The ongoing debate over the role of the U.S. government in cyber-warfare is stalling the military’s efforts to develop and deploy relevant technology, according to the former director of the Central Intelligence Agency.
“Philosophical issues are freezing us and making us unable to take steps,” Michael Hayden, a former CIA director and retired Air Force general, told an audience Monday at the 2013 Air Force Association’s Air & Space Conference and Technology Exposition in National Harbor, Md. “We have not yet decided what it is we want our government to do or what it is we will let our government do.”
More coordination and integration is needed between agencies such as Department of Homeland Security, the Federal Bureau of Investigation and U.S. Cyber Command, Hayden said. The country also must find more qualified candidates for cyber-related jobs, he said.
“This is hard,” Hayden said. “We’re still kind of getting organized. We certainly need more trained people with tech competence.”
The Edward Snowden case has triggered a public uproar and “grand national debate” over government access to online information, Hayden said.
Snowden, a former National Security Agency contractor recently granted temporary asylum in Russia, is accused of leaking information about classified U.S. surveillance programs to news organizations in the U.S. and United Kingdom.
In the aftermath of the scandal, the NSA has skilled workers that remain underutilized, Hayden said.
The global technological landscape is changing, as evidenced by the so-called Arab Spring, in which social media-inspired mass protests and political turmoil rocked countries such as Egypt, Hayden said. Threats exist from nation-states as well as non-state actors, he said.
Cyber-attacks are targeting a rising number of government and corporate institutions, Hayden said, citing recent Iranian-backed intrusions against U.S. banks.
“The Iranians have conducted massive, serial distributed denial of services attacks against American banks — Bank of America, Wells Fargo JP Morgan Chase,” he said. The so-called denial-of-service attacks targeted the bank’s websites, resulting in 3 million hits a minute, up from 15,000 hits a minute, he said.
Cyber espionage can take many forms, including simple effort to steal information such as pin numbers, personal data, intellectual data and trade secrets, Hayden said.
The NSA plans to form 60 teams in a cyber command to address such issues, Hayden said. A third of the teams will work on cyber defense, another third will support networks from a tactical standpoint and another third will be designated “national mission forces” to defend America’s communications and data networks, he said.
“We have to organize this fight in a domain whose characteristics are fairly unfamiliar to us,” Hayden said.