WASHINGTON — U.S. Cyber Command and the National Security Agency have capabilities critical to helping the nation’s public- and private-sector entities during and even before a cyberattack, but both agencies need partners to do so, Navy Adm. Mike Rogers said recently.
Rogers, commander of Cybercom and director of NSA, was speaking July 24 at the annual Aspen Security Forum in Aspen, Colorado, during a discussion moderated by David Sanger, chief Washington correspondent for the New York Times. The admiral also took questions from the audience on war, crime and security in cyberspace.
Cybercom is especially interested in trends in cyberattacks and cybercrime -- even those occurring in the private sector -- because the U.S. government has designated 16 areas in the private sector that have implications for the nation’s security, Rogers said.
These include energy, transportation, financial services, food supplies and communications, and may be especially vulnerable to cyberattack because they use open-source software or hardware, third-party utilities and interconnected networks, according to the Congressional Research Service.
Defend Industry, Defend the Nation
“What DoD said was, we believe that the nation is going to be turning to us to help defend it in the midst of a potential crisis and as a result we will generate capabilities that we could potentially apply, if directed, against portions of those 16 segments,” he said.
The DoD Cybersecurity Strategy that Defense Secretary Ash Carter released in April quantifies the kinds of private-sector attacks DoD will respond to as “cyber events of significant consequence,” Rogers added, making the point that “the government is not signing up to” defend everything.
In the end, the admiral said, “it is all about our ability to create partnerships. It is the ability of the private sector and the government to team together to generate better outcomes for the nation, not just for us but our allies as well.”
Another important part of the strategy involves help from NSA.
Warnings and Indications
“We have said that NSA will use its foreign intelligence mission to generate insights as to what key cyber actors around the world are doing,” Rogers said.
The idea is to get ahead of the problem by getting insights at the point of origin rather than waiting for the attack, the admiral said. These insights could provide indications and warning to the government and the private sector before the attack originates, Rogers said.
“This is what you're going to see,” he said, referring to what NSA can tell a private-sector company that will share the right kind of data, “this is how you can best structure your defense to defeat it.”
Between NSA and U.S. Cyber Command, Rogers said, “we try to do all of that with the private sector.”
But he reminded the audience that Cybercom is just one part of a broader enterprise, naming the Department of Homeland Security and the FBI as two of the command’s biggest partners on cyber defense.
“One of the reasons why the partnership is so important -- using NSA resources to monitor and guard U.S. networks -- that's not our mission,” Rogers said, “and it's against the law … but on the other hand I do want to create a partnership where we're able to share information with each other.”
An example, he said, was the Sony Pictures Entertainment hack in November 2014 sponsored by North Korea.
After the hack, Sony went to the U.S. government for help, he said, and the government determined that the hack was a criminal act.
The FBI was designated as the lead agency, Rogers said, “and the FBI turns to NSA and says, ‘We could use your analytic help, will you partner with us in working with Sony?’”
The admiral said Sony cooperated completely with the government during the investigation.
“We said, ‘In order to generate the insights we need, here's the kind of detail we need.’ Sony did everything we asked. We were able as a result to generate insights relatively quickly about what we were seeing,” he explained.
But Rogers was frustrated with the situation.
“This [cooperation] is great,” he said, “but the horse was out of the barn … Why can't we have this kind of dialog prior to the attack?”