1 big thing: The CIA's new license to cyberattack

   In 2018, President Trump granted the CIA expansive legal authorities to
   carry out [1]covert actions in cyberspace, providing the agency with
   powers it has sought since the George W. Bush administration, former
   U.S. officials directly familiar with the matter told Yahoo News.

   Why it matters: The CIA has conducted disruptive covert cyber
   operations against Iran and Russia since the signing of this
   presidential finding, said former officials.

   Driving the news: According to the Yahoo News story, of which I am the
   lead author, the 2018 covert action finding gives the CIA much more
   power to undertake such operations without needing prior approval from
   the National Security Council.
     * Under the Obama administration, U.S. officials would discuss
       proposals for specific potential covert actions for months, or even
       years, before signing off on them, former officials said.
     * Now they can go “from idea to approval in weeks,” a former U.S.
       official told Yahoo News. And many proposals can now circumvent the
       NSC entirely, said former U.S. officials. “Trump wanted to push
       decision-making to the lowest possible denominator,” said another
       former U.S. official — which means many of these decisions are now
       being made in-house within the CIA, said former officials.

   Of note: These new powers are not related to the CIA’s ability to hack
   for the purpose of mere intelligence-gathering, said former officials.
     * Instead, they are about creating real-world effects like degrading
       or destroying adversaries’ infrastructure or exposing rival
       intelligence services’ secrets, said these officials.
     * The CIA’s new authorities have allowed it to more freely engage in
       “hack-and-dump” operations of the sort popularized by Russian
       intelligence via WikiLeaks, where pilfered data is leaked to
       journalists or released online via personas like Guccifer 2.0, the
       online front used by Russian operatives to publicize the 2016 hack
       of the DNC, said former U.S. officials.
     * The CIA has already dumped Russia- and Iran-related tranches of
       data online, said former officials.

   Other impacts of the 2018 finding:

   1. Financial institutions. It loosens prior restrictions on disruptive
   or destructive targeting of financial institutions, former U.S.
   officials said.
     * In prior administrations, wiping or dumping hacked banking data was
       considered an uncrossable line because of the potential effects of
       retaliation by foreign states on the U.S. banking system, said
       former officials.
     * Treasury Department officials were always particularly vociferously
       opposed to such measures in the past, said former officials.
     * “These were “things CIA always knew were an option, but were always
       a bridge too far," a former official told Yahoo News. “They had
       been bandied about at senior levels for a long time, but cooler
       heads had always prevailed."

   2. "Cut-outs." The presidential authorization makes it much easier for
   the CIA to target “cut-outs” believed to be working surreptitiously for
   hostile foreign intelligence services at media organizations,
   charities, religious institutions or other nonstate entities for
   disruptive or destructive cyber actions, said former officials. In the
   past, the burden of proof for targeting such entities was high; now,
   standards have been made far more lax, said former officials.

   3. The "big four." The finding explicitly enables the CIA to use these
   new powers against the “big four” U.S. adversaries — China, Russia,
   Iran and North Korea. But even though the CIA already had more legal
   maneuverability on covert operations against Iran than other U.S. foes,
   the Trump administration was particularly focused on escalating its
   activities against Tehran, said former officials.
     * These new CIA authorities, as well as a capacious interpretation of
       prior ones, have contributed to the administration’s “maximum
       pressure” campaign against Iran, say former officials, with the CIA
       conducting disruptive cyberattacks against Iranian infrastructure
       throughout Trump's term.
     * This maximum pressure campaign has been tantamount to a “regime
       destabilization” strategy for some senior Trump-era national
       security officials, aiming to weaken the Iranian government in
       order to force it to retreat to its own borders — and even
       hopefully collapse entirely, say former officials.

   The big picture: Some officials emphasize that Trump-era shifts in U.S.
   offensive cyber operations are part of a natural evolution in U.S.
   policies in this arena and that many changes would have been granted
   under a new Democratic administration as well.
     * “It’s not like some cabal of folks who had been sort of outside the
       national security establishment ... were then brought in and
       hijacked” this process, a former senior official told me.

References

   1. https://link.axios.com/click/20914074.53225/aHR0cHM6Ly9uZXdzLnlhaG9vLmNvbS9zZWNyZXQtdHJ1bXAtb3JkZXItZ2l2ZXMtY2lhLW1vcmUtcG93ZXJzLXRvLWxhdW5jaC1jeWJlcmF0dGFja3MtMDkwMDE1MjE5Lmh0bWw_dXRtX3NvdXJjZT1uZXdzbGV0dGVyJnV0bV9tZWRpdW09ZW1haWwmdXRtX2NhbXBhaWduPW5ld3NsZXR0ZXJfYXhpb3Njb2RlYm9vayZzdHJlYW09dGVjaG5vbG9neQ/5c53a81cfbd297039763bbe6B2c819b08