Senators Ready to Give NSA More Domestic Power Over SolarWinds Hack

The head of the NSA and US Cyber Command said he cannot access private servers quickly enough to thwart cyberattacks due to 'legal barriers'

Several members of the Senate Armed Services Committee appear eager to hand over more domestic authorities to the NSA and US Cyber Command under the guise of protecting the US from cyberattacks by foreign adversaries.

During a hearing last week, the committee heard testimony from Gen. Paul Nakasone, who heads both the NSA and Cyber Command. Nakasone was asked about two recent cyber intrusions that are being blamed on Washington’s favorite foreign bogeymen; Russia and China.

The intrusion that has received the most media attention is the hack of software firm SolarWinds that apparently affected several government agencies. Without providing any evidence for the claim, US intelligence agencies claimed that the SolarWinds hack was “likely” Russian in origin.

The SolarWinds hack is being portrayed as a sophisticated cyberattack that could have only been carried out by an elite unit of Russia’s intelligence service. But the reality is, as revealed by congressional testimony from SolarWinds’ current CEO and former CEO, the software firm’s password, which was “solarwinds123,” was publicly available on the internet for years. A cybersecurity expert that used to advise SolarWinds told Reuters that the hack “could have been done by any attacker, easily.”

The other attack Nakasone was asked about was the intrusion into Microsoft’s email server that apparently affected several industries, including think tanks and military contractors. While the US government has not formally attributed blame, Microsoft claims it was done by a Chinese state-sponsored group, which is enough for US lawmakers and media outlets to blame Bejing for the incident.

When asked how he missed these cyberattacks, Nakasone said it is because these so-called “adversaries” are launching attacks from US networks. “They’re no longer just launching their attacks from different parts of the world. They understand that they come into the United States, use our infrastructure, and there’s a blind spot for us not being able to see them,” he said.

Nakasone explained that neither US Cyber Command nor the NSA has the authority to quickly access domestic networks since there are “legal barriers” in the way and “disincentives” for private companies to share network information with the government.

“What I am identifying right now is our adversaries understand that they can come into the United States and rapidly utilize an internet service provider, come up and do their activities, and take that down before a warrant can be issued, before we can have surveillance by a civilian authority here in the United States,” he said.

While Nakasone did not outright ask for new domestic authority, the senators seemed eager to give it to him. “I would like to work with the committee on getting you those authorities,” said Senator Kirsten  Gillibrand (D-NY). Senator Mike Rounds (R-SD) said Nakasone’s inability to access private servers is “a case of where we’ve made laws we think are correct and we don’t use our resources.”

Besides the SolarWinds and Microsoft hacks, the US public has been bombarded with claims of alleged cyberattacks or election interference for years now by countries like Russia, China, and Iran. These constant claims have served to give US Cyber Command and US intelligence agencies more authority in the past.

In early March, a report from The New York Times said the Biden administration was preparing cyberattacks against Russia over the SolarWinds hack. Sources told the Times that in 2018, President Trump gave US Cyber Command more authority to go on the offensive in the cyber realm. Last year, Yahoo News reported that Trump also gave the CIA more authority to carry out cyberattacks.

Author: Dave DeCamp

Dave DeCamp is the news editor of Antiwar.com, follow him on Twitter @decampdave.