President Obama plans to create a new intelligence unit to coordinate analysis of cyber threats and will lay out more details about its mission Friday during a cyber-security summit at Stanford University.
Lisa Monaco, Obama’s homeland security and counter-terrorism adviser, announced the plans for forming the Cyber Threat Intelligence Integration Center at an event at the Wilson Center think tank in Washington earlier this week.
But key members of Congress on both sides of the aisle say the administration has done little to reach out to Congress to lay the groundwork for the new agency.
“I don’t know much about it — other than whenever the administration faces a problem, they create another bureaucracy to try to deal with it,” Sen. John McCain, R-Ariz., who chairs the Senate Armed Services Committee, told the Washington Examiner.
McCain also said he didn’t know how the new agency will get its funding.
Rep. Adam Smith, D-Wash., the top Democrat on the House Armed Services panel, said he’s taking a wait-and-see approach to the new center to see whether it duplicates the work of other departments such as the Defense Department’s cyber command and the Homeland Security Department’s National Cyber-security and Communications Integration Center.
Both entities have spent the last few years working to integrate their work and it’s unclear how the new agency will fit in, Smith said.
“We have a consolidation problem” when it comes to counter-terrorism agencies, Smith said. “At the end of the day, you have to figure out how it all works together.”
Monaco on Tuesday said the new agency would rapidly collect and analyze data on cyber breaches and quickly share the information with other agencies.
“Currently, no single government entity is responsible for producing coordinated cyber-threat assessments,” she said.
Obama threatened vetoes of congressional cyber-security legislation because of personal privacy concerns in 2014, but he has set those concerns aside this year in the wake of hacking attacks against Sony, Target Corp., Home Depot, Anthem Inc., as well as the Pentagon and other government agencies.
The president is now pressing Congress to pass cyber-security legislation quickly, expressing new urgency after the Sony attackers stole data, damaged thousands of computers, and succeeded in stopping the studio from releasing a feature film about an imagined assassination attempt on Kim Jong-Un.
“It was a game-changer because it wasn’t about profit — it was about a dictator trying to impose censorship and prevent the exercise of free expressions,” Monaco said, noting that the threat is becoming more diverse, sophisticated and dangerous.
“I worry that the malicious attacks like the one on Sony Pictures will increasingly become the norm unless we adapt quickly and take a comprehensive approach, just as we have in other contexts,” she said.
Those supporting the creation of a new fusion center for cyber-threat information compare it to the formation of the National Counter-Terrorism Center back in 2002. The NCTC also was established by presidential directive and later codified into law in broader counter-terrorism legislation.
In the months after the Sept. 11, attacks Congress was focused on trying to prevent the stove-piping of intelligence information in different agencies, from the FBI to the CIA and National Security Agency. The NCTC aimed to break down the walls.
Rep. Dutch Ruppersberger, D-Md., a top Democrat on the Intelligence Committee and the co-author of several sweeping cyber-security bills, called the president’s announcement of a new cyber-security agency “a really great start” and rejects arguments that it’s duplicative of other existing government programs.
“If you look back at 9/11, we had too many stovepipes — and now we’re in the exact same position with regard to cyber threats,” he told the Washington Examiner.
Ruppersberger said he expects the new CTIC to fall under the umbrella of the office of the Director of National Intelligence, which was formed to facilitate information sharing among the FBI, CIA and other intelligence agencies. In hindsight, those jurisdictional battles were blamed for the intelligence community’s failure to connect the dots on information that could have tipped them off to al Qaeda’s Sept. 11 plot.
“The costs to private business of hacks last year alone was $1 trillion dollars — that’s a high cost — a lot of jobs that it could have been spent on,” he said. “We have to have a strong way to stop it.”
John Cohen, who served as the principal undersecretary at DHS for intelligence and analysis and is now a professor at Rutgers University, says there’s a “real need” to expand the nation’s ability to quickly and strategically analyze and respond to cyber-threats and attacks.
“We have seen a blending of the threats that are considered cyber and those of the physical world — physical attacks against infrastructure and physical buildings,” he said. “Now those worlds are coming together.”
Because of this, he said the new center will merge broader intelligence information about threats from terrorists and others and their larger strategy with more specific cyber-related plots.
The challenge, he said, is whether the placement of the center within the intelligence community, instead of at DHS, will hamper efforts to integrate the two worlds.
“Is the role of the center simply to conduct analysis to inform DNI and the [Pentagon’s] cyber command?” he asked. “Or is the director of the center also playing the role of mission manager [for all cyber threats and attacks]?” he asked.
Right now the protection of different government cyber infrastructure is scattered across a slew of agencies. DHS, Cohen said, is responsible for protecting the .gov domain and to a lesser degree the private sector while the NSA tries to guard against attacks to the .mil domain. Through the cyber command center, DoD has the responsibility for defensive techniques for all cyber plots and threats.
Meanwhile, the U.S. Secret Service and the FBI share responsibility for cleaning up after and trying to prevent major cyber-intrusions where the attackers receive a financial haul, as in the Target and Home Depot cases.
“There’s overlap in those roles and the government has not determined who has primacy,” Cohen said.
“One of the dangers that you have to be aware of as you are putting together this new analytic center is not to restrict the information they have access to,” he added.
