Policy

Broad Definition of "Cyber Threat" Adopted by White House

"Web site defacement"? Really?

|

In the State of the Union address Tuesday, President Obama announced a sweeping executive order implementing new national cybersecurity measures, opening the door for intelligence agencies to share more information about suspected "cyber threats" with private companies that oversee the nation's "critical infrastructure." The order is voluntary, giving companies the choice of whether or not they want to receive the information, and takes effect in four months, by June 12.

It remains to be seen just how the order will play out, which specific companies will choose to receive this new threat information, and what they will be able to do with it. However, the White House is today clarifying at least some parts of the order with immense implications, the definitions of "cyber threat" and "critical infrastructure."

"Cyber threats cover a wide range of malicious activity that can occur through cyberspace," wrote Caitlin Hayden, spokeswoman for the White House National Security Council, in an email to The Verge. "Such threats include web site defacement, espionage, theft of intellectual property, denial of service attacks, and destructive malware."