Cybersecurity

NSA's Rogers makes the case for cyber norms

Michael Rogers

Adm. Michael S. Rogers said Iran "has demonstrated a clear ability to learn from the capabilities and actions of others."

Clearer international norms and concepts of deterrence can help prevent cyber conflicts from spiraling out of control, National Security Agency Director Adm. Michael Rogers told a crowd of cybersecurity professionals Feb. 23.

Those words might have sounded more familiar coming from a State Department official than the man in charge of the U.S. offensive cyber capabilities and its global intelligence-collection enterprise. But Rogers, citing conflicts in Georgia, Ukraine and Iraq, said nearly every recent war has had a cyber dimension to it, lending urgency to the need for "norms of behavior" and "concepts of deterrence."

A recently revealed NSA document underscores the potential of cyber espionage to escalate. The classified document, leaked by former NSA contractor Edward Snowden and published by The Intercept, reveals the NSA has been concerned that Iran’s cyber capabilities have improved because of a cyberattack against Iran itself. Tehran "has demonstrated a clear ability to learn from the capabilities and actions of others," the document states.

"Escalation is not something that is unique to the domain of cyber," Rogers said at a New America Foundation conference in Washington, D.C. "So, just as we have developed frameworks over time to help us address the issue of escalation in a more kinetic, more traditional world," the same will have to be done in cyberspace.

Rogers would not comment further on the Iranian revelation, nor a recent Reuters report attributing to the NSA a global cyber espionage program that has infected computers in more than 30 countries.

Asked to define a "cyber Pearl Harbor," a phrase used in 2012 by then-Defense Secretary Leon Panetta, Rogers replied: "An action directed against infrastructure within the United States that leads to significant impact -- whether that’s economic, whether that's in our ability to execute our day-to-day functions as a society, as a nation." He added that the hack of Sony Pictures Entertainment last November met that dire criteria. Movie studios fit into the U.S. government’s broad definition of critical infrastructure.

In succeeding retired Gen. Keith Alexander last year, Rogers became the second official to head both the NSA and the U.S. Cyber Command, the latter of which was formally set up in 2010. Cyber Command’s mission includes defending Defense Department networks and, when directed, carrying out attacks on foreign cyber assets. NSA’ mission includes global intellection collection and information assurance.

Some critics have taken issue with the two organizations' convergence. A technology and privacy review panel appointed by President Barack Obama in 2013 advised against having one official head the NSA and Cyber Command, but the administration rejected the recommendation.

Rogers defended the unity of NSA and Cyber Command as crucial to cybersecurity. "Given where U.S. Cyber Command is in its maturity and its journey right now, it needs the capabilities of the National Security Agency to execute its mission to defend critical U.S. infrastructure and to defend the department's networks," he said.

About the Author

Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.

Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.

Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.


Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.