Opening Statement by Ranking Member Reed at SASC Hearing on United States Cyber Command
Thank you Senator Inhofe. Admiral Rogers, since we are holding the confirmation hearing for your successor later this week, this is likely your last appearance before the committee. I want to thank you for your decades of service to the country, your hard work at NSA and Cyber Command, and for your assistance to this committee. I wish you the best in your new endeavors.
One of the great threats facing our democracy is influence operations, a type of information warfare, which are mostly conducted through cyberspace – the domain and “theater of operations” of Cyber Command. Russia engaged in a sophisticated influence campaign during the 2016 election cycle. China has been engaged in information operations against their own citizens in order to control their access to information and their behavior, and is becoming more active abroad. They have also engaged in massive theft of intellectual property conducted against U.S. companies for their own economic gain. North Korea’s attack on Sony America was an attempt to silence an entertainment company from exercising its right to free speech and thereby send a message across the world. These efforts by our adversaries highlight some of our vulnerabilities in this area -- which I hope you will address today.
While our adversaries are freely conducting information operations, Cyber Command is still predominantly designed to conduct technical operations to either defend or attack computer systems – to sustain or impede the functioning of computers and networks. It is not built to deal with the content of the information flowing through cyberspace, with the cognitive dimension of information warfare. Cyber Command has made important strides in the last year in the cognitive dimension in the struggle against ISIS, but still has a long way to go, and must also focus on the strategic level of engagement, not merely on operational-tactical support to engaged forces.
Other organizations and officials in the Defense Department are responsible for what the Defense Department calls “psychological” and “deception” operations, but those officials and components in turn have no expertise or capabilities in the technical aspects of cyberspace operations. This is a serious handicap when we are confronted with adversaries, like Russia, that conduct information warfare that combines the technical and cognitive dimensions to manipulate perceptions through cyberspace. Because we have separated these things organizationally and in terms of policy and strategy, we are greatly disadvantaged when it comes to countering an adversary’s integrated operations and when it comes to conducting our own information operations through cyberspace.
The FY18 NDAA included a provision, co-sponsored by Senator McCain and myself, which directs the Secretary of Defense to designate a senior official to lead the integration of all Defense Department components and capabilities that contribute to information warfare and to develop specific strategies, plans, and capabilities to operate effectively in this arena to counter and deter adversaries. I am eager to learn how Cyber Command is responding to this legislation.
As stressed in the newly released National Defense Strategy, Russia and other adversaries have mastered the art of conducting systematic aggression against the US and its interests and allies while staying just below the level that would be considered armed aggression or an act of war. As the DNI testified recently to the Senate Intelligence Committee, adversaries are “using cyber operations to achieve strategic objectives” and will continue to do so “unless they face clear repercussions.” Adversaries are achieving strategic effects incrementally by applying constant pressure through cyberspace against the sources of our national power.
In addition to tools such as sanctions, diplomacy, indictments, and public shaming, we must meet not only Russia, but all adversaries, where the struggle is taking place – in the information sphere. As part of this, we need to engage and blunt information operations against us at their source by disrupting them in cyberspace as they unfold. The National Mission Teams of the Cyber Mission Force were created to conduct exactly these missions.
According to Defense Department’s official cyber strategy, the National Mission Teams were created to defend the country by disrupting ongoing cyber attacks of, quote, “significant consequence.” Some of these influence operations in cyberspace are directed against the foundations of American democracy – the free expression of Americans’ political views, the voting booth, and through our political parties and campaign organizations. Surely such acts meet the threshold of “significant consequence” justifying the use of the National Mission Teams under the Defense Department’s cyber strategy. The members of the Cyber Subcommittee, led by Senator Rounds and Senator Nelson, have made this point numerous times and I want to thank them for their leadership on this issue. Admiral Rogers, I am also interested in your views on this issue.
Finally, I understand that Presidential leadership is critical on these issues. I raised this matter with the Director of National Intelligence and each of the intelligence agency directors, including you, Admiral Rogers, at a recent public hearing of the Intelligence Committee. The very disappointing answer that I received is that the President has not directed any action on countering these threats. In addition, countering these threats requires not only that the Defense Department integrate all the components of information warfare; it is essential to integrate capabilities and authorities of all the national security and law enforcement organizations across the government as a whole. This, too, requires leadership that so far has been lacking.
Admiral Rogers, thank you again for your service, and that of your family, and I look forward to your testimony.