The Washington PostDemocracy Dies in Darkness

U.S. cyber force credited with helping stop Russia from undermining midterms

Gen. Paul Nakasone, who heads U.S. Cyber Command and the National Security Agency, testifies before the Senate Armed Services Committee Thursday. (Erik S Lesser/EPA-EFE/REX/Shutterstock)

Senators from both political parties on Thursday praised the military’s cyber force for helping secure last year’s midterm elections, with one suggesting it was largely due to U.S. Cyber Command that the Russians failed to affect the 2018 vote.

“Would it be fair to say that it is not a coincidence that this election went off without a hitch and the fact that you were actively involved in the protection of very important infrastructure?” Sen. Mike Rounds (R-S.D.) asked Gen. Paul Nakasone, the command’s leader, at a hearing of the Senate Armed Services Committee.

Pentagon launches first cyber operation to deter Russian interference in midterm elections

Military officials have said new authorities, approved over the last year, enabled CyberCom to be more aggressive — and effective — in what they privately say was an apparent success. Nakasone, who also heads the National Security Agency, stopped short of saying it was CyberCom that made the difference, telling Rounds that safeguarding the election was the agencies’ “number-one priority.”

Nakasone assumed his dual posts in May and has privately told Pentagon leaders that having the two agencies under a single director was key to the operation’s outcome.

Last week the Justice and Homeland Security departments reported there was no evidence that any foreign government had “a material impact” on the election or campaign infrastructure.

The lawmakers, who received a classified briefing Wednesday on the operation, lamented the military could not be more forthcoming about its campaign.

“I wished that the American people could have heard more of what you told us,” Sen. Richard Blumenthal (D-Conn.) said. “It was success. Very few of the American public know about the successes.’’

Trump gives the military more latitude to use offensive cyber tools against adversaries

The counter-Russia campaign marked the first operational test of a presidential order granting CyberCom more latitude to undertake offensive operations without having to seek approvals from other agencies, which can be time-consuming.

Also pivotal was a new provision included in this year’s National Defense Authorization Act clearing the way for more clandestine cyberoperations that don’t rise to acts of war, categorizing them as “traditional military activity.”

The campaign was carried out by the Russia Small Group, which Nakasone set up last year, drawing personnel from CyberCom and the NSA.

The group took action under a new strategy of “persistent engagement,” or sharing threat information with the FBI and Department of Homeland Security so they can share it with the private sector to help firms secure their networks, raising the costs for an attacker.

Another aspect of persistent engagement involves continually confronting the adversary, in this case Russia, forcing it to devote resources to defending its networks and reducing its ability to cause mischief inside U.S. networks.

One element of CyberCom’s operation reportedly involved a form of electronic signaling to Russian hackers and “trolls” who conduct disinformation campaigns on social media. The warnings indicated the Americans knew where the Russians’ command-and-control systems were and could disrupt them if need be, according to officials, who spoke on the condition of anonymity to describe sensitive operations.

Officials have been reluctant to disclose additional details, saying that doing so could help U.S. adversaries. Some senators seemed torn by that.

“The enemies know what they’re doing,” Blumenthal said. “We know what they’re doing. . . . They know we know what they’re doing. The only ones who are in the dark, really, are the American people.”

Some former senior intelligence officials argue that the operation could have been just as successful if the NSA and CyberCom had been led by separate individuals.

“NSA supports all of the unified military commands, not just one,” said James R. Clapper Jr., the former director of national intelligence. “I don’t agree that the only way that [intelligence] support can be rendered is through dual-hatted leadership.”

Rounds earlier this week told The Washington Post that CyberCom’s operation prevented “what would have been some very serious cyber incursions.” Said Rounds: “The fact that the 2018 election process moved forward without successful Russian intervention was not a coincidence.”

He, too, refrained from disclosing details, but said, “I can just tell you that the types of cyber activity that Russia, through multiple agencies and third parties [was conducting], was most certainly impacted during this process.”

Joseph Marks contributed to this report.