第1642条 积极抵御来自俄罗斯、中国、朝鲜和伊朗的网络攻击
速读:
《法案》第1642条要求国防部长可以通过国家指挥当局授权或者与私营部门合作的方式来积极抵御来自俄罗斯、中国、朝鲜和伊朗的网络攻击,并且每年需要向对应的委员会提供年度报告。
以下为第1642条法令原文:
(a) 针对扰乱、击败和阻止网络攻击的授权
(1)总的来说-如果国家指挥当局认为俄罗斯、中国、朝鲜、或者伊朗正在网络空间进行积极、系统和持续的攻击美国政府和民众的活动,包括试图影响美国选举和民主政治进程,国家指挥当局可以授权国防部长根据自身的权限和相关政策,通过美国网战司令部的指挥官,在外国网络空间采取适当和有针对性的行动,以破坏、击败和阻止此类攻击,将网络作战和信息作战视为传统军事活动进行。
(2)书面通知与报告
(A)行动书面通知-在行使第(1)段规定的权力时,根据《美国法典》第10篇第395款(根据第1631条转向和重新定向),部长应向国会国防委员会提供书面通知。
(B)美国网战司令部的指挥官的季度报告-
(i)总的来说-在美国网战司令部指挥官根据第(1)款采取行动的任一财年,国防部长应至少每季度向国会国防委员会提交一份关于该财年指挥官根据该款采取行动的报告。
(ii)报告方式——根据第(i)款提交的报告应以符合《美国法典》第10篇第484节要求的经常性季度报告的方式提交。
(b) 私营部门合作 – 在遵守对信息来源、获取方法的保护及保密规则的情况下,必要时部长可以在私营部门实体自愿的基础上与其协商安排,分享与恶意网络行为者以及任何相关的虚假在线人物角色或受损基础设施有关、并与(a)(1)条款下的决定有关的信息。
(c) 年度报告 -部长应该,每年至少一次,向国会国防委员会,国会情报委员会(根据1947年《国家安全法》(50 U.S.C 3003)中第3节的定义),众议院外交事务委员会,参议院外交关系委员会提交报告 -
(1)由美国网战司令部和国家安全局的网络任务部队观察到的第(a)(1)款中所述国家通过网络对美国政府或民众进行信息作战和攻击的范围和强度;以及
(2)国防部根据国防部长关于此类行动和攻击给出的指示或建议所作出的调整。
(d) 解释规则—本节中的任何内容不得解释为-
(1) 限制部长在网络空间进行军事活动或行动的权限,包括在网络空间进行秘密活动或行动;或
(2) 影响战争权力决议(公法93–148;50 U.S.C.1541等)或军事使用授权(公法107–40;50 U.S.C.1541注)。
SEC. 1642. ACTIVE DEFENSE AGAINST THE RUSSIAN FEDERATION, PEOPLE’SREPUBLIC OF CHINA, DEMOCRATIC PEOPLE’S REPUBLIC OF KOREA, AND ISLAMIC REPUBLIC OF IRAN ATTACKS IN CYBERSPACE.
(a) AUTHORITY TO DISRUPT, DEFEAT, AND DETER CYBER ATTACKS.—
(1) IN GENERAL.—In the event that the National Command Authority determines that the Russian Federation, People’s Republic of China, Democratic People’s Republic of Korea, or
Islamic Republic of Iran is conducting an active, systematic, and ongoing campaign of attacks against the Government or people of the United States in cyberspace, including attempting
to influence American elections and democratic political processes, the National Command Authority may authorize the Secretary of Defense, acting through the Commander of the
United States Cyber Command, to take appropriate and proportional action in foreign cyberspace to disrupt, defeat, and deter such attacks under the authority and policy of the Secretary of Defense to conduct cyber operations and information operations as traditional military activities.
(2) NOTIFICATION AND REPORTING.—
(A) NOTIFICATION OF OPERATIONS.—In exercising the authority provided in paragraph (1), the Secretary shall provide notices to the congressional defense committees
in accordance with section 395 of title 10, United States Code (as transferred and redesignated pursuant to section 1631).
(B) QUARTERLY REPORTS BY COMMANDER OF THE UNITED STATES CYBER COMMAND.—
(i) IN GENERAL.—In any fiscal year in which the Commander of the United States Cyber Command carries out an action under paragraph (1), the Secretary of Defense shall, not less frequently than quarterly, submit to the congressional defense committees a report on the actions of the Commander under such paragraph in such fiscal year.
(ii) MANNER OF REPORTING.—Reports submitted under clause (i) shall be submitted in a manner that is consistent with the recurring quarterly report required by section 484 of title 10, United States Code.
(b) PRIVATE SECTOR COOPERATION.—The Secretary may make arrangements with private sector entities, on a voluntary basis, to share threat information related to malicious cyber actors, and any associated false online personas or compromised infrastructure, associated with a determination under subsection (a)(1), consistent with the protection of sources and methods and classification guidelines, as necessary.
(c) ANNUAL REPORT.—Not less frequently than once each year, the Secretary shall submit to the congressional defense committees, the congressional intelligence committees (as defined in section 3 of the National Security Act of 1947 (50 U.S.C. 3003)), the Committee
on Foreign Affairs of the House of Representatives, and the Committee on Foreign Relations of the Senate a report on—
(1) the scope and intensity of the information operations and attacks through cyberspace by the countries specified in subsection (a)(1) against the government or people of the United
States observed by the cyber mission forces of the United States Cyber Command and the National Security Agency; and
(2) adjustments of the Department of Defense in the response directed or recommended by the Secretary with respect to such operations and attacks.
(d) RULE OF CONSTRUCTION.—Nothing in this section may be construed to—
(1) limit the authority of the Secretary to conduct military activities or operations in cyberspace, including clandestine activities or operations in cyberspace; or
(2) affect the War Powers Resolution (Public Law 93–148; 50 U.S.C. 1541 et seq.) or the Authorization for Use of Military Force (Public Law 107–40; 50 U.S.C. 1541 note).
《国防授权法案2019》原文:
http://cifer.pbcsf.tsinghua.edu.cn/uploadfile/2019/0422/20190422045924391.pdf