Skip to: Content
Skip to: Site Navigation
Skip to: Search

Presidential cyberwar directive gives Pentagon long-awaited marching orders (+video)

The 18-page, Top Secret 'Presidential Policy Directive 20' instructs the Pentagon to draw up a cyberwar target list and to protect US infrastructure from foreign cyberattack.

By Staff writer / June 10, 2013

The Pentagon is seen from Air Force One, with President Obama on board, shortly after taking off from Andrews Air Force Base in Maryland, Feb. 2009. The Top Secret 'Presidential Policy Directive 20' instructs the Pentagon to draw up a cyberwar target list and to protect US infrastructure from foreign cyberattack.

Charles Dharapak/AP/File

Enlarge Photos

The US Defense Department has been given a bright green light to draw up a global cyberattack target list at which it can deploy digital weapons with “little or no warning to the adversary or the target,” according to a Top Secret policy document leaked to the press.

Skip to next paragraph

The policy document, dubbed “Presidential Policy Directive 20” or PPD-20, is an 18-page cyberpolicy roadmap for the Pentagon that directs it to get on with the business of defending the US and its critical infrastructure, such as the power grid and financial sector, from foreign cyberattack.

While the existence of the document and its broad outlines were revealed in news reports last fall, and a “fact sheet” on PPD-20 was released in January, the detailed policy document leaked at week’s end shows the unleashing of a military juggernaught.

Military use of cyberweapons had been paused for about three years, waiting for the end of an intense policy debate and for orders to move ahead with force into cyberspace, cybersecurity experts say.

“What this document does is lay out authority for the US Cyber Command and Joint Chiefs to use cyberweapons,” says James Lewis, a senior fellow with the Center for Strategic and International Studies in Washington. “It lays out how and when you would use these weapons, what you would target, and how you would do so in ways consistent with the Laws of Armed Conflict, rather than just shooting at random.”

Couched in legalistic language, the document authorizes development of offensive and defensive cybersystems that are consistent with the US Constitution, US law, and the international Law of Armed Conflict – and of a target list to hit with them. The document reviewed by the Monitor, leaked to both the Guardian newspaper in London and the Washington Post, was posted on the Guardian website. [Editor's note: The original version of this story did not cite the source of the document.

For instance, “Offensive Cyber Effects Operations,” or OCEO, is defined in the document as authorizing digital weapons for “manipulation, disruption, denial, degradation, or destruction” of  “physical or virtual” computer systems.

The document says OCEO “can offer unique and unconventional capabilities to advance US national objectives around the world with little or no warning to the adversary or target and with potential effects ranging from subtle to severely damaging.”

Under the heading "Policy Reviews and Preparation," the document states that: "The secretary of defense, the DNI [Director of National Intelligence], and the director of the CIA … shall prepare for approval by the president through the National Security Advisor a plan that identifies potential systems, processes and infrastructure against which the United States should establish and maintain OCEO capabilities."

Most cyberattacks must be authorized by the president, but because attacks happen in milliseconds, the document authorizes the military and other agencies to respond to the threat of an imminent attack or an emergency situation.

Protecting critical infrastructure in the US also is outlined in the document.

Despite years of wrangling, Congress has still not approved legislation addressing cybersecurity for the nation’s infrastructure, and the document does not permit the Pentagon to intrude into networks of domestic companies, such as utilities, and install defenses within computer networks that control the power grid.

But it does allow the military to defend the infrastructure from outside those networks – by identifying and undermining or destroying the attacking system and its key infrastructure. It allows government agencies, not just the military, to take “anticipatory action … against imminent threats” to infrastructure or other systems vital to the US or to US foreign policy.


  • Weekly review of global news and ideas
  • Balanced, insightful and trustworthy
  • Subscribe in print or digital

Special Offer


Doing Good


What happens when ordinary people decide to pay it forward? Extraordinary change...

Danny Bent poses at the starting line of the Boston Marathon in Hopkinton, Mass.

After the Boston Marathon bombings, Danny Bent took on a cross-country challenge

The athlete-adventurer co-founded a relay run called One Run for Boston that started in Los Angeles and ended at the marathon finish line to raise funds for victims.

Become a fan! Follow us! Google+ YouTube See our feeds!