substantive changes are made to the operation, a Memorandum of Notification (MON) must be created which details those changes. – That MON must be signed by the President.
– The NSPG must review the covert action and provide a recommendation to the President.
– The heads of Congressional Intelligence committees must be notified.

Let’s take a look at some proposed “cyber” covert actions (CA) that didn’t get a Presidential finding. The New York Times reported on two instances last year: a proposed cyber attack against Pakistan’s radar installations during the CA by Seal Team Six against Osama bin Laden and a similar proposed CA against Libya’s air defense system.[5] Both were rejected in part because the outcome was uncertain.[6]

Here’s another example unrelated to the use of cyber weapons but relevant in terms of reducing uncertainty. Before the events of September 11, 2001, President Bush’s National Security Advisor Condoleeza Rice asked the CIA to “prepare a new series of authorities for covert action in Afghanistan to deter the al Qaeda threat”. The CIA proposed using an unmanned Predator drone but technical problems with the drone (then a new technology) kept it from being approved.[7]

This factor of uncertainty is something that Special Operations Forces do their best to reduce through training. The use of cyber weapons elevates the uncertainty equation into entirely new levels. The targeted system needs to be re-created in a test environment where various attacks can be run against it and the effects monitored and measured. The National Cyber Range (http://www.whitehouse.gov/files/documents/cyber/DARPA%20-%20NationalCyberRange_FactSheet.pdf) is one example of such an environment although there’s no mention of it being used for offensive purposes. This is harder than it seems because some systems are antiquated and not reproducible. Or because the devices are hard to come by such as the P-1 centrifuges used by Iran. Since part of the approval process for a covert action apparently includes the NSPG being able to verify that the technology will function as described (i.e., the scraped Predator plan), then there’s a lot more work ahead of us before cyber weapons become reliable offensive options.


[2] Covert Action and Accountability: Decision-Making for America’s Secret Foreign Policy by Loch K. Johnson, International Studies Quarterly, Vol. 33, No. 1 (March, 1989), p. 93
[3] Ibid
[4] Covert Action Policy Approval and Coordination Procedures, The White House (January 19, 1985) via Federation of American Scientists
[5] U.S. Debated Cyberwarfare in Attack Plan on Libya by Eric Schmitt and Thom Shanker, The New York Times, October 17, 2011
[6] U.S. Cyberweapons had been considered to disrupt Gaddafi’s Air Defenses by Ellen Nakashima, The Washington Post, October 17, 2011
[7] NOTE: WHO AUTHORIZED THIS?!: AN ASSESSMENT OF THE PROCESS FOR APPROVING U.S. COVERT ACTION by Joshua A. Bobich, William Mitchell College of Law, Law Review, Vol. 33, April 10, 2007