General says attacks by foreign hackers are 'clarion call'

Senate Armed Services U.S. Cyber Command Commander, National Security Agency Director and Central Security Service Chief Gen. Paul Nakasone listens during a hearing to examine United States Special Operations Command and United States Cyber Command in review of the Defense Authorization Request for fiscal year 2022 and the Future Years Defense Program, on Capitol Hill, Thursday, March 25, 2021, in Washington. (Anna Moneymaker/The New York Times via AP, Pool)

The U.S. Cyber Command conducted more than two dozen operations aimed at thwarting interference in last November’s presidential election, the general who leads the Pentagon’s cyber force said Thursday.

Gen. Paul Nakasone did not describe the nature of the operations in testimony to the Senate Armed Services Committee but said they were designed “to get ahead of foreign threats before they interfered with or influenced our elections in 2020.”

A U.S. intelligence assessment released last week said that neither Russia nor any other nation manipulated votes or conducted cyberattacks that affected the outcome of the vote.

Nakasone’s appearance before the committee came as the U.S. deals with major cyber intrusions, including a breach by elite Russian hackers that exploited supply chain vulnerabilities to break into the networks of federal government agencies and private companies.

Nakasone said in his prepared remarks that Cyber Command and the National Security Agency are helping plan the Biden administration’s response to the SolarWinds intrusion and that “policymakers are considering a range of options, including costs that might be imposed by other elements of our government.”

Separately, the U.S. is working with the private sector to respond to a separate hack that exposed tens of thousands of servers running Microsoft’s Exchange email program to intrusion.

Asked by the committee chairman, Sen. Jack Reed, D-R.I., whether the intrusions represented a “new terrain,” Nakasone said both the SolarWinds and Microsoft hacks revealed “a scope, a scale, a level of sophistication that we hadn’t seen previously.”

“It is the clarion call for us to look at this differently — how do we ensure we have as a nation both the resiliency and the ability to act against these type of adversaries,” he said.

Nakasone said one challenge is that foreign state hackers have taken advantage of legal constraints that prevent U.S. intelligence agencies such as the NSA, whose surveillance is focused abroad, from monitoring domestic infrastructure for cyber threats. Hackers are increasingly using U.S.-based virtual private networks, or VPNs, to evade detection by the U.S. government.

As a result, he said, the problem is not that intelligence agencies can’t connect all the dots but rather “we can’t see all of the dots.”

“We have an inability to see everything,” he added. “We as U.S. Cyber Command or the National Security Agency may see what is occurring outside of the United States, but when it comes into the United States, our adversaries are moving very quickly. They understand the laws and the policies that we have within our nation, and so they’re utilizing our own infrastructure, our own internet service providers, to create these intrusions.”

A senior Biden administration official told reporters earlier this month that the administration was not currently seeking additional authorities to monitor U.S.-based networks. Rather, the U.S. is working to encourage better information-sharing from the private sector about cyber threats.

Private companies are typically reluctant to share information on hacks and attempted hacks with the FBI and other government agencies, mostly out of fear of the negative business fallout if it were to become public. In many cases, companies don’t even report the incidents to the government.

On Wednesday, Sen. Mark Warner, D-Va., lamented in a webinar about being unable to get support in Congress for legislation to make it mandatory for companies to disclose cyber breaches. The chairman of the Senate Intelligence Committee singled out the telecommunications sector — a big target in the SolarWinds hack — as being especially resistant.