The US National Security Strategy document released by the Trump administration on Monday calls for the reinforcement of cyber-defences to protect government systems and critical infrastructure, as well as an improved response to attacks against such assets.
One section in the 55-page NSS plan, entitled “Keep America Safe in the Cyber Era,” prioritises the identification and prioritisation of cyber-risk across six areas: national security, energy and power, banking and finance, health and safety, communications, and transportation.
“We will assess where cyber-attacks could have catastrophic or cascading consequences and prioritise our protective efforts, capabilities, and defences accordingly,” the NSS plan states.
The US NSS specifically places emphasis on fortifying US federal information technology to protect data and communications; disrupting malicious actors and deterring them with “swift and costly consequences;” improving information sharing; and deploying layered defences.
To stop the spread of threats across connected networks and communications, the US government will collaborate with the private sector to “remediate known bad activities at the network level,” the plan states. “Malicious activity must be defeated within a network and not be passed on to its destination whenever possible.”
Cyber-security is referenced again later in the document as a key component in a strategy to preserve global peace through the projection of national strength. To that end, the NSS emphasises that the US needs to invest in capabilities to improve attribution and incident response; enhance cyber-tools and expertise; and improve the integration of disparate authorities and procedures.
The NSS document also acknowledges the malicious actions of the US's rival nations, and criticises past US attempts to counter these efforts as “tepid and fragmented,” and impeded by lack of sustained focus and a dearth of trained professionals. It notes that China is known to use its cyber-capabilities to steal intellectual property, and Russia “uses information operations as part of its offensive cyber-efforts to influence public opinion across the globe.”
The document falls short of citing any specific examples of Russian cyber-campaigns, such as interference in the 2016 presidential election – something President Trump has frequently downplayed in the wake of his electoral victory. It does, however, state that Russia's influence campaigns “blend covert intelligence operations and false online personas with state-funded media, third-party intermediaries, and paid social media users or ‘trolls.'”
Still, such strong language doesn't necessarily augur a more hardline stance on Russia moving forward. James Clapper, former US director of national intelligence, expressed concern on CNN's "The Lead with Jake Tapper" that Russian President Vladimir Putin is handling Trump, figuratively, like “an asset,” particularly after lavishing Trump with praise over US economy gains and a recent intelligence tip.
Meanwhile, a report from NBC News, citing multiple government officials, states that Trump and his political opponent Hillary Clinton were warned by senior FBI officials in 2016 that foreign adversaries, including Russia, would try to infiltrate their campaigns.