Key Issues of U.S. Cyber Policy

Order Description A recent cyber attack occurred where a botnet type attack targeted a major US defense firm. No physical damage occurred to the firm’s network, but significant technological secrets about a new surveillance and targetin" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">ing system from the firm, Defense Applications International (DAI), appear to have been compromised. Incidental, but nonetheless as a result of the attack, the virus also in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">infected a software program that DAI was testin" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">ing at electrical plant in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in Pennsylvania. The plant had to be shut down for 12 hours while repairs were made. The NSA believes it has credible evidence that the attack had a direct connection to the elite cyber unit Department 2112, of the country of Redistan, an adversary of the United States, although the attack itself appears to in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">include private citizens of Redistan. The attack however, was routed through several third countries in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">includin" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">ing Bluelandia, an ally of the United States. You are a new cyber desk officer workin" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">ing for the National Security Council. The Deputy National Security Advisor has asked you to write an eight page memorandum addressin" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">ing key issues of cyber policy. In the memorandum you have been asked to address the followin" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">ing issues: 1) Based off of the facts we know, should the attack be considered a crime, espionage or act of war? What should the US response be? How can the US best defend itself from future attacks such as the one that just occurred? 2) Should the United States assign US Cyber Command with the responsibility of protectin" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">ing certain" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in private companies? If so what should the general standard be for determin" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">inin" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">ing what companies the government should be responsible for defendin" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">ing? 3) Should the United States lead the effort at an in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">international cyber agreement? Why or why not? What challenges would the President face in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in tryin" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">in" rel="nofollow">ing to get an agreement? Are there any alternatives? 4) Are there any substantive changes that should be made to our current US cyber policy?