How seriously does the U.S. government take computer intrusion? Seriously enough for the threat of foreign hacking to take a prominent role in new rules governing the FBI's national security investigations issued by U.S. Attorney General John Ashcroft this week.
Ashcroft released a new version of the "Guidelines for FBI National Security Investigations and Foreign Intelligence Collection" on Wednesday. The new guidelines, billed as a response to the September 11 terrorist attacks, permit the Bureau to engage in the "proactive collection of information on threats to the national security," displacing an older policy that obliged the FBI to have a specific investigative purpose before collecting information on individuals or groups.
Like the older rules, the new guidelines allow the Attorney General to specify anything as threat to national security at any time. But a few threats are specifically hardcoded into the new rules: terrorism, espionage, sabotage, political assassination, and "foreign computer intrusion."
The latter is defined as "the use or attempted use of any cyber-activity or other means by, for, or on behalf of a foreign power to scan, probe, or gain unauthorized access into one or more U.S.-based computers."
The language is broader than a similar issue that debuted on the FBI's National Security List in 1995, when then-Attorney General Janet Reno added the "targeting of the national information infrastructure" to the list of threats, citing a danger of espionage or sabotage against U.S. systems by foreign powers.
So far, there have been no confirmed cases of state-sponsored hacking into U.S. computers. But an investigation into a series of sophisticated cyber attacks on Defense Department and university networks beginning in 1998 led investigators to a dead-end at the Russian Academy of Sciences in Moscow, prompting some officials to conclude that the intrusions were supported by the Russian government. The case, code named "Moonlight Maze" at the time, is reportedly still under investigation.