NSA director to testify at Senate hearing on cyber command unit

By Ellen Nakashima
Wednesday, April 14, 2010; 6:01 PM

In an effort to protect the military's computer networks, the Obama administration is planning to put the leader of the nation's largest electronic spying agency in charge of a new military organization capable of launching attacks against enemy networks and power grids.

If confirmed by Senate, Lt. Gen. Keith Alexander, director of the National Security Agency, would take charge of the Pentagon's newly formed cyber command and preside over a virtual army of computer technicians and network warfare specialists.

But even as the Obama administration presses the importance of cybersecurity and hails its nominee as an aggressive and innovative military intelligence officer, Alexander's confirmation has been delayed for nearly six months. Lawmakers have questioned whether the head of the NSA should lead a military unit and what, exactly, that new unit will be empowered to do.

Alexander is set to testify before the Senate Armed Services Committee on Thursday but has already provided written responses to questions from lawmakers.

Among other things, he stated that, faced with a cyber attack, the military must be able to respond in kind. It is "reasonable to assume that returning fire in cyberspace" is lawful, as long as any actions comply with the laws of war, he said in a 32-page document.

At issue is how military and intelligence authorities guide the operations of any new cyber command. U.S. policies governing cyber attacks and counterattacks lag behind the military's ability to conduct them.

Part of the challenge is that in cyberspace, a line of computer code could be an attempt to spy, disrupt a network or defend it, and that same code might unintentionally knock out critical systems in countries far from the target. The ambiguity -- and the fact that there is no international consensus on what constitutes use of force in cyberspace -- means the risks of provoking international conflict are real, experts say.

Any offensive cyber action must be guided by orders from the secretary of defense and approved by the president, a senior defense official said.

He "can't simply get up one morning and say, 'I want to go attack something,' " the official said.

In his written responses, Alexander said that clandestine, offensive actions in cyberspace -- such as dismantling a Web site used by jihadists overseas -- are "traditional military activities" and should not be considered covert operations.

In the event of a cyber attack, the military must still be able to carry out conventional operations.

"Even with the clear understanding that we could experience damage to our infrastructure, we must be prepared to 'fight through' in the worst case scenario," he said.

The Justice Department and policymakers are still grappling with the legal and policy boundaries inherent in cyberwarfare, and their decisions may well affect the scope of the command's offensive operations.

"The real problem here has been with the Pentagon and the White House, who have to come up with the cyber command strategy," said Richard A. Clarke, a cybersecurity adviser to President George W. Bush and the author of a forthcoming book, "Cyber War."

In his answers, Alexander makes clear that though the cyber command's focus is on military networks, it will be prepared to "provide military options" to the president if attacks on private, critical computer systems and civilian government systems threaten the nation's security. He made clear that the military command, not the Department of Homeland Security, would take the "lead role" in responding to a cyber attack on the United States, but under a presidential order.

There are often competing demands between intelligence agencies, which want to obtain information, and the military, which wants to save lives and win wars. In military cyberspace, Alexander said, he would be the "focal point" for deciding whose interest should prevail in a disagreement.

Some intelligence officials are concerned that the launching of a cyber command will draw away NSA resources that might otherwise support the collection of national strategic intelligence.

But Alexander, 58, has supporters who say he's up to the task. They also say he's able to make complex technical subjects clear to lay people, including lawmakers. A graduate of West Point, Alexander has masters' degrees in electronic warfare, physics and national security.

He already heads an offensive cyber organization, the Joint Functional Component Command-Network Warfare, a body that will be merged into a new cyber command.

"He is a 'techie,' but also a communicator," said NSA Deputy Director Chris Inglis. "He is the right man in the right position at the right time."

The unifying thread to Alexander's work is his desire to punch through bureaucracy and deliver useful intelligence to the battlefield, according to those who know him. During his 35-year career, most of which he spent in the Army, he tried to push the data down lower and lower on the chain of command.

He was motivated, friends say, by what he saw as failures to gather intelligence that might have prevented tragedies: the gunning down of special forces troops in Somalia in 1993; the deaths of Air Force personnel in the 1996 Khobar Towers suicide bombing in Saudi Arabia; and the killing of sailors in the 2000 USS Cole suicide bombing in Yemen.

In the first Gulf War, as a military intelligence officer, he obtained intelligence broadcasts that put his division commander at a tactical advantage in the face of an advancing Iraqi army. In the mid-1990s, he pioneered work in "battlefield visualization," trying to approximate through technology what Napoleon could do by dint of genius: arrive on the battlefield and discern at one glance the terrain's tactical advantages. Alexander helped the commander visualize the battlefield on a computer screen, placing friendly blue and enemy red forces on a detailed terrain map.

Alexander promoted the concept of "data fusion": using advanced techniques to fuse multiple sources of data to produce more timely, useful intelligence. He also ordered the creation of an intelligence watch center, providing 24-7 analytical support to the soldier.

As the commander of the Army's Intelligence and Security Command in 2001, Alexander sought to have as much access as possible to raw signals intelligence, such as e-mails and phone calls, for counterterrorism purposes, current and former intelligence officials said.

But Gen. Michael V. Hayden, then the director of the NSA, the nation's principal signals intelligence collection agency, objected on the grounds that sharing the intelligence might expose confidential source and violate Americans' privacy, current and former officials said.

Alexander "basically was wanting to be a small NSA and get out of his box," said one U.S. official, recalling the incident.

But several current and former intelligence officials were more supportive of Alexander. "He wanted to stop terrorists," one former official said.

Alexander eventually prevailed, unleashing "a deluge of data," as a former military officer put it. "It took my breath away."

By August 2005, Alexander was NSA director and wanted to speed the harvesting of raw signals intelligence. He wanted a soldier in, say, Fallujah, Iraq, to be able to type in a name or phrase on a laptop-like device, as in a Google search, and in seconds pull up relevant information. He gave NSA developers 90 days to build a prototype. He called it Real Time 10, or Real Time to the 10th power, to emphasize speed.

"The [signals intelligence] may reveal an insurgent who's getting ready to detonate an IED or ambush a unit," said Collin Agee, an intelligence official who saw RT 10 at work in Iraq. "The whole point was to compress the timeline."

Senior military officials, including the secretary of defense, praised the NSA's contributions. At the same time, said a former intelligence official, Alexander "drove the system nuts" by his insistence on in-house, rapid development of RT 10. Critics said Alexander rushed the process and failed to take appropriate procedural measures.

A report by the NSA's inspector general concluded no rules had been broken. But questions about the episode have nonetheless contributed to the delay in the confirmation process, said current and former intelligence officials.

Supporters say Alexander's emphasis on tactical intelligence has not given strategic intelligence short shrift. Toward the end of the Bush administration, the NSA undertook a major revision of collection priorities, a controversial process that meant some intelligence needs of some agencies would be given less urgency.

The State Department asked Alexander and Inglis, his deputy, to reconsider some strategic priorities. "They heard us out" and made adjustments, a former senior department official recalled.

Staff researcher Julie Tate contributed to this report.

© 2010 The Washington Post Company