For years, the military has worried about the vulnerability of the United States to cyberattack — and how and when to return fire in digital warfare. Now, the issue is taking center stage, as the Senate considers the nomination of an Army general to head the military’s first four-star Cyber Command.
In a hearing this morning, the Senate Armed Services Committee will review the nomination of Army Lt. Gen. Keith Alexander to be the head of the Pentagon’s new Cyber Command. It’s a chance to get a closer look at the kind of capabilities for waging network warfare the Pentagon thinks it needs. But it’s also likely to raise questions about just how far the military is willing to go in attacking foreign networks.
Last year, Secretary of Defense Robert Gates ordered the creation of U.S. Cyber Command to coordinate all of the military’s online activities. Alexander is in many ways a logical pick. He comes from the world of electronic intelligence: He is director of the National Security Agency (NSA), the super-secretive military and intelligence outfit at Fort Meade, Maryland, that is charged with code-cracking and foreign communications interception. And he will head an organization that, in large part, will be an important line of defense against cyberspying. (He’s a classmate of Gen. David Petraeus, West Point class of ‘74.)
But Alexander will also have to answer questions about how the United States might retaliate if it comes under online attack. Military planners are mindful of incidents like the massive cyberassaults against Georgia in 2008 and Estonia in 2007. In both cases, fingers pointed to Russia, but experts questioned whether the Russian government had a direct hand in events, and pointed instead to the role played by patriotic volunteers (or “cybermilitias”) who orchestrated the online assaults.
In both of those cases, cyberattacks threatened civilian networks and the financial system. It’s unclear if the military could retaliate in kind. In a series of written answers to questions from senators (.pdf), Alexander said, “It is difficult for me to conceive of an instance where it would be appropriate to attack a bank or a financial institution, unless perhaps it was being used solely to support enemy military operations.”
And the scope of responsibility for the new commander is also quite sweeping (Alexander will also be “dual-hatted,” staying on as head of the NSA). In written answers, Alexander said the organization’s new missions would include “integrating cyberspace operations and synchronizing warfighting effects across the global-security environment; providing support to civil authorities and international partners; directing global-information grid operations and defense; executing full-spectrum military cyberspace operations; serving as the focal point for deconfliction of DOD offensive cyberspace operations; providing improved shared situational awareness of cyberspace operations, including indications and warning.”
In other words, everything but the kitchen sink. We’ll be watching the hearing, and will hope to get more answers on Alexander’s vision for the new command.
Update: Hearing is now streaming live. Watch here.
Photo: U.S. Department of Defense
