Date: 1970-02-11

Defense Science Board Task Force on
Computer Security,
Controls for Computer Systems: Report of the Defense Science Board Task Force
on Computer Security
. Confidential.


Document Source: Computer Security Lab


This report contains three key parts – an
analysis of the nature of the problem, an examination of policy considerations
and recommendations, and a series of technical recommendations. Among the conclusions
reached was that contemporary technology could not provide a secure system in
an open
, and that it would be unwise to incorporate sensitive
information in an open environment system unless a significant risk of
accidental disclosure could be accepted.

Date: 1979-03-00

[Deleted], National Security Agency, “Computer
Operating System Vulnerabilities,”
Cryptolog, VI, 3
(March 1979). Unclassified.


Document Source:


This article, which appeared in a classified
NSA journal, explores seven common computer operating system vulnerabilities,
several penetration techniques, defensive measures, and future research areas.

Date: 1982-06-00

Robert J. Hanyok, National Security Agency, “Some
Reflections on the Reality of Computer Security,”
Cryptolog, IX, 6-7 (June-July 1982). Confidential.


Document Source:


The author of this article argues that while
computer users at NSA have been confident that the security of their systems is
“ironclad and invulnerable” the reality is quite different. He then
notes a number of user practices and implementation problems that make those
systems vulnerable.

Date: 1984-09-17

Ronald Reagan, National Security
Decision Directive 145, “National Policy on Telecommunications and
Automated Information Systems Security,” Confidential.


Document Source: National Security Council
Freedom of Information Act Release.


This presidential directive notes the threats
to “automated information processing systems” and lays out
objectives, policies, and an organizational structure designed to safeguard
such systems.

Date: 1985-09-00

[Deleted], “Computer Virus Infections: Is NSA
, 4, 3 (Fall 1985). Top Secret.


Document Source:


This paper examines the nature of computer
viruses, whether there is an algorithm to determine whether a program is
infected with a virus, different classes of attack (including compromise,
spoofing, and denial of service), and solutions.

Date: 1988-06-00

[Deleted], “A First Generation Technical Viral
, 7, 2 (Summer 1988). Secret.


Document Source:


This paper examines a defense, involving
encryption, that can be used to respond to the detection of a computer virus -
and means for checking the effectiveness of the response.

Date: 1989-06-00

General Accounting Office, GAO/IMTEC-89-57, Computer Security: Virus Highlights
Need for Improved Internet Management
June 1989. Unclassified.


The catalyst for this report was a November
1988 computer virus that caused thousands of computers, in the United States
and overseas, to shut down. The report provides details on some of the networks
disrupted by the virus, the means of infection, and notes the vulnerabilities
highlighted by the incident.

Date: 1990-07-05

George W. Bush, National Security Directive 42, Subject:
National Policy for the Security of National Security Telecommunications and
Information Systems. Confidential.


Document Source: National Security Council
Freedom of Information Act Release.


This presidential directive was produced in
response to the “continuing advances in microelectronics technology”
which had “stimulated an unprecedented growth in the demand and supply of
telecommunications and information processing services within the government
and throughout the private sector.” It states objectives, policies, and
means and responsibilities for implementation.

Date: 1991-11-21

General Accounting Office, GAO/T-IMTEC-92-5, Computer Security: Hackers
Penetrate DOD Computer Systems
, November
20, 1991. Unclassified.


Document Source:


This testimony of a GAO official concerns his
division’s investigation of the attacks by Dutch hackers on Army, Navy, and Air
Force computer systems – which the official characterizes as containing
unclassified but sensitive information – during Operation Desert Storm/Shield.
It examines how the hackers penetrated the systems, agency responses, and the
need for greater attention to computer security.

Date: 1992-00-00

Richard Sylvester, National Security Agency, “NSA and
Computer Viruses,”
Cryptolog, XIX, 3 (1992). Unclassified/For Official Use Only.


Document Source:


This one-page article reports NSA
classification guidelines with respect to any discussion of computer viruses
with regard to NSA systems. Classification of specific facts ranged from
Unclassified to Top Secret/Handle Via Comint Channels Only.

Date: 1995-00-00

[Deleted], National Security Agency, “Global Network
Intelligence and Information Warfare: SIGINT and INFOSEC in Cyberspace,”
Cryptolog, XXI,1 (1995). Top Secret/Handle Via Comint Channels Only.


Document Source:


This heavily-redacted article extends beyond
cyber issues, but does note that “sophisticated telecommunications and
data networks … make it possible to deny and degrade a potential adversary’s
command and control communications and sensitive commercial and diplomatic
communications from great distances with little or no risk to life and

Date: 1996-01-00

[Deleted], “Out of Control,” Cryptologic Quarterly, Special Edition, 15, 1996. Secret.


Document Source:


This article, in another National Security
Agency journal, discusses the threat to computer systems containing classified
information via human intelligence operations directed at systems
administrators. A largely redacted section is titled “”Foreign
Intelligence Services Are Already Targeting Computer Personnel,” while the
final section offers recommendations on how to address the problem.

Date: 1996-05-22

Jack L. Brock, General Accounting Office, GAO/T-AIMD-96-92, Information Security: Computer
Attacks at Department of Defense Pose Increasing Risks
, May 22, 1996. Unclassified.


Document Source:


This report and testimony by a GAO official
reports on an examination of hacker attacks on Defense Department computer
systems, including a 1994 episode that involved over 150 attempts to access the
computer systems of Rome Laboratory – which resulted in the theft of air
tasking research data and damage to the laboratory’s air tasking order research
project “beyond repair,” according to lab officials. The report and
testimony also discuss the challenges faced by DoD in securing its computer

Date: 1996-05-22

Government Accounting Office, GAO/AIMD- 96-84, Information Security: Computer
Attacks at Department of Defense Pose Increasing Risks
, May 22, 1996. Unclassified.


Document Source:


This report and testimony by a GAO official
reports on an examination of hacker attacks on Defense Department computer
systems, including a 1994 episode that involved over 150 attempts to access the
computer systems of Rome Laboratory – which resulted in the theft of air
tasking research data and damage to the laboratory’s air tasking order research
project “beyond repair,” according to lab officials. The report and
testimony also discuss the challenges faced by DoD in securing its computer

Date: 1997-03-03

William A. Cohen, Memorandum for the
Director, National Security Agency, Subject: Delegation of Authority and
Creation of Executive Agent. Secret/US Only.


Document Source: Department of Defense Freedom
of Information Act Release.


This memo from the secretary of defense to the
director of NSA authorized the agency to develop computer network attack (CNA),
exploitation, and related techniques as well as to conduct analysis of foreign
information infrastructure systems in support of CNA technology development.

Date: 1997-04-00

William B. Black, National Security Agency, “Thinking
Out Loud About Cyberspace,”
Cryptolog, XXIII, 1 (Spring 1997). Secret.


Document Source:


This article, by a senior NSA official, notes that
NSA was assigned the mission of computer network attack in March 1997, and
argues that the world was on the verge of a new age – “the information
age” – and that the future of war would be warfare in cyberspace.

Date: 1997-10-00

President’s Commission on Critical
Infrastructure Protection,
Foundations: Protecting America’s Infrastructures
. Unclassified.


Document Source:


This presidential commission report focused on
the protection of critical infrastructures – including energy, banking and
finance, transportation, and telecommunications – in the context of the
“rapid proliferation and integration of telecommunications and computer
systems” which “have connected infrastructures to one another in a
complex network of interdependence.” Its two parts focus on “the case
for action” and “a strategy for action.”

Date: 1998-05-22

William J. Clinton, Presidential Decision Directive/NSC-63,
Subject: Critical Infrastructure Protection, May 22, 1998. For Official Use


Document Source: Federation of American
Scientists (


The introduction to this directive notes that
the military and economy of the United States are “increasingly reliant
upon certain critical infrastructures and upon cyber-based information
systems.” The remainder of the 18-page directive specifies the President’s
intent “to assure the continuity and validity of critical
infrastructures” in the face of physical or cyber threats, states a
national goal, delineates a public-private partnership to reduce vulnerability,
states guidelines, specifies structure and organization, discusses protection
of Federal government critical infrastructures, orders a NSC subgroup to
produce a schedule for the completion of a variety of tasks, and directs that
an annual implementation report be produced.

Date: 1999-11-00

Office of General Counsel, Department of Defense, An Assessment of International Legal
Issues in Information Operations
, Second
Edition, November 1999. Unclassified.


Document Source:


The introduction to this assessment notes that
information operations includes information attack which, in turn, includes
computer network attack. It goes on to consider the implications of a variety
of domestic and international laws and treaties with regard to information

Date: 2000-01-31

Michael V. Hayden, Director, National
Security Agency, “Message from the Director re: Major Systems
Failure.” Top Secret/Comint. [Via mail]


Document Source: National Security Agency
Freedom of Information Act Release.


This message from the NSA director provides
information to agency employees concerning a massive failure of the agency’s
computer system that left it temporarily incapable of processing data collected
by U.S. signals intelligence collection systems.

Date: 2001-03-09

Department of Defense Instruction O-8530.2, Subject: Support
to Computer Network Defense. Unclassified/For Official Use Only.


Document Source:


This 38-page instruction states policy,
assigns responsibilities to a variety of organizations (including the Defense
Information Systems Agency, National Security Agency, and the now
disestablished U.S. Space Command), and stipulates procedures to provide
“structure and support” for computer network defense with DoD
information systems and computer networks.

Date: 2001-06-19

Steven A. Hildreth, Congressional Research Service, Cyberwarfare, June 19, 2001. Unclassified.


Document Source:


This report discusses the definition of
cyberwarfare, and contains three case studies – including the Rome Laboratory
incident (Document 8a, Document 8b) and two exercises – and, inter alia,
reviews U.S policy and doctrine, organization, and legal issues. It also
discusses selected foreign views and activities with regard to cyberwar.

Date: 2002-05-02

Robert Mueller, III, “Message
from the Director.” Unclassified.


Document Source: FBI Freedom of Information
Act Release.


This message from the director of the FBI,
early in his tenure, conveys his view as to the top ten challenges facing the
bureau and what the FBI needs to do to meet those challenges – which include
cyber-based attacks.

Date: 2002-06-00

Michael Vatis, ESDP Discussion Paper-2002-04, Cyber Attacks: Protecting America’s
Security Against Digital Threats
, John F.
Kennedy School of Government, Harvard University, June 2002. Not classified.


Document Source: Belfer Center for Science and
International Affairs, Harvard University (


This paper, written by the first director of
the Federal Bureau of Investigation’s National Infrastructure Protection
Center, examines: the range of cyber attackers (including insiders, criminal
groups, virus writers, foreign intelligence services, foreign military
organizations, terrorists, “hacktivists,” and recreational hackers),
types of cyber attacks, the international component of cyber attacks, the
federal response to cyber attacks, Presidential Decision Directives 62 and 63,
and the policy of the George H.W. Bush administration. Vatis also offers
recommendations concerning cyber research and development, alert status during
conflict, and identifying best practices related to cyber security.

Date: 2003-02-00

The White House, The National
Strategy to Secure Cyberspace
, February
2003. Unclassified.


Document Source:


This 76-page document discusses the strategy’s
strategic objectives (including preventing cyber attacks against critical U.S.
infrastructures), the government’s role in cyber security, the anticipated role
of the Department of Homeland Security in cyber security, and five critical
priorities for cyberspace security (including a national cyberspace security
response system and international cooperation). A classified National Security
Presidential Directive (NSPD-38), with the identical title, was issued on July
7, 2004.

Date: 2003-12-00

Kheng Lee Gregory Tran, Naval Postgraduate School, Confronting Cyberterrorism with
Cyber Deception
, December 2003.


Document Source: Dudley Knox Library, Naval
Postgraduate School (


This master’s thesis examines the possibility
of using deception to defeat or mitigate the damage from cyberterrorism. It
examines, inter alia, the cyberterrorism threat, the values and risks of
deception, nine varieties of cyber deception (including concealment,
camouflage, false and planted information, ruses, and feints) and cyber
defense, and the pitfalls of cyber defense.

Date: 2004-06-00

Interagency OPSEC Support Staff, Intelligence Threat Handbook, June 2004. Unclassified.


Document Source: Author’s Collection


The scope of this handbook is broader than
cybersecurity, but one section – Computers and the Internet – addresses the
history of Internet security, threats to computer network security, roots of
network vulnerability, outsider attack techniques, insider attack techniques,
and countermeasures.

Date: 2004-07-00

Office of Inspector General, Department of Homeland
Security, OIG-04-29,
Progress and
Challenges in Securing the Nation’s Cyberspace
, July 2004. Unclassified.


Document Source:


This document reports on the inspector
general’s evaluation of the Department of Homeland Security’s efforts to
implement The
National Strategy to Secure Cyberspace
(Document 14). It notes
“major accomplishments” – including the creation of a Computer
Emergency Readiness Team, creation of the National Cyber Alert System, and
sponsorship of the National Cyber Security Summit. It also notes “a number
of challenges to address long-term cyber threats and vulnerabilities” -
including the DHS National Cybersecurity Division’s need to prioritize its
initiatives, identify resources required to carry out its mission, and develop
strategic implementation plans.

Date: 2005-02-00

President’s Information Technology Advisory Committee,
Report to the President,
Security: A Crisis of Prioritization
February 2005. Unclassified.


Document Source:


The two main chapters of this report, prior to
the concluding chapter, address the importance of cyber security and examine
federal cyber security research and development efforts. In its concluding
chapter the committee states its findings and recommendations with regard to
federal funding for fundamental research in civilian cyber security, the cyber
security research community, technology transfer efforts, and the coordination
and oversight of federal cyber security research and development.

Date: 2005-11-04

Donald Rumsfeld, to Steve Cambone, Subject: Cyber Attack
Issue, November 04, 2005, Unclassified/FOUO .


Document Source:


In this “snowflake” directed to his
under secretary for intelligence, Rumsfeld suggests that Cambone consider
establishing a group to review organization, budgeting, and presentation issues
with regard to cyber attacks.

Date: 2006-08-14

Department of Directive O-3600.01, Subject: Information
Operations, August 14, 2006. Unclassified/For Official Use Only.


Document Source: Department of Defense Freedom
of Information Act Release


This directive states Department of Defense
policy and responsibilities with regard to information operations (defined as
the integrated deployment of electronic warfare, computer network operations,
psychological operations, military deception, and operations security). Among
those whose responsibilities are identified is the Assistant Secretary of
Defense for Networks and Information Integration.

Date: 2006-12-00

Chairman of the Joint Chiefs of Staff, The National Military Strategy for
Cyberspace Operations
, December 2006.


Document Source: Department of Defense Freedom
of Information Act Release.


This strategy document was issued to provide
guidelines to the Defense Department – including military service
organizations, the unified commands, and DoD components (including agencies,
field activities and other entities) – with regard to planning, executing, and
allocating resources for cyberspace operations. Its main chapters focus on the
strategic context, threats and vulnerabilities, strategic considerations, the
military strategic framework, and implementation and assessment. Several
enclosures address topics such as examples of threats and threat actors,
examples of vulnerabilities, and strategic priorities and outcomes.

Date: 2007-01-22

John Rollins and Clay Wilson, Congressional Research Service, Terrorist Capabilities for
Cyberattack: Overview and Policy Issues
January 22, 2007. Unclassified.


Document Source:


This study examines possible terrorists’
objectives in conducting cyberattacks, computer vulnerabilities that might make
cyberattack against the U.S. homeland’s critical infrastructure viable, and
emerging computer and technical skills of terrorists. It also examines the
cybersecurity efforts of several government agencies, changing concerns about
cyberattack, and a number of additional issues concerning terrorist or criminal
cyber activities.

Date: 2007-01-31

Intelligence Science Board, Rapidly Advancing Globalization and
the Emerging Threat of Foreign Information Operations
. Secret/Noforn.


Document Source: Office of the Director of
National Intelligence Freedom of Information Act Release.


This report, by a DNI advisory group, argues that
the U.S. Government should accept that any of its information systems and
networks (even classified ones) might be compromised and recommends a strategy
for bolstering information assurance.

Date: 2008-00-00

National Counterintelligence Executive, Office of Director
of National Intelligence and Department of Justice,
The United States Government-Wide
Cyber Counterintelligence Plan
, 2008, TOP


Document Source: Director of National
Intelligence Freedom of Information Act Release.


The core of this document is the
identification of, and discussion related to, six cyber counterintelligence
objectives (the specifics of two having been redacted from the version
released). It also contains several appendices, including one on the assessment
of damage/loss from cyber intrusions, and a glossary.

Date: 2008-01-24

Intelligence Science Board, Technical Challenges of the National
Cyber Initiative


Document Source: Director of National
Intelligence Freedom of Information Act Release.


The ISB, an advisory body reporting to the
DNI, identifies in this report a number of technical challenges to the DNI’s
National Cyber Initiative. These include, but are not limited to, the need for
extensive cooperation, a strategic view, macro-level metrics, and a national
approach. They note their agreement with a 2004 CIA assessment that the cyber
problem is on the scale of a “Manhattan Project.”

Date: 2008-12-00

Ryan J. Moore, Naval Postgraduate School, Prospects for Cyber Deterrence, December 2008. Unclassified.


Document Source:


The author of this thesis argues that with
“more sectors of critical national infrastructure [being] interconnected
in cyberspace,” the risk to national security from cyberattack “has
increased dramatically.” He explores the fundamentals of strategic deterrence,
the evolving cyber threat, deterrence strategy in cyberspace, and the prospects
for cyber deterrence.

Date: 2009-00-00

Major William C. Ashmore, School of Advanced Military
Studies, United States Army Command and General Staff,
Impact of Alleged Russian Cyber
, 2009. Unclassified.


Document Source:


This monograph was written to examine the
implications of alleged Russian cyber attacks against Estonia and Georgia for
the Russian Federation, former Soviet satellites, and international

Date: 2009-00-00

Defense Security Service, Targeting U.S. Technologies: A Trend Analysis of Reporting
from Defense Industry
, 2009. Unclassified.


Document Source:


This assessment of foreign attempts to
illicitly acquire U.S. technologies concerns a variety of techniques, including
“suspicious internet activity” – which includes, but is not limited
to “confirmed intrusion, attempted intrusion, [and] computer network attack.”

Date: 2009-01-05

U.S. Strategic Command, The Cyber Warfare Lexicon: A Language to Support the
Development, Testing, Planning and Employment of Cyber Weapons and Other Modern
Warfare Capabilities
, January 5, 2009.
Unclassified/For Official Use Only.


Document Source:


In addition to providing a series of
definitions concerning cyber activities, this document also contains a series
of discussions on aspects of cyberspace operations.

Date: 2009-05-08

The White House, Cyberspace
Policy Review: Assuring a Trusted and Resilient Information and Communications
, May 8, 2009. Unclassified.


Document Source: The White House


This paper reports the results of a
presidentially-directed 60-day comprehensive review to evaluate U.S. policies
and organizational structures related to cybersecurity. The review produced
seven main conclusions which included: “The Nation is at a crossroads,”
“The status quo is no longer acceptable,” “The United States
cannot succeed in securing cyberspace if it works in isolation,” and
“The Federal government cannot entirely delegate or abrogate its role in
securing the Nation from a cyber incident or accident.”

Date: 2009-06-24

Chairman, Joint Chiefs of Staff, CJCSM 6510.01A, Information Assurance (IA) and
Computer Network Defense (CND) Volume I (Incident Handling Program)
, June 24, 2009. Unclassified.


Document Source: Editor’s collection


This 176-page manual covers a variety of
aspects of computer incident handling – including the overall incident handling
program, methodology, reporting, analysis, response, tools, and collaboration
with other strategic communities.

Date: 2009-06-29

Robert M. Gates, Memorandum to Secretaries of the Military
Departments, Subject: Establishment of a Subordinate Unified U.S. Cyber Command
Under U.S. Strategic Command for Military Cyberspace Operations, June 23, 2009.


Document Source:


This memo from the Secretary of Defense
directs the commander of the U.S. Strategic Command to establish a U.S. Cyber
Command and that the command reach an initial operating capability by October
2009 and a full operating capability by October 2010. It also informs the
recipients of the Secretary’s plan to recommend to the president that the
National Security Agency director also become commander of the Cyber Command.

Date: 2009-08-28

Department of Defense, The Department of Defense Strategy for Counterintelligence
in Cyberspace
, August 28, 2009.
Unclassified/For Official Use Only.


Document Source:


This document notes that “a new
operational environment has emerged as evidenced by the increasing frequency
and destructiveness of attacks and exploits launched against the United States
through cyberspace.” The central aspects of the strategy are the
definition of mission objectives (e.g. neutralizing intelligence activities
targeting U.S. and DoD interests in cyberspace) and enterprise objectives (e.g.
achieving unity of effort in cyberspace).

Date: 2009-09-18

Federal Bureau of Investigation, Counterintelligence Vulnerability
Assessment for Corporate America
Unclassified/For Official Use Only.


Document Source:


This assessment discusses the elements of
counterintelligence management and support, provides a means of evaluating the
assorted threats (including insider and foreign threats) to corporate
information, and elements of neutralizing threats.

Date: 2009-10-09

Bryan Krekel, Northrop Grumman, Capability of the People’s Republic
of China to Conduct Cyber Warfare and Computer Network Exploitation
, October 9, 2009. Unclassified .


Document Source: Air University


This study, prepared for the U.S.-China
Economic and Security Review Commission, focuses largely on Chinese computer
network exploitation (CNE) as a strategic intelligence collection tool. It
examines Chinese CNE operations strategy and operations during conflict, key
entities in Chinese computer network operations, cyber-espionage, an
operational profile of an advanced cyber intrusion, and a chronology of alleged
Chinese computer network exploitation events.

Date: 2009-11-02

Air Force Space Command, The United States Air Force Blueprint for Cyberspace, November 2, 2009, Unclassified.


Document Source:


The Air Force Space Command is the lead U.S.
Air Force organization for cyberspace operations. The Command’s blueprint
reports on presidential guidance, joint guidance, Air Force intent, the
Commander’s guidance, the Air Force concept of cyberspace operations,
integration of capabilities, operational responsiveness, and cyberspace

Date: 2010-01-29

Department of Defense, DoD Instruction 5205.13, Subject:
Defense Industrial Base (DIB) Cyber Security/Information Assurance (CS/IA)
Activities, January 29, 2010. Unclassified.


Document Source:


This Defense Department instruction states
policy, establishes responsibilities, and delegates authority with regard to
the protection of unclassified DoD information that passes through or resides
on unclassified Defense Industrial Base information systems and networks.

Date: 2010-02-19

Department of Homeland Security, Computer Network Security &
Privacy Protection
, February 19, 2010.


Document Source:


This white paper describes the Department of
Homeland Security’s computer network security activities, which includes the
operation of the EINSTEIN intrusion detection systems – including the systems
collection methods and the implications for privacy protection. It also
discusses topics such as oversight and compliance, the role of the National
Security Agency, and future program development.

Date: 2010-02-22

U.S. Army Training and Doctrine Command, TRADOC Pamphlet
The United States Army’s
Cyberspace Operations Concept Capability Plan, 2016-2028
, February 22, 2010. Unclassified.


Document Source:


This pamphlet explores how “the Army’s
future force in 2016-2028 will leverage cyberspace and CyberOps” and how
CyberOps (which is specified to consist of four components – cyberwarfare,
cyber network operations, cyber support, and cyber situational awareness) will
be integrated into full spectrum operations.