The chairman of the Senate Armed Services Committee warned the administration Tuesday that if it tried to split the position of the director of the National Security Agency from the military leader of Cyber Command, “I will object to the confirmation of the person nominated.”
In his opening remarks at the panel’s third hearing on encryption, Sen. John McCain, (R-Ariz.), said, there has been “no consultation from the White House” on reports that the administration was preparing to eliminate the dual-hatted position of NSA director and turn it into a civilian post, with a separate commander of U.S. Cyber Command.
“This committee does not take well to stonewall[ing]” on major changes being considered in the Pentagon and by the administration that is about to leave office.
He asked Adm. Michael Rogers, who holds both positions, if it was still his belief that that current arrangement should continue.
“Yes” was Rogers’s answer, as it has been in the two earlier hearings.
Sen. Jack Reed, (D-R.I.) and ranking member, said the future of the command has been a topic of several hearings, including raising its status to a unified command. It is now under Strategic Command.
McCain on several occasions pressed Marcelle Lettre II, undersecretary of defense for intelligence, and Rogers, if there was an administration policy covering what the government was prepared to do if Russia or any other nation or non-state actor disrupted the U.S. electoral process.
“The structure is so disparate” with laws from each of the states and territories on registration and voting “it tends to help us defensively,” Rogers said.
Russia reportedly has intruded on voting data from McCain’s home state and Illinois.
On whether there is a need for legislation dealing with encryption technology such as Google’s—which blocks even the manufacturer from accessing data on a personal device—Lettre said, “The legislative route is not the best approach at this time.” He said the Pentagon, Department of Homeland Security and the FBI deal with those issues on a case-by-case basis with the manufacturers and social media companies, such as Twitter.
In answer to another question, Lettre added, the department reaches “out to any and all partners who can help us” in the private sector and government. Rogers added, “Twitter’s position hasn’t changed” on access to its analytics services. “It’s absolutely fair to say we’ve had mixed results on law enforcement questions.”
The Pentagon is facing a “quick and agile set of adversaries,” including the Islamic State. Rogers called the Islamic State “the most adaptive,” willing to use handwritten notes, burner phones, etc., to communicate with each other and offset signal-intelligence collection.
“We’ve got to find a way to outpace them,” Lettre said. He said the Pentagon and CIA are working more closely together to expand their human intelligence effort, including “presence on the ground [to] identify threat actors.”
Rogers said, “Cyber is the great equalizer.” What is needed is not look at each incident as unique but to view it as part of “whole new eco-system” and that by “looking at it more deeply . . . we will find vulnerabilities.”
The other two are to “build something better” inside the Defense Department to make it more resilient against cyber attacks, and concern over data-manipulation by outsiders, raising questions about integrity in a time of crisis.
In his list of his three top cyber threats facing the United States, he listed non-state actors using it as a weapons system.