A version of this story appeared in the daily Threat Status newsletter from The Washington Times. Click here to receive Threat Status delivered directly to your inbox each weekday.
The U.S. intelligence community’s top cyberwarrior says China’s drive to outstrip American dominance across cybersecurity, global espionage and other international defense realms is the most comprehensive and serious challenge facing the United States and will be for decades.
“It is the generational challenge that we will address, our children will address, our grandchildren are going to address,” Gen. Paul M. Nakasone, the outgoing head of U.S. Cyber Command and the National Security Agency, told an audience in rare public remarks Thursday.
“We see it across the major lines of national power — the diplomatic, information, military [and] economic,” said Gen. Nakasone, who warned that China is engaged in a long-term cyberwarfare campaign targeting critical U.S. infrastructure that delivers fuel, electricity and water supplies.
In addition to long-term infiltration strategies, Beijing is accused of backing smash-and-grab hacking operations. The most recent example is when Microsoft warned last month that China-linked hackers had access to customer emails, including those of some U.S. government agencies.
“It’s different than adversaries that I’ve seen in my three decades of service,” said Gen. Nakasone, who is wrapping up a five-year stint as the nation’s lead cyberdefense official. He warned that Chinese state-sponsored actors are engaged in a long-term campaign to penetrate and operate without detection from within U.S. critical infrastructure systems that provide necessities such as fuel, electricity and water.
“I am very concerned,” he said, “about China living off the land — this idea of positioning themselves in different critical infrastructure elements of the United States, our allies, our territories, to perhaps utilize in the future.”
Gen. Nakasone made the remarks in a discussion hosted by the Center for Strategic and International Studies in Washington. He weighed in on some sensitive matters, including the status of the electronic surveillance law, which is set to expire at the end of the year.
FISA fight
Gen. Nakasone made a plea for Congress to renew Section 702 of the Foreign Intelligence Surveillance Act, which permits the NSA and other government spy agencies to conduct targeted intelligence, including sophisticated digital wiretapping, of foreigners located outside the United States.
The FISA provision has long been at the center of a heated debate on Capitol Hill. Civil liberties groups, privacy advocates and some lawmakers on both sides of the aisle argue that the NSA and other agencies have a history of misusing the law to spy on U.S. citizens.
Section 702 “permits the U.S. government to engage in mass, warrantless surveillance of Americans’ international communications, including phone calls, texts, emails, social media messages, and web browsing,” the American Civil Liberties Union said in a recent statement arguing against reauthorization. The foreign intelligence “targets” under the statute “can be virtually any foreigner abroad: journalists, academic researchers, scientists or businesspeople.”
Gen. Nakasone insisted that the NSA and other U.S. intelligence agencies have a deep awareness of civil liberties concerns and that privacy concerns should not be an either/or proposition.
“It’s not just national security or civil liberties and privacy. It’s national security and civil liberties and privacy,” he said. He asserted that the “culture” within the intelligence community is to comply with the law, and NSA operations writ large are subject to “legislative, executive and judicial oversight.”
The NSA, he said, has a “99% rating in terms of our ability to utilize 702 lawfully.”
The Biden administration has made similar arguments. National Security Adviser Jake Sullivan circulated a statement last month calling Section 702 one of America’s “most critical intelligence tools.”
“Thanks to intelligence obtained under this authority, the United States has been able to understand and respond to threats posed by the People’s Republic of China; rally the world against Russian atrocities in Ukraine; locate and eliminate terrorists intent on causing harm to America; enable the disruption of fentanyl trafficking; mitigate the [2021] Colonial Pipeline ransomware attack; and much more,” Mr. Sullivan said.
Gen. Nakasone said “702 saves lives and protects the homeland” and “provides us an agility to do so much of what we need to do to provide insights to policymakers and warning to our military commanders.”
Former NSA General Counsel Glenn Gerstell, who hosted the discussion, said 50% to 60% of material that appears in the highly classified daily presidential briefing for the White House is “attributable to 702.”
The China factor
Gen. Nakasone was blunt when asked whether China has surpassed the U.S. in cybersecurity and surveillance operations.
“No,” he said.
“Are they getting better? Yes,” he said. “But I think the question always comes back to us [and] how do we address it. And what are our competitive advantages against a nation that has so much scope, so much scale and increasing sophistication?”
He pointed to an NSA advisory circulated in May where the agency and its partners said they had discovered indications of a Chinese “state-sponsored cyber actor using living-off-the-land techniques to target networks across U.S. critical infrastructure.”
“Cyber actors find it easier and more effective to use capabilities already built into critical infrastructure environments. A [Chinese] state-sponsored actor is living off the land, using built-in network tools to evade our defenses and leaving no trace behind,” NSA Cybersecurity Director Rob Joyce said in the advisory.
Gen. Nakasone said the NSA retains key advantages over China in the cybersecurity realm, including a strong, durable “global set” of intelligence partnerships with like-minded nations working to thwart any threats from Beijing.
Gen. Nakasone also touted the growing cohesion between U.S. government cyberintelligence operations and the private sector. “Being able to leverage the private sector, being able to work with the private sector, being able to understand what the private sector is doing is tremendously important,” he said.
He said the collaboration gained momentum after the 2020 Solar Winds hack when a group with suspected ties to Russia penetrated thousands of organizations globally and sensitive parts of the U.S. government.
In the wake of the attack, the founder and former CEO of the private cybersecurity firm Mandiant came to the NSA to discuss what the firm was seeing, said Gen. Nakasone. He said the meeting set into motion the “growth of the Cybersecurity Collaboration Center.”
“This is [what] the NSA has today, an unclassified facility outside of our gates that’s engaging with over 400 different private-sector companies in the defense industrial base,” he said. “They talk to us because we have this incredible element of intelligence that comes from our work outside the United States, but they also talk to us for the fact that when you’re talking to one of our folks … it’s known they’re talking to the experts.”
The NSA, the general said, is “in the midst of perhaps the largest growth in our agency’s history,” hiring an expected 3,000 employees over the coming year as a generation recruited during the agency’s last major surge in the late 1980s moves toward retirement.
In May, President Biden nominated Air Force Lt. Gen. Timothy Hough to replace Gen. Nakasone. The Senate has yet to confirm Gen. Hough.
• Guy Taylor can be reached at gtaylor@washingtontimes.com.
Please read our comment policy before commenting.