]As the government grapples with a vast hack, the Pentagon is weighing whether to separate management of the National Security Agency from the United States Cyber Command.Feedzy
WASHINGTON — Confronted with a vast cyberattack believed to have been carried out by Russia, the Trump administration is suddenly reviving an old idea: Strip the general who leads the United States Cyber Command of his second title as the director of the National Security Agency, the country’s largest spy operation.
The idea has been kicking around Washington for years, and the intelligence world has hotly debated its merits. But a decision has always been put off because Cyber Command, the decade-old organization that leads the military’s offensive and defensive operations around the world, remains heavily dependent on intelligence provided by the N.S.A., the 68-year-old code-breaking agency.
But when the idea was revived in recent days with a recommendation en route to the chairman of the Joint Chiefs, Gen. Mark A. Milley, for action before President Trump leaves office next month, it led to a firestorm of protest on Capitol Hill. Democrats and Republicans alike say that the two institutions are too intertwined to be managed separately and that any unilateral action by the administration to change the current structure would violate legal requirements for extensive assessments before altering it.
They said it was also unclear how such a step, especially carried out hastily during a presidential transition, would help with the current crisis. The United States still has its hands full figuring out how far the Russians penetrated into government systems, what they acquired, how American defenses failed and how to respond.
In national security circles, there is debate over whether this was another example of Mr. Trump’s diminishing staff trying to push through lasting changes in their final 30 days in office, or perhaps retribution against Gen. Paul M. Nakasone, the four-star cyberchief who holds both posts.
No one doubts that the question of whether and how to separate the leadership of the organizations is worthy of consideration, if for no other reason than that Cyber Command and the N.S.A. often have different instincts and objectives.
“The job is just too big for one person,” said Dmitri Alperovitch, the chairman of Silverado Policy Accelerator, who frequently dealt with both organizations as a founder of CrowdStrike, the cybersecurity firm.
But at a moment when investigators are about to begin examining how the two organizations performed in one of the greatest intelligence failures in modern times, it hardly seems to be the most urgent issue. The next few months will be consumed with classified and public inquiries into how the S.V.R., the Russian intelligence agency believed to be behind the hack, got into the supply chain of American software unnoticed. And if proportionate retaliation is ordered, it will be up to General Nakasone to design and execute it.
Ron Klain, the incoming White House chief of staff for President-elect Joseph R. Biden Jr., suggested for the first time on Sunday that a counterattack could be on the table.
“It’s not just sanctions,” he said on “Face the Nation” on CBS. “It’s also steps and things we could do to degrade the ability of foreign actors to repeat this sort of attack.”
That would fall to General Nakasone. He has made a strategy of “defend forward” or “persistent engagement” the hallmark of a more aggressive Cyber Command, determined to raise the cost of attacking the United States.
But the investigations are sure to focus enormous attention on how both the military command and the N.S.A., a spy agency of 40,000 or more employees, failed to detect the Russian action.
General Nakasone has made no public statements since the hack revelations. While the N.S.A. made a public effort to explain itself after Edward J. Snowden revealed its deepest secrets seven years ago, in the past week it has gone to ground, much as it did when many of its cybertools were stolen in 2016 and published by a group called the Shadow Brokers.
If General Nakasone were limited by the proposal to one role, it would most likely be running Cyber Command, a military post. One frequently named candidate to lead the N.S.A. is Chris Inglis, a former deputy director of the agency and a visiting professor in cybersecurity at the United States Naval Academy.
On Capitol Hill, word that the Pentagon was reviving the question of whether to end General Nakasone’s dual command prompted quick rebukes.
“Our government is currently responding to a cyberincident where a sophisticated adversary had access to thousands of U.S. networks,” Senators Angus King, Independent of Maine, and Ben Sasse, Republican of Nebraska, wrote in a statement on Sunday that was joined by Representatives Mike Gallagher, Republican of Wisconsin, and Jim Langevin, Democrat of Rhode Island. “Now is not the time to do it.”
Responsibility for defending the country from cyberattacks is spread across different parts of the government. The Department of Homeland Security is responsible for protecting civilian agencies and advises states, companies and utilities. The F.B.I. investigates cyberattacks.
The N.S.A., which by law can operate only overseas, goes deep into foreign networks but is also responsible for securing national security systems, like communications with the nuclear arsenal. Cyber Command is a military operation responsible for offensive military activity and defending military services from cyberattacks.
Last month, Mr. Trump dismissed Christopher Krebs, the director of the Cybersecurity and Infrastructure Security Agency, part of the Homeland Security Department, for declaring that the presidential election had been one of the best run in United States history. On CNN on Sunday, Mr. Krebs said that he had no inkling of the Russian attack and that American sensors had not been devised to detect this kind of supply-chain intrusion.
All of that would seem to raise questions that Mr. Trump would want to address in his last month. Instead, on Saturday he muddied the intelligence conclusion that the Russians were at the center of the hack, suggesting that it could have been China.
A senior administration official, who spoke on the condition of anonymity to discuss internal deliberations, said that no decisions had been made and that the acting defense secretary, Christopher C. Miller, and his top aides were reviewing the proposal. The official said the Cyber Command proposal was part of a broader review of several defense organization portfolios that Mr. Miller was rushing to complete before Mr. Trump leaves office.
The official said the Pentagon was not acting under pressure from the White House.
Representative Adam Smith, Democrat of Washington and the chairman of the House Armed Services Committee, sent letters to Mr. Miller and General Milley opposing the proposal and warning that any such unilateral action was “not only inadvisable, but is contrary to law.”
A spokesman for General Milley, Col. Dave Butler, said on Saturday, “The chairman has not reviewed nor endorsed any proposal of this kind.”
Since Mr. Trump fired Defense Secretary Mark T. Esper last month, Pentagon aides and Biden transition officials have been scrutinizing Mr. Miller, the former White House counterterrorism aide who replaced him, as well as two other Trump loyalists who were installed after a purge of the Pentagon’s top leadership: Kash Patel, the chief of staff, and Ezra Cohen-Watnick, the acting under secretary for intelligence.
The three officials have sought to make significant policy changes with just over a month remaining in office. For example, Mr. Miller and Mr. Cohen-Watnick are considering pulling back military support for the C.I.A., including its drone fleet.