Cybercrime , Governance & Risk Management , Incident & Breach Response

NSA Nominee Faces Armed Services, Intelligence Hearings

Senators Question Lt. Gen. Nakasone on Russian Disinformation, Cyber Defense
NSA Nominee Faces Armed Services, Intelligence Hearings
Lt. Gen. Paul Nakasone appears on March 1 before the Senate Armed Forces Committee. (Source: C-SPAN)

President Donald Trump's nominee to head the National Security Agency is set to appear Thursday before the Senate Intelligence Committee, as part of his nomination approval process.

See Also: Hunt Cloud Threats or Be Hunted | CISO Guide to Cloud Compromise Assessments

Lt. Gen. Paul Nakasone, 54, has been nominated to replace Adm. Mike Rogers, the current director of the NSA and commander of the U.S. military's cyberwarfare unit, U.S. Cyber Command. Like Rogers, Nakasone would serve in both positions.

Nakasone currently serves as commander of U.S. Army Cyber Command, which supports U.S. Cyber Command. He previously commanded the Cyber National Mission Force at U.S. Cyber Command and also served as a staff officer for Gen. Keith Alexander, the first head of Cyber Command. Alexander headed the NSA from 2005 to 2014.

For the first time, the position of NSA director, who oversees a workforce of 36,000, must be approved not only by the Senate's Armed Services Committee but also the Senate Intelligence Committee. After that, the full Senate would vote on Nakasone's nomination, which is expected to succeed.

Nakasone appears to be a technically fluent and widely respected commander. "He understands military cyberspace operations better than almost anyone in the United States," Jonathan Reiber, a former, Obama-era senior Pentagon cyber officer who worked with Nakasone, tells Politico. "But, most importantly, he understands people."

Responding to Russian Interference

As part of the confirmation process, Nakasone appeared before the Armed Services Committee on March 1. That was just one day after Rogers testified to the committee that he had not been ordered by the president to confront, at the source, Russia's ongoing attempts to meddle in U.S. political affairs.

"My concern is, I believe that President Putin has clearly come to the conclusion there's little price to pay here and that therefore, I can continue this activity," Rogers told the committee (see Russian Meddling: Trump Hasn't Ordered Direct NSA Response).

Nakasone, in his opening statement, told senators: "If confirmed to lead U.S. Cyber Command and NSA, I will ensure our military commanders and national decision makers can call upon an aggressive and globally dominant cyber force with the capability and capacity to defend us at home and apply pressure on our adversaries abroad."

Citing Rogers' testimony, senators pressed Nakasone about what he would do to deter U.S. adversaries, including combatting hacking as well as disinformation and propaganda campaigns by Russia and China (see Putin Offers Extradition Promise to US: 'Never').

"We seem to be the cyber punching bag of the world, and it's common knowledge," Sen. Dan Sullivan, R-Alaska, said at the March 1 hearing. "We have officials who have come before this committee in an open session saying nope, we get hit and we don't retaliate. We don't retaliate against the Russians, the North Koreans, the Chinese."

Sullivan asked Nakasone: "Should we start cranking up the cost of the cyberattacks on our nation?"

Nakasone said that if confirmed, he'd work with the committee to develop new cybersecurity norms. "Right now, as this space develops ... the longer that we have inactivity, the longer our adversaries are able to establish their own norms, I think that is very, very important that we realize that," he said.

But he also suggested that not all online attacks should be responded to in kind. "We should always think of cyberspace not necessarily as only being a cyber response," he said. "We have tremendous capabilities in our nation. Being able to leverage those capabilities is something we should always think about."

Whatever the revised strategy that might be developed, however, "deterrence has to be a key part of that," he said.

Lt. Gen. Paul M. Nakasone delivers a keynote speech on "the Future of Cyber Conflict" at the International Conference on Cyber Conflict, or CyCon, co-hosted by NATO and the U.S. Army.

Warrantless Surveillance Questions

At a Thursday appearance before the Senate Intelligence Committee, meanwhile, Nakasone is likely to be grilled not only on the country's response to Russia and other online threats, as well as his approach to cyber defense, but also the NSA's warrantless surveillance of Americans.

Staff for Sen. Ron Wyden, D-Oregon, tell Reuters that the senator plans to question Nakasone about his privacy stance, including how he would respond to any orders from the White House to create new warrantless surveillance programs.

Rogers, the outgoing NSA director, is the last senior intelligence official appointed by President Barack Obama who still serves in the current administration. He's also been instrumental in building up U.S. Cyber Command - the military's cyber warfare unit, launched in 2009. Last year, the Trump administration elevated it to become a unified military command, and it's scheduled to hit full operational capability - with 6,200 staffers across 133 teams - by the end of the 2018 fiscal year.

Battling Leaks

Rogers has served as director of NSA as well as commander of U.S. Cyber Command since April 2014, when he was brought in to help the agency avoid a repeat of the Edward Snowden leaks, which first began appearing in June 2013.

If Nakasone's nomination succeeds, one of his greatest challenges may be trying to avoid the leaks that have bedeviled the NSA.

Certainly, Rogers has not entirely succeeded in his mission to prevent them. In January, a classified memo from Rogers to NSA staff leaked, revealing his plans to step down this spring.

That leak was unfortunately symbolic of Rogers' tenure, which saw classified NSA information allegedly get stolen by government contractor Harold T. Martin III, who was charged in August 2016 (see Spy Whose Files Were Plucked by Kaspersky Pleads Guilty).

Last June, former American intelligence specialist Reality Leigh Winner was charged in a federal indictment with "removing classified material from a government facility and mailing it to a news outlet." The material contained details of a 2016 hack attack on a U.S. voting software supplier by Russia

U.S. officials continue to maintain that despite the 2016 election hacks and probes, hackers altered no vote totals (see States Seek Federal Help to Combat Election Interference).

The Shadow Brokers Saga

In the summer of 2016, the shadowy group known as Shadow Brokers - believed by many to be a Russian intelligence front - began leaking attack tools from the "Equation Group," which many security experts believe to be the NSA's offensive hacking team. The tools appear to have been stolen in 2013.

The Shadow Brokers' leaks may have come via Nghia Hoang Pho, an NSA agent who has pleaded guilty to taking home classified information and installing it on his home PC. The files appear to have been flagged by Kaspersky Lab anti-virus software he was running on the PC, although he had reportedly also installed a pirated copy of Microsoft Office 2013, meaning it's not clear who may have had access to his system (see Spy Whose Files Were Plucked by Kaspersky Pleads Guilty).

Pho was a developer within the NSA's Tailored Access Operations group, which is now called Computer Network Operations. The group specializes in penetrating into foreign computer networks for cyber espionage operations.

Moscow-based Kaspersky Lab has continued to deny any wrongdoing, saying it's become a political pawn between the Russian and U.S. governments (see Kaspersky Software Ordered Removed From US Government Computers).

But the NSA is not the only U.S. government agency to have seen highly sensitive information get leaked under mysterious circumstances.

Last March, WikiLeaks began releasing "Vault7," a series of alleged CIA files describing the agency's exploitation tools and techniques (see 7 Facts: 'Vault 7' CIA Hacking Tool Dump by WikiLeaks).

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.