Senators bash Obama over cyber war policy

Senators bash Obama over cyber war policy
© Getty

Senators on Tuesday hammered the Obama administration, saying it lacks a coherent or fully formed cyber warfare policy.

“The administration’s cyber policy as a whole remains detached from reality,” Senate Armed Services Committee Chairman John McCainJohn Sidney McCainListen, learn and lead: Congressional newcomers should leave the extremist tactics at home Overnight Defense: Trump unveils new missile defense plan | Dems express alarm | Shutdown hits Day 27 | Trump cancels Pelosi foreign trip | Senators offer bill to prevent NATO withdrawal Bipartisan senators reintroduce bill to prevent Trump from withdrawing from NATO MORE (R-Ariz.) said during a hearing.


“For years our enemies have been setting the norms in cyberspace while the White House sat idly by hoping the problem would fix itself," he added.

And the lack of planning could have disastrous results, including muddled responses to cyberattacks and poorly structured Defense Department cyber teams, several senators told National Security Agency Director Adm. Michael Rogers, who was testifying.

"If we don’t have a policy, how are we going to develop plans?” Sen. Deb FischerDebra (Deb) Strobel FischerErnst elected to Senate GOP leadership This week: Congress starts lame-duck with leadership fight Senate GOP readies for leadership reshuffle MORE (R-Neb.) asked Rogers, who also heads the U.S. Cyber Command.

“Something terrible is going to happen and a lot of people are going say, ‘Why didn’t we have a policy?’” said Sen. Angus KingAngus Stanley KingSen. Angus King begins treatment for prostate cancer GOP senators challenge Trump on shutdown strategy Will Trump declare an emergency tonight? Only he knows for sure MORE (I-Maine).

In the 2014 Defense authorization bill, McCain tasked the Obama administration with developing such a cyber deterrence policy.

In December, “a year and a half late,” McCain said, the White House finally got back to the committee.

“The response reflected a troubling lack of seriousness and focus,” McCain said. “That kind of indecisiveness is antithetical to deterrence and our nation simply cannot afford it.”

The Armed Services chair pressed Rogers on his strategy for responding to a cyberattack, or for when a preemptive cyber strike is necessary.

“It seems to me these are policy decision that have not been made?” he asked. “Is that correct?”

“The way I would describe it is, we clearly still are focused more on” an “event-by-event” approach to cyber incidents, Rogers said.

Several senators, including James InhofeJames (Jim) Mountain InhofePressure mounts for Trump to reconsider Syria withdrawal Dems express alarm at Trump missile defense plans Dem senator expresses concern over acting EPA chief's 'speedy promotion' MORE (R-Okla.), pointed to a Government Accountability Office (GAO) report released Monday that concluded the DOD has not clearly defined its own “roles and responsibilities for cyber incidents.”

Rogers agreed that greater clarification was needed, but had not yet read the report.

King, the Maine Independent, pressed the NSA head for details on when such detailed answers for these issues — “What is an act of war? What is a proportional response? What is a mutually assured destruction situation?” — might be in place.

“Sir, I don’t have a date for you,” Rogers replied, cautioning that he, as head of NSA and U.S. Cyber Command, is just one of many voices.

“I am part of those discussions,” he said, “I try to provide an input and just be one voice.”

Rogers stressed that his duty is to develop cyber capabilities and bolster his team's capacity.

U.S. Cyber Command is working to staff up 133 offensive and defensive cyber teams by 2018, a total of 6,200 staff.

On Tuesday, Rogers said he had 27 fully operational teams, 68 teams that had “attained initial operational capacity,” and nearly 100 that were conducting some form of cyberspace operations.

The full staff is on schedule to hit its 2018 target, he said.

Senators on both sides of the aisle expressed a desire to spin this growing cyber command out from under the NSA umbrella.

“I’m finding it harder and harder to justify you holding two jobs given the complexity,” King said, while complimenting Rogers on his ability to handle both roles.

Rogers cautioned that it was not yet time to take control of Cyber Command away from the NSA chief, noting that the unit was established six years ago to take advantage of NSA infrastructure.

“I agree in the long run,” Rogers said. “But the reality is we’re just not ready to do that today.”

But Rogers did say Cyber Command was ready to be elevated to a full, independent military command. It currently operates as a sub-unit of U.S. Strategic Command.

McCain and his committee’s top Democrat, Sen. Jack ReedJohn (Jack) Francis ReedOvernight Energy: Pentagon report warns of climate threats to bases | Court halts offshore oil testing permits | Greens challenge federal drilling work during shutdown Overnight Defense: Second Trump-Kim summit planned for next month | Pelosi accuses Trump of leaking Afghanistan trip plans | Pentagon warns of climate threat to bases | Trump faces pressure to reconsider Syria exit Pentagon warns of threat to bases from climate change MORE (R.I.), indicated they would likely make the push for elevation in the next Defense authorization bill.

“That would be my intention,” McCain said, turning to Reed for an agreement. “Right, Jack?”

“I think so, sir,” Reed replied. “But I think it’s valuable to have Adm. Rogers comments’ today.”

— Updated 9:53 a.m.