By Ellen Nakashima
Washington Post Staff Writer
Saturday, June 13, 2009
The Pentagon's development of a "cyber-command" is prompting questions about its role in the larger national strategy to protect government and private-sector computer networks and whether privacy can be protected. And the command is fueling debate over the proper rules to govern a new kind of warfare in which unannounced adversaries using bits of computer code can launch transnational attacks.
Defense officials are creating the command to defend military networks and develop offensive cyber-weapons, based on a strategy that brings together the military's cyber-warriors and the National Security Agency, the organization responsible for electronic espionage.
The launching of the command, which could be announced as early as next week, reflects the Pentagon's determination to respond urgently to the growing sophistication of other nations' abilities to penetrate the military's global data networks and obtain or alter sensitive information.
"NSA is the only place in the U.S. government that has the capabilities we need for defense of the private networks," said James A. Lewis, a senior fellow and cybersecurity expert at the Center for Strategic and International Studies. "We need to find a way to use those capabilities without putting civil liberties at risk."
The cyber-command will focus strictly on military networks, administration officials have said. But senior intelligence officials have also urged that the NSA use its abilities to help the Department of Homeland Security defend America's critical computer systems -- those operated by the civilian government and by the private sector.
"DHS lead[s]," said Lt. Gen. Keith B. Alexander, the head of the NSA and the official who is expected to lead the cyber-command, in an April speech to industry. "We support. Technical support. I see that as our role. And I think that's where you need us."
Some national security experts fear that the Pentagon's push to develop its cyber-warfare ability may clash with the administration's efforts to forge partnerships with the private sector and with governments and businesses abroad, who might be wary of the Defense Department's intentions.
"This whole notion of being global means we have to work collaboratively with other countries," said Suzanne Spaulding, a former CIA assistant general counsel. "They'll be suspicious and uncomfortable if they're dealing with NSA and perhaps more so with DOD. If DOD goes to them and says, 'Let's collaborate on defensive tools. Tell us what you've developed,' they'll be justifiably concerned that what DOD is really doing is perfecting its offensive capability.' "
Some intelligence officials worry that the cyber-command will put new burdens on the NSA, detracting from the agency's role of gathering electronic intelligence for national strategic purposes, such as determining Russia's intention in building its military.
But the effort is necessary, senior Pentagon officials say..
Cyberspace, said Gen. Kevin P. Chilton, commander of the U.S. Strategic Command, is as much a "domain" as is air, land or sea, in which the abilities to defend and attack must work in tandem. "You always . . . want to bring those two elements together so that the left hand knows what the right hand is doing."
In the cyber domain, he said in a meeting with reporters last month, the NSA has "unique" capability, through electronic intelligence gathering and analysis, to inform the military of threats and of an adversary's intent, and to "prepare for attack, and attack."
Every day, unseen operators, using automated software, are conducting millions of scans or probes of the military's Global Information Grid, which handles 56 terabytes of data a day -- the equivalent of 5 1/2 Libraries of Congress -- and is used by millions of military and civilian personnel.
Most of the intrusions have had espionage as their goal, raising fears that the stolen information would aid an adversary in planning an attack against the United States, Chilton said. More important, he said, he worries about the potential for a crippling manipulation of information. "So I put out an order on my computer that says I want all my forces to go left, and when they receive it, it says, 'Go right.' . . . I'd want to defend against that."
And of course, experts say, the United States would like to be able to do the same to an adversary.
An April report by the National Research Council highlighted the need for a national policy on cyber-attack.
If a foreign country flew a reconnaissance plane over the United States and took pictures, for instance, the United States would reserve the right to shoot it down in U.S. airspace, experts said. But if that same country sent malicious code into a military network, what should the response be?
"That question is under active debate at the highest levels of government," said Herbert S. Lin, who directed the National Research Council study.
Some intelligence officials believe that a sustained network penetration that results in theft of operational documents shows "hostile intent" and may justify an aggressive response, Lin said.
But taking down a power plant that serves a number of hospitals that treat civilians may not be a "proportional" response, said Harvey Rishikof, a national security law professor at the National War College.
"In the cyberworld, we're trying to move to a new regime," he said. "What are the rules of the road that dictate when you can use cyber-weapons in an offensive manner?"
Research director Alice Crites contributed to this report.