CAPITOL HILL: If you want us to defend this fall’s elections from Russian hackers, military cyber commanders told Congress this afternoon, you need to give us authorities, access and resources soon.
Unlike the physical world, where a gun shoots and a jet flies no matter where you go, in cyberspace your weapons are all software, and the same program won’t run on every machine. So, even more than in traditional military operations, cyber warfare depends on preparation. You not only need to know the “terrain” of the networks and computers you’ll be fighting over, you need to build and test an arsenal that works there. This takes time.
“It goes to pre-scripted knowledge and missions,” said Maj. Gen. Christopher Weggeman, commander of 24th Air Force, when Sen. Kirsten Gillibrand asked what it would take to defend the elections.
“Unless you want us to be what I would call a ‘wet cleanup on aisle five’ force,” Weggeman went on, “if you want us to be there preventively…”
“Correct,” Gillibrand said.
“…to build security and defense to thwart malicious cyber activities, we would need authorities and the tools and the infrastructure — some of our defensive kits — that are purposely tailored to the networks and systems that you would want us to support, the state and local … infrastructure,” Weggeman said. “We need to know the network topology. We need to know the hardware, firmware, software that it operates, so that we could be responsive, we could sensor (i.e. put sensors in place), we could share information, and we could be proactive in defense.”
So, Gillibrand said, translating into layperson’s language, the military’s saying “we need access to all the information and the systems that are used state by state, we would need access to the resources to be able to develop expertise in all of these systems.”
Put that in writing, in detail, the senator instructed, so the Senate Armed Services Committee (which held today’s hearing) can consider granting those authorities, accesses, and resources in the upcoming National Defense Authorization Act.
“Obviously the president would have to sign off on that,” said Gillibrand, a Democrat, who’s criticized Trump for failing to protect the elections. Senior intelligence officials have testified that the Russians meddled in 2016, and the chief of Cyber Command, Adm. Michael Rogers, has told Congress the US is “not doing enough” to prevent a repeat in 2018. Presumptive Secretary of State Mike Pompeo said earlier this year, in his capacity as CIA Director, that Russia will try to disrupt the US elections. He was not alone. “There should be no doubt that Russia perceives its past efforts as successful and views the 2018 US midterm elections as a potential target for Russian influence operations,” Director of National Intelligence Dan Coats testified on Capitol Hill in February.
“I feel like your hands have been tied every time we talk about one critical infrastructure, which is our electoral system, and we already know we have foreign adversaries who are hammering it daily,” Gillibrand said. “We know what the vulnerabilities are. I just want to proactively know from you guys with your expertise what you would need if you were told you need to prevent this.”
Her request to the military is part of a larger effort, Gillibrand said: “We also have several private sector thinktanks working on this as well, (on) what would be their recommendations to go to every one of the 50 secretaries of state. We’ll have that information soon enough.” She and Sen. Lindsey Graham — one of Trump’s fiercest critics in the GOP — are also co-sponsoring a bill for a 9/11 Commission-style “deep dive” into election hacking.
Weggeman was the most outspoken officer on this afternoon’s panel. By contrast, when Sen. Ben Nelson asked much the same question of Lt. Gen. Paul Nakasone — currently chief of Army cyber forces and nominated to head the all-service cyber Command — he simply deferred to an ongoing Pentagon study.
But Weggeman’s Navy colleague, Vice Adm. Michael Gilday, did offer a warning on the Russians. Changing policy is necessary but not sufficient to counter them when they — and other adversaries — have been allowed to set the terms of engagement in cyberspace, he said.
“We’ve allowed the Russians to establish those boundaries,” Gilday told the senators. “In any other space — the maritime, the air, the land — you want to gain access (and) be in a position to dominate. (In cyberspace), the Russians, the Chinese the North … they have different rules sets, they have a lower threshold for aggression, and so they are gaining the initiative, and so it becomes more difficult for us to gain a position of advantage and do the things that you want us to do.”
“Changing policy is one thing,” Gilday said. “The will to act is a completely different problem set that is just as important.
With only 6,200 cyber operations in the National Mission Force, Gilday added, “the force is not big enough, not based on the discussion that we’ve had in this room this afternoon. If there’s expectations to protect critical infrastructure, to hold significant adversaries at risk — adversaries that we are in contact with every day — then more needs to be done in terms of the build-out and the development of a cyber force.”
“I agree the scope and scale … is extremely vast,” said Weggeman, “and I agree our force is too small.”