This article is from the source 'nytimes' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.

You can find the current article at its original source at http://www.nytimes.com/2014/03/12/world/europe/nsa-nominee-reports-cyberattacks-on-ukraine-government.html

The article has changed 3 times. There is an RSS feed of changes available.

Version 0 Version 1
N.S.A. Nominee Warns Cyberthreats Will Only Increase N.S.A. Nominee Promotes Cyberwar Units
(about 7 hours later)
WASHINGTON — Vice Adm. Michael S. Rogers, President Obama’s nominee to run the National Security Agency, told a Senate committee on Tuesday that he had seen evidence of broad cyberattacks on the new Ukraine government, but he declined to say whether the Russian government was the source, or how much damage the attacks had done. WASHINGTON — All of the major combat commands in the United States military will soon have dedicated forces to conduct cyberattacks alongside their air, naval and ground capabilities, Vice Adm. Michael S. Rogers, President Obama’s nominee to run the National Security Agency, told the Senate on Tuesday. He said the activation of the long-discussed combat units would help counter the perception around the world that the United States is “an easier mark” for cyberattacks because it did not “have the will to respond.”
“We see it today in Ukraine,” Admiral Rogers, who heads the Navy’s Fleet cyber command, said of the cyberattacks. Asked if he expected the government of President Vladimir V. Putin to increase attacks on the Ukrainian government, he said that “clearly cyber will be an element of every crisis we see in the future,” citing past Russian attacks on Georgia and Estonia. Admiral Rogers’s comments, in written answers to the Senate Armed Services Committee, amounted to one of the most detailed public descriptions of how the United States is spending billions of dollars to develop an offensive military capability to use cyberweapons. The committee must approve his simultaneous appointment as the head of United States Cyber Command, a job he will hold in addition to overseeing the N.S.A. The retiring head of the Cyber Command, Gen. Keith B. Alexander, first announced the creation of offensive and defensive teams last year.
Admiral Rogers was cautious in what he said in the hearing before the Senate Armed Services Committee, which reviews his nomination because Admiral Rogers would also be heading United States Cyber Command, responsible for both cyberoffensive and defensive operations. He promised that the N.S.A.'s programs, including its domestic surveillance activities, would become “more transparent,” and said he would “assure a sense of accountability” for the agency’s activities. During a two-hour appearance before the committee, Admiral Rogers also confirmed that the United States had seen evidence of cyberattacks on the new government in Ukraine, but declined to say whether the United States believed the Russian government was the source of the attacks, or how much damage was done.
But he declined to be specific about how he might change the collection of telephone metadata or other information about the communications of Americans, other than to say that he had concerns that if the United States did not keep the data itself, it could slow the agency’s ability to search for links to suspected terrorists. “I believe we see it today in the Ukraine,” he said of the reports of malware, apparently written in the Moscow time zone, that have shown up in Ukrainian government systems. “We’ve seen it in Syria, Georgia. It increasingly is becoming a norm.”
At another point in the hearing, Admiral Rogers said he believed that both the United States and Defense Department systems were both still vulnerable to major attacks, and would be until “a new architecture” was in place to defend them. “It’s only a matter of time, I believe, before we start to see more destructive activity,” he said. “Clearly, cyber will be an element of almost any crisis we’re going to see in the future,” he told the senators.
For the National Security Agency, 2013 was a tough year. At another point in the hearing, Admiral Rogers said he believed that both the United States and Defense Department systems were both still vulnerable to major attacks, and would be until “a new architecture” was in place to defend them.
It started with Edward J. Snowden’s leaks of stolen N.S.A. documents and ended with a holiday letter to families of agency employees declaring that despite what everyone was hearing on television and reading in the papers, their relatives were heroes, not violators of privacy rights. Admiral Rogers, currently the head of the Navy’s Fleet Cyber Command, was cautious in what he said in the hearing about the future of the N.S.A.’s domestic surveillance activities, notably its collection of the metadata telephone numbers and durations of calls for virtually every call placed in the United States. He said he was only beginning to learn about their details since Mr. Obama tapped him for one of the most powerful job combinations in Washington: head of the country’s electronic surveillance and code-breaking operations, and commander of its growing corps of cyberwarriors.
In recent weeks it has gotten tougher. Mr. Obama has moved from lukewarm defenses of the agency’s programs to embracing recommendations to take the bulk collection of telephone call records out of the N.S.A.'s hands. But he rebuffed suggestions that the N.S.A. could track down terrorism suspects without having the telephone call data available in some form. And he sounded hesitant about the possible effects of Mr. Obama’s initiative to put that information into the hands of a third party, expressing concern that it would slow the ability to track links among potential terrorism suspects. He said the trick was to “query the data in a way that both protects the rights of the individual but also enables us to get answers in a quick, reasonable time period.”
Google and Yahoo say they are equipping themselves with new technologies designed to defeat N.S.A. interception, and the general counsel of Microsoft blogged not long ago that “government snooping potentially now constitutes an ‘advanced persistent threat,’ a phrase normally used to describe China’s most sophisticated hackers. He promised that the N.S.A.’s programs would become “more transparent,” and said he would “assure a sense of accountability” for the agency’s activities.
And to stop leakers, the agency plans to step up its monitoring of calls, emails and financial transactions of agency employees, a move the N.S.A.'s privacy critics find particularly rich in irony. As usual for a public hearing involving the likely head of one of the nation’s most secretive intelligence agencies, the most intriguing answers often involved what Admiral Rogers left unsaid, or said he was willing to discuss in greater detail in a classified session. For example, when Senator John McCain, Republican of Arizona, talked about a recent attack on the Navy’s unclassified computer systems by Iran, Admiral Rogers acknowledged the attack and refused to say what country was behind it. “It was a significant penetration,” he told the committee. But the attackers “did not opt to engage in any destructive behaviors,” he said, suggesting that Iran’s main motive was espionage.
Friends of Admiral Rogers in the intelligence community, who have worked with him in his current job running the Navy’s Fleet Cyber Command, say they wonder whether he has a sense of what he is wading into. While many had expected Admiral Rogers to be grilled about the N.S.A.’s surveillance programs, he was spared that in part because he was testifying alongside Gen. Paul J. Selva of the Air Force, whom Mr. Obama nominated to command the United States Transportation Command, which moves military equipment and personnel around the world. In scenes reminiscent of the portrayal of Congress in the Netflix series “House of Cards,” senator after senator pressed General Selva to embrace, on the record, the importance of air bases in their home districts, ahead of a possible new round of base closings.
“Why would anyone in his right mind be director of N.S.A. right now?” asked John R. Schindler, a former N.S.A. officer who is now a professor at the Naval War College. “It’s a massive political headache.” Admiral Rogers, however, engaged a subject matter that rarely gets discussed in public: how to deter attacks on the United States. He said part of the answer was using “the newest technology to identify our attackers before and during an attack not just after.”
Mr. Schindler, echoing intelligence officials who know Admiral Rogers, said he is “superbly qualified” to guide the agency’s cyber and surveillance programs. But he added that “no director in the agency’s history has ever walked into this big a challenge.” Without referring directly to a secret N.S.A. program to place “implants” on computer networks around the world, so American officials could see attacks in the making, he said in his written answer that the United States could make it clear that it knows where attacks are coming from and is prepared to retaliate.
“Rogers is taking over what they call in the Navy an ‘unhappy ship,’ he said. “This is within our capacity to fix,” he said.
The question resonating inside the N.S.A. recently is whether Admiral Rogers is prepared to become the public face — and public defender — of such an embattled agency, a job his predecessor, Gen. Keith B. Alexander, took on with gusto. Just last week, General Alexander was at Georgetown University, defending the agency’s programs, arguing that the Snowden disclosures had weakened American cyberdefenses, and gently mocking how much oversight the agency receives. “We’re reviewed by the general counsel and the inspector general” of the Departments of Defense, the director of national intelligence, the White House, Congress and many others, he said, giving a taste of how many minders Admiral Rogers will have to face.