Indecision Hampers U.S. Cyber Potential: Ex-CIA Head

The ongoing debate over the role of the U.S. government in cyber-warfare is stalling the military’s efforts to develop and deploy relevant technology, according to the former director of the Central Intelligence Agency.

“Philosophical issues are freezing us and making us unable to take steps,” Michael Hayden, a former CIA director and retired Air Force general, told an audience Monday at the 2013 Air Force Association’s Air & Space Conference and Technology Exposition in National Harbor, Md. “We have not yet decided what it is we want our government to do or what it is we will let our government do.”

More coordination and integration is needed between agencies such as Department of Homeland Security, the Federal Bureau of Investigation and U.S. Cyber Command, Hayden said. The country also must find more qualified candidates for cyber-related jobs, he said.

“This is hard,” Hayden said. “We’re still kind of getting organized. We certainly need more trained people with tech competence.”

The Edward Snowden case has triggered a public uproar and “grand national debate” over government access to online information, Hayden said.

Snowden, a former National Security Agency contractor recently granted temporary asylum in Russia, is accused of leaking information about classified U.S. surveillance programs to news organizations in the U.S. and United Kingdom.

In the aftermath of the scandal, the NSA has skilled workers that remain underutilized, Hayden said.

The global technological landscape is changing, as evidenced by the so-called Arab Spring, in which social media-inspired mass protests and political turmoil rocked countries such as Egypt, Hayden said. Threats exist from nation-states as well as non-state actors, he said.

Cyber-attacks are targeting a rising number of government and corporate institutions, Hayden said, citing recent Iranian-backed intrusions against U.S. banks.

“The Iranians have conducted massive, serial distributed denial of services attacks against American banks — Bank of America, Wells Fargo JP Morgan Chase,” he said. The so-called denial-of-service attacks targeted the bank’s websites, resulting in 3 million hits a minute, up from 15,000 hits a minute, he said.

Cyber espionage can take many forms, including simple effort to steal information such as pin numbers, personal data, intellectual data and trade secrets, Hayden said.

The NSA plans to form 60 teams in a cyber command to address such issues, Hayden said. A third of the teams will work on cyber defense, another third will support networks from a tactical standpoint and another third will be designated “national mission forces” to defend America’s communications and data networks, he said.

“We have to organize this fight in a domain whose characteristics are fairly unfamiliar to us,” Hayden said.

About the Author

Kris Osborn
Kris Osborn is the managing editor of Scout Warrior.
  • blight_

    The military thinks they should do everything. They should work with the NSA, but let Some Other Government Agency deal with defending the country from cyber threats. In turn, they will focus on killing things In Real Life, and use information from the NSA to help them in doing so…but duplicating work by other government agencies without a plan is a waste of time.

    Unless it’s easier to ram through additional responsibilities for the military through Congress, in which case they may give it to the military. Where is the path of least resistance to standing up cyberattack capability?

    • James Massingill

      I am not so sure you understand who actually mans NSA missions. Military members have a variety of assigned “jobs” if you will. Military members are assigned to various lettered agencies in various capacities. In my own experience for example, the agency is in charge of whoever worked the mission. We called them “billets” but basically as a military member I filled a slot within an agency. There is a lot of things the military does . No, the military does not “think they should do everything”.

      Cyber warfare is basically the new-school form of SIGINT (Signals Intelligence) that the NSA is charged with. Therefore, it is under their purview. Since military members man positions within the agency that is where the military aspect comes in. It is not much different than the old school world of intelligence and using counterintelligence. Only in the cyber realm it is more closely aligned with actual warfare when you “mess with” other nations systems because you can bring down life sustaining technology.

      In case you have not figured it out yet, technology is “real life” and affects everything in the so called referenced “real life” you speak of. Although this article is about “hampered” capability it does not mean the capability is not already there and being conducted. Cyber defense operations and already assist in protecting US infrastructure (ie your referenced real-life) and in case you missed the numerous magazine and newspapers over the past decade cyber-war is already being conducted against the US.

      Other nations have the capability of bringing down our entire financial system, electrical grids, safety systems (traffic lights etc). Think about the one day the markets closed because of a computer glitch. Think about blackouts several years ago in the Northeast that were due to a computer issue. Close enough to real life for you? Those are just simple examples.

      Warfare whether it is conducted on the ground (Army / Marines), on water (Coast Guard / Navy / Marines), or my air (Air Force, Army, all services), or space (Air Force), or in the network / cyber realm (joint service - NSA) is still warfare so it will always have a military component to it. If we were to launch cyber warfare on another country, does it require congressional approval? What is a cyber operations as opposed to cyber war? those are the points of indecision at hand. Its not really who owns the mission or the best place to stand it up. It is already in process. It is not a matter of “standing up the cyber attack capability” that has been in process for almost 10 years. Ever since the US realized other nations were already doing attacks. However that capability is nowhere near where it should be, as mentioned, because of indecision.

      Its actually pretty sad to here the same old story 10 years later and 3 years after my last gig in the DoD cyber world as a contractor… Indecision gets people nowhere. That indecision is caused by the politics of the behemoth bureaucratic organizations across the US government.

    • John Grey

      Trusting a Spook is similar to ignoring the Rules of Safe Firearms Handling.

      Especially THIS lying Administration-career guy!

  • Bruce

    Is he equating a long-overdue debate over what expectations of privacy civilians should have regarding their online activites with the military/government’s insufficient defence against external cyber attacks? Hard to tell from the limited quotes here but that would seem a bit rich given that up until the Snowden affair they seem to basically have been able to do as they pleased.

  • BozoTheHack

    Sorry, but I work in Cyber Sec / Info Sec…this has nothing to do with what the government is going to bring to the table. This is about the American people. We either want security or we don’t; and, those of you who were shocked that the NSA had some sort of black box program to gather information…really?? However, you have no problem with ad ware that can do basically the same thing. How do I know this? How about the constant calls I get from friends and family about their “virus” problem. Sorry - this war is in the head, not at the keyboard. And we will lose this one as well.

    • SJE

      Its not an either/or. Everyone with half a brain knew NSA could collect anything. What was not known was that it was lying to congress, breaking the law, and flouted court oversight. It was doing more or less as its pleased without any oversight. These are not only potentially criminal offenses, but are dangerous.

      Its not either/or for the cyberwarriors or the NSA, and its not either/or for the rest of us. Even in the highly dangeous and stressful regular kinetic warfare, we shoot the bad guys, and try really hard not to kill civilians. Soldiers who flout the rules of engagement are court martialled, which is as it should be. Its just basic accountability.

    • buljos

      I would humbly submit that is incorrect. America is first and foremost a nation of laws, not a nation of people. It’s not about the government presenting the people with a security choice. It’s about the executive branch doing their job within the Constitution, fully supporting the separation of powers, and abiding by the spirit and intent of the law. There can be no other alternative, and suggesting that the people can decide otherwise is a false choice.

    • BS-(*0xnight

      Sorry about pumping this old comment guys…

      I was part of Iranian cyber forces, what the purpose of our job is ? we are swords of our nation for what !? If you know about dirty missions of your country what do you do will you be part of your nation army ?
      When you do you job and find out they are cheating on you they will remove you or the best of scenario will be kicking you out from system.

      Snowden choose wrong path because Russia is another devil. I have seen both of side so find your resolve and don’t let them use you for their own good.

  • SJE

    ““Philosophical issues are freezing us and making us unable to take steps.” Translation:
    the constitution and US rights keep getting in the way of us doing whatever we want

    • oblatt1

      There is nothing the stasi hates more than unnecessary laws getting in the way of its mission.

  • Michael Wahrman

    Most of the comments here are badly informed. Of course I see that in most comments sections on controversial topics. For your information, the NSA did not, to the best of my knowledge lie to congress, or flout the laws or any of that. As for comparisons to the Stasi, gentlemen, get a grip. Go learn about the Stasi before you make uninformed and frankly insulting comments like that.

    • SJE

      In response to direct questions from members of congress, the head of the NSA made statements that were untrue. Repeatedly as shown after the Snowden leaks. As for courts, you should read the now public orders from the judges who are frankly irritated that the NSA is BS’ing them.

    • SJE

      Look, I support the gov’t right to collect data and look for bad guys. I just think it should be done in a proper framework. If some corners were cut in the heat of the moment, thats understandable. But an ongoing program is another thing.

  • dasmang

    dear sir,(( James Massingill ))

    this is a hangout for mil people correct:?
    explaining way things work is joke, oh wait you trollen?