Alexander Comes Under Friendly FireConfirmation Hearing for Newly Created Cyber Commander Post
President Obama last year nominated Alexander to hold both jobs as the Defense Department, where NSA resides, restructured its cybersecurity governance by creating a military cyber command and place a four-star flag officer in charge of both organizations. If confirmed, Alexander would be promoted to full general.
At the Thursday hearing before the Senate Armed Services Committee, Alexander also addressed the difficulty of how to defend against cyber attacks emanating from neutral nations during a traditional conflict and explained how he conceives a cyberwar could occur but only as part of a kinetic war.
Alexander also testified that Defense Department computers receive hundreds of thousands of probes a day from outsiders, including other nations, with the aim to gain information such as the types of operating systems running on Defense computers and networks, knowledge that could be used to facilitate future attacks.
Alexander spent a good part of the hearing addressing the synergies among the NSA, the cyber command and DHS. The general said it's clear that DHS has the responsibility to defend civilian agencies' computer and communications systems and networks as well as the mostly privately owned national critical IT infrastructure. Still, he said, under the Comprehensive National Cybersecurity Initiative, NSA is charged to furnish technical support to help DHS defend the federal government's civilian and the nation's mostly privately owned critical national IT infrastructure. "We have responsibility to provide the technical information for what the threat is trying to do them, to provide an early warning to that," Alexander said. "But (DHS) would operate and defend that system. Our responsibility would be to provide people and capabilities to help them do that."
The hearing kicked off with Senate Armed Services Committee Chairman Carl Levin, D.-Mich., presenting Alexander with hypothetical scenarios, in which American forces - engaged in a traditional military conflict - found their cyber operations under attack.
Alexander said that if the virtual attack occurs within the combat theater, the cyber command could take the necessary offensive acts to eliminate the threat. However, if the cyber attack originates from a server located in a neutral country, under standard rules of engagement, the cyber command would need to receive additional approval from the defense secretary or president before taking offensive action to silence that server. Unlike a kinetic attack, where the military can see where the assault originates, that's not the case with a cyber attack. Indeed, he said, attribution - knowing who's behind the attack and were it emanates - remains an unsolved dilemma. "When a cyber attacks comes form a neutral country," Alexander said, "therein lies the complexity for this problem."
As to whether a standalone cyberwar could exist, Alexander expressed some doubts. He said he could perceive of a cyberwar, but only in the context of a kinetic war. The general was responding to a question from Sen. Mark Udall, D.-Colo., who read a quote from a GovInfoSecurity.com interview of White House Cybersecurity Coordinator Howard Schmidt, who said: "A cyberwar is just something that we can't define. I don't even know (how a) cyberwar would benefit anybody. Everybody would lose. There's no win-lose in the cyber realm today. It affects everybody; it affects businesses, it affects government, so number one, there's no value in having one."
Of the potential for a cyberwar, Alexander said: "In general terms, I do think a cyberwar could exist. I believe it would not exist in itself but as part of a larger military campaign. I believe the tools and stuff for command and control that we have today to effect those in cyberspace are analogous to the tools that we had 40 years ago for jamming communications, but now, in cyberspace, you can not only jam, but you can do a lot more to information. and therein lies part of the problem."
Udall noted that in his written responses to committee questions submitted before the hearing, Alexander said the new cyber command had a number of challenges, but the general's answers were classified. Udall asked if Alexander could provide public remarks on those challenges.
Alexander's response was vague, saying transparency is important in cyber arena and that government must explain to the American public what it does to safeguard IT. "We have to show what we're dong to make sure we comply with the laws," he said. "We stood up a director of compliance at NSA to make sure we can train our folks significantly. We hold them accountable to comply with (the law). We will carrying that into cyber command as well."