Written by Shannon Vavra
Although Pentagon officials have suggested in recent days that the nation’s offensive cyber arm should split away from the National Security Agency, Cyber Command is a long way from being ready to stand on its own, according to a bipartisan group of lawmakers.
The proposal, which some DOD officials have been entertaining in the last several days, would separate out the command from the Department of Defense’s foreign signals intelligence agency, which it has been co-located with for 10 years in order to help it find its footing. Both the NSA and Cyber Command are currently run by the same leader, Gen. Paul Nakasone, and some critics say the Trump administration has been interested in separating the two in order to carve out a leadership spot for a political ally at the helm of the NSA before his time in the Oval Office expires, according to The Washington Post.
But in order to split from the NSA, Cyber Command would have to meet congressionally-mandated standards, which were set up in 2016 in order to prevent a premature split from destabilizing the command’s military readiness. A bipartisan group of lawmakers said on Sunday that Cyber Command has not met those standards yet.
“The 2017 National Defense Authorization Act requires the Secretary of Defense and Chairman of the Joint Chiefs of Staff to certify to Congress that splitting of the dual-hat will not pose unacceptable risks to the national security interests of the United States,” said Sen. Angus King, I-Maine; Sen. Ben Sasse, R-Neb.; Rep. Mike Gallagher, R-Wis.; and Rep. Jim Langevin, D-R.I.
“This certification has not been made, and any attempt to split the dual-hat arrangement before this certification is made would clearly violate the law,” they added.
The standards that the DOD must meet in order to separate Cyber Command from the NSA would require the Chairman of the Joint Chiefs of Staff, Mark Milley, and the secretary of defense — in this case, Acting Defense Secretary Chris Miller — to assess whether Cyber Command is operationally dependent on the NSA and whether the NSA and Cyber Command could, in theory, operate independently of one another. By law they must also asses the military and intelligence necessity and benefit of the current arrangement.
Specifically, the DOD must also be able to certify that the the tools that DOD currently uses in cyber-operations are “sufficient for achieving required effects” and that Cyber Command and the NSA each have the infrastructure needed to carry out their missions.
They also must certify the DOD has established proper de-conflicting processes. That means ensuring that the espionage priorities of the NSA, which is more inclined to pursue targets over the long term, do not conflict with the military priorities of Cyber Command, which is more primed to disrupt targets. Other standards that must be met include those related to training and rehearsal of cyber-operations.
Overall, the secretary of defense and Chairman of the Joint Chiefs would need to certify that “termination of the dual-hat arrangement will not pose risks to the military effectiveness of the United States Cyber Command that are unacceptable to the national security interests of the United States,” according to the NDAA.
The lawmakers — all members of the congressionally-created Cyberspace Solarium Commission — did not say which of the NDAA requirements the command and NSA have not yet met. The chairman of the House Armed Services Committee, Rep. Adam Smith, D-Wash., shared other concerns on Saturday about the proposal to split the two.
A fraught proposal
As recently as three months ago, Nakasone said the partnership between the two organizations allows them to better coordinate on evidence of potential intrusions and respond to cyber incidents with other agencies, such as the FBI — suggesting that the leadership of the two entities still benefits from the dual-hatted relationship.
Cyber Command has run offensive cyber-operations to degrade ISIS terrorists’ ability to spread propaganda and interrupted the internet access of Russia’s troll farm in order to block them from meddling in the 2018 U.S. elections.
But over the years, there have been signs Cyber Command is still finding its footing in some departments. The command has encountered technical difficulties running its operations abroad, for instance. In its fight against ISIS the command was not prepared for the amount of data it collected in the course of the operation, according to declassified documents obtained through the Freedom of Information Act.
And while Cyber Command has made progress on outlining what tools it needs to operate in recent years, it has not established interoperability requirements for these tools, which could spell trouble for its cyber-operations, the Government Accountability Office found in a report released last month.
For now, Miller has decided that he cannot certify to Congress that Cyber Command has met the congressionally-established conditions that would be required to sever the dual-hatted setup, according to The Post.
The four lawmakers added that focusing on a potential split right now, amid the ongoing response to the massive SolarWinds breach, would be a mistake.
“Our government is currently responding to a cyber incident where a sophisticated adversary had access to thousands of U.S. networks,” they wrote. “Regardless of whether it’s better to keep or end the dual-hat arrangement between NSA and CYBERCOM, now is not the time to do it.”