Compliance Management, Government Regulations, Network Security

Should NSA monitor your networks? Director Nakasone says no, ‘I’m not seeking legal authorities’

Paul Nakasone, director of the National Security Agency (NSA) and commander of the U.S. Cyber Command, speaks during a House Intelligence Committee hearing on April 15, 2021 in Washington, D.C. (Photo by Al Drago-Pool/Getty Images)

At a pair of hearings on Wednesday and Thursday that dissected the U.S. intelligence community's annual Worldwide Threats Report, National Security Agency and U.S. Cyber Command Director Paul Nakasone again pushed back against a brewing Senate plan for the NSA to monitor domestic networks for foreign hackers.

"I've said I'm not seeking legal authorities either for NSA or U.S. Cyber Command," said Nakasone.

Dating back to the first SolarWinds hearing, senators have suggested expanding NSA powers to solve a key blind spot in U.S. intelligence: What happens when nation-state hackers use U.S. computer systems to launch attacks? The NSA is not chartered for domestic surveillance, meaning a foreign government that routs an attack through a cloud system in Kansas eliminates some visibility for the intelligence community. This was one element of the SolarWinds campaign and other campaigns launched by foreign governments.

The FBI, traditionally, handles law enforcement and counter-terrorism on U.S. soil.

There have been two main proposals on how to address the issue, in addition to an executive order signed by the Trump administration last year. One group, including Senator Angus King, I-Maine, proposed expanding NSA visibility to domestic infrastructure. Another, including Senator Mark Warne, D-Va., proposed requiring organizations who become aware of espionage campaigns in their systems to contact a government authority. The Trump administration signed an executive order last year for cloud providers to create Know Your Customer laws, making it more difficult for foreign hackers to rent domestic systems for launching attacks.

Nakasone said the blind spot issue is a legitimate threat: "When an adversary decides that they're going to conduct an intrusion into a U.S. company or U.S. government agency, they realize that if they come into the United States, and use an internet service provider in a period of time, they can quickly conduct operations and virtually not have any coverage in a timely manner from [the FBI's] ability to do surveillance."

"They understand the timeline that it takes for a warrant to be done, and so they are able to expose this gap," he added.

But Nakasone and other intelligence officials at the hearings were more supportive of the proposed requirement to notify the government of attacks. Director of National Intelligence Avril Haines described it as a "useful" policy; FBI Director Christopher Wray described it as "one of the places where the most significant progress could be achieved."

Warner ended the hearing saying the Senate Intelligence Committee would soon produce a incident notification bill. A House bill is already in the works.

Joe Uchill

Joe is a senior reporter at SC Weekly, focused on policy issues. He previously covered cybersecurity for Axios, The Hill and the Christian Science Monitor’s short-lived Passcode website.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.