Skip to main content

U.S. won't militarize cyberspace, nominee says

From Mike Mount, CNN Senior Pentagon Producer
Lt. Gen. Keith Alexander is the current director of the National Security Agency.
Lt. Gen. Keith Alexander is the current director of the National Security Agency.
  • Lawmakers concerned over role of Cyber Command in defending computer attacks
  • Potential for conflict between military and civilian defenders in case of attack
  • The military does not operate inside U.S. unless authorized by the president

Washington (CNN) -- Cyberspace will not be militarized by the United States to protect the country from attacks on civilian computer networks, according to the Obama administration's nominee to head the new U.S. Cyber Command.

During Senate confirmation hearings, Lt. Gen. Keith Alexander tried to alleviate concerns by senators who were nervous the new position could violate laws which prevent the military from operating in domestic issues.

Senators worried the new position of overseeing the military's cyber defense efforts for the Pentagon could blur the lines between Alexander's current civilian role of leading the National Security Agency (NSA), which also plays a role in protecting the nations computer networks by monitoring domestic electronic communications.

If confirmed, Alexander will have two jobs.

"This is not about efforts to militarize cyberspace," he said. "Rather it's about safeguarding the integrity of our military system. My goal if confirmed will be to significantly improve the way we defend ourselves in this domain."

Since going online in September, the Pentagon's new Cyber Command, or CyberCom, has concerned lawmakers because of its role in defending computer systems. The command is in charge of defending the U.S. military's computer networks and would operate in the same theater as the civilian defenders in the Department of Homeland Security (DHS) and the NSA.

The U.S. Cyber Command also has more powerful tools to fight and defend against cyber attacks than does the DHS, a potential problem when time is of the essence during an attack.

The U.S. military is not allowed to operate within the boundaries of the United States unless authorized by the president. DHS is on charge of cybersecurity inside the border of the United States.

Alexander assured the panel he would work to define how far his new role could reach domestically and work with the DHS to share tools and develop strategies that would help both agencies work together.

"Our responsibility is to provide technical support to the DHS to help them build the technology they need to defend networks," he said.

Congressional members also asked Alexander how he envisioned working out an attack by a separate country or a non-U.S.-based group, which directed the attack though U.S.-based computers, putting the electronic strike under the responsibility of DHS and raising privacy issues for U.S. citizens.

"That's one of the things the administration is trying to address," Alexander said.

There are a host of legal and policy issues still to be worked through, according to Alexander, who answered the question with a careful description of working closely and coordinating with DHS and the president, who would have the final say in how to execute orders in such a case.

Alexander also warned of a "mismatch between our (military's) technical capabilities to conduct operations and the governing laws and policies," for cyber warfare.

He provided answers in written form to questions by senators which were submitted for the record but not discussed during the hearing.

He assured the panel that the civilian leadership is "working hard to resolve" the disparity, but he did not elaborate.

Many of Alexander's responses to the panel were provided in a classified document not available to the public.

Military leaders have often been silent when discussing cyber operations in public because of the fear of allowing information to be used by adversaries to get around U.S. computer defenses.