CybersecurityLawmakers mull oversight of U.S. cyberattack capabilities and operations

Published 3 September 2013

There has not yet been a public discussion of U.S. offensive cyberattack capabilities — and of actual U.S. cyberattacks — and the subject had been classified until a few years ago. Even after the subject came more into the open, only the fact that the United States had the capability to initiate offensive cyberattacks was acknowledged. With the growing attention to cyber operations – both defensive and offensive — the question of oversight is set to follow.

There has not yet been a public discussion of U.S. offensive cyberattack capabilities — and of actual U.S. cyberattacks — and the subject had been classified until a few years ago. Even after the subject came more into the open, only the fact that the United States had the capability to initiate offensive cyberattacks was acknowledged.

During his confirmation hearing before the Senate Armed Services Committee in 2010, General Keith B. Alexander, the director of the NSA and the head of the U.S. Cyber Command, was asked in apre-hearing question, “Has the U.S. ever ‘demonstrated capabilities’ in cyberspace in a way that would lead to deterrence of potential adversaries?” He replied: “Not in any significant way.”

Secrecy News reports that USCYBERCOM, which is subordinated to the U.S. Strategic Command. It is located in Fort Meade, Maryland. The command centralizes command of cyberspace operations, organizes existing cyber resources, and synchronizes defense of U.S military networks. 

Appearing before a March 2013 hearing of the House Armed Services Committee, General Alexander, in response to a question from Representative Trent Franks (R-Arizona), said: “Cyber offense requires a deep, persistent and pervasive presence on adversary networks in order to precisely deliver effects. We maintain that access, gain deep understanding of the adversary, and develop offensive capabilities through the advanced skills and tradecraft of our analysts, operators and developers. When authorized to deliver offensive cyber effects, our technological and operational superiority delivers unparalleled effects against our adversaries’ systems.

“Potential adversaries are demonstrating a rapidly increasing level of sophistication in their offensive cyber capabilities and tactics. In order for the Department of Defense to deny these adversaries an asymmetric advantage, it is essential that we continue the rapid development and resourcing of our Cyber Mission Forces.”

General Alexander asserted that the United States operates the best cyber offense in the world.

In response to another question for the record from Representative James Langevin (D-Rhode Island), Gen. Alexander said that “Over the next three years we will train the Cyber Mission Forces that will perform world-class offensive and defensive cyber operations as part of our Cyber National Mission Teams, Cyber Combat Mission Teams and Cyber Protection Forces. We do not require additional authorities or resources to train the currently identified cyber professionals.”

With the growing attention to cyber operations – both defensive and offensive — the question of oversight is set to follow. When Senator Carl Levin (D-Michigan), chairman of the Senate’s Armed Services Committee, asked whether General Alexander agreed  it was appropriate that the committee be informed of all U.S offensive cyber operations, Alexander responded: “Yes, I agree that in almost all circumstances the Armed Services Committees should be informed in a timely manner of significant offensive cyber operations conducted by CYBERCOM.”