The U.S. intelligence community’s top cyberwarrior says China’s drive to outstrip American dominance across cyber, global espionage and other international security realms is the most comprehensive and serious challenge facing the United States, and will be for decades.
“It is the generational challenge that we will address, our children will address, our grandchildren are going to address,” Gen. Paul M. Nakasone, the outgoing head of U.S. Cyber Command and the National Security Agency told an audience in rare public remarks Thursday.
“We see it across the major lines of national power — the diplomatic, information, military [and] economic,” said Gen. Nakasone, who warned that China is engaged in a long-term cyber campaign targeting U.S. critical infrastructure that delivers fuel, electricity and water supplies.
In addition to long-term infiltration strategies, Beijing is also accused of backing smash-and-grab hacking operations, with the most recent example occurring last month, when Microsoft warned that China-linked hackers had gained access to customer emails, including those of some U.S. government agencies.
“It’s different than adversaries that I’ve seen in my three decades of service,” said Gen. Nakasone, who is wrapping up a five-year stint as the nation’s lead cyber defense official. He warned that Chinese state-sponsored actors are engaged in a long-term campaign to penetrate and operate without detection from within U.S. critical infrastructure systems that provide things like fuel, electricity and water.
“I am very concerned,” he said, “about China living off the land — this idea of positioning themselves in different critical infrastructure elements of the United States, our allies, our territories, to perhaps utilize in the future.”
Gen. Nakasone made the remarks in a discussion hosted in Washington by the Center for Strategic and International Studies, during which he weighed in on a range of other sensitive matters, including the status of the controversial electronic surveillance law that is set to expire at the end of the year.
FISA fight
Gen. Nakasone made a plea Thursday for Congress to renew Section 702 of the Foreign Intelligence Surveillance Act, which permits the NSA and other American spy agencies to conduct targeted intelligence, including sophisticated digital wiretapping, of foreigners located outside the United States.
The FISA provision has long been at the center of a heated debate on Capitol Hill, with sharp pushback to its possible renewal coming from civil liberties groups, privacy advocates and some lawmakers on both sides of the aisle, who argue the NSA and other agencies have a history of misusing the law to spy on U.S. citizens.
Section 702 “permits the U.S. government to engage in mass, warrantless surveillance of Americans’ international communications, including phone calls, texts, emails, social media messages, and web browsing,” the American Civil Liberties Union said in a recent statement arguing against reauthorization. The foreign intelligence “targets” under the statute “can be virtually any foreigner abroad: journalists, academic researchers, scientists, or businesspeople.”
Gen. Nakasone insisted there is a deep awareness of civil liberties concerns within the NSA and other U.S. intelligence agencies, and that concerns about privacy should not be an either/or proposition.
“It’s not just national security or civil liberties and privacy. It’s national security and civil liberties and privacy,” he said, asserting that the “culture” within the intelligence community is to comply with the law, and NSA operations writ large are subject to “legislative, executive and judicial oversight.”
The NSA, he added, has a “99% rating in terms of our ability to utilize 702 lawfully.”
The Biden administration has made similar arguments and circulated a statement last month calling Section 702 one of America’s “most critical intelligence tools.”
“Thanks to intelligence obtained under this authority, the United States has been able to understand and respond to threats posed by the People’s Republic of China; rally the world against Russian atrocities in Ukraine; locate and eliminate terrorists intent on causing harm to America; enable the disruption of fentanyl trafficking; mitigate the [2021] Colonial Pipeline ransomware attack; and much more,” National Security Advisor Jake Sullivan said in the statement.
Gen. Nakasone echoed the point Thursday, claiming “702 saves lives and protects the homeland” and “provides us an agility to do so much of what we need to do to provide insights to policymakers and warning to our military commanders.”
Former NSA General Counsel Glenn Gerstell, who hosted Thursday’s discussion, added that between 50% and 60% of material that appears in the highly classified daily presidential briefing for the White House is “attributable to 702.”
The China factor
Despite Beijing’s recent advances, Gen. Nakasone was blunt when asked if China has surpassed the U.S. in cyber and surveillance operations.
“No,” he said.
“Are they getting better? Yes,” he said. “But I think the question always comes back to us [and] how do we address it. And what are our competitive advantages against a nation that has so much scope, so much scale and increasing sophistication?”
He pointed to NSA advisory circulated in May, in which the agency and its partners said they had discovered indications of a Chinese “state-sponsored cyber actor using living-off-the-land techniques to target networks across U.S. critical infrastructure.”
“Cyber actors find it easier and more effective to use capabilities already built into critical infrastructure environments. A [Chinese] state-sponsored actor is living off the land, using built-in network tools to evade our defenses and leaving no trace behind,” NSA Cybersecurity Director Rob Joyce said in the advisory.
Gen. Nakasone asserted that the NSA retains key advantages over China in the cyber realm, including a strong, durable “global set” of intelligence partnerships with like-minded nations working to thwart future threats posed by Beijing.
Gen. Nakasone also touted the growing cohesion between U.S. government cyber intelligence operations and the private sector. “Being able to leverage the private sector, being able to work with the private sector, being able to understand what the private sector is doing is tremendously important,” he said.
He added that the collaboration gained momentum following the 2020 “Solar Winds” hack, a massive cyberattack in which a group with suspected ties to Russia penetrated thousands of organizations globally, as well as sensitive parts of the federal government.
In the wake of the attack, the founder and former CEO of the private cybersecurity firm Mandiant came to the NSA to discuss what the firm was seeing, said Gen. Nakasone, who added that the meeting set in motion the “growth of the Cybersecurity Collaboration Center.”
“This is [what] the NSA has today, an unclassified facility outside of our gates that’s engaging with over 400 different private-sector companies in the defense industrial base,” he said, adding that “they talk to us because we have this incredible element of intelligence that comes from our work outside the United States, but they also talk to us for the fact that when you’re talking to one of our folks, … it’s known they’re talking to the experts.”
The NSA, the general noted, is currently “in the midst of perhaps the largest growth in our agency’s history,” hiring an expected 3,000 new employees over the coming year as a generation recruited during the agency’s last major surge in the late 1980s moves toward retirement.
In May, President Biden nominated Air Force Lt. Gen. Timothy Hough to replace Gen. Nakasone. Gen. Hough has yet to be confirmed by the Senate.