March 13, 2014 Notes from the Pentagon

Cybercom's Michael Rogers confirms Russia conducted cyber attacks against Ukraine
Russia is conducting cyberwarfare operations against Ukraine as part of its military incursion into Crimea, the Navy admiral designated to be the next commander of U.S. Cyber Command told Congress this week.

Vice Adm. Michael Rogers, the nominee to head Cybercom and the National Security Agency, also said his biggest challenge if he is confirmed for the posts will be dealing with the threat of cyberattacks and penetrations of U.S. computer networks.

Under questioning from members of the Senate Committee on Armed Services, Adm. Rogers confirmed the Russian cyberattacks while reserving details for a closed session of the committee.

“We clearly see that there’s an ongoing cyber element to the challenges in the Ukraine at the moment,” the three-star admiral said.

Pressed for details, Adm. Rogers acknowledged that Russia’s military possesses sophisticated cyberwarfare capabilities and could inflict considerable damage on Ukraine’s critical infrastructure, such as telecommunications and government networks.

According to U.S. officials, the Russians have conducted cyberstrikes against Ukrainian telecommunications networks as part of the incursion into Crimea, where Moscow sent at least 10,000 troops after the ouster of pro-Moscow President Victor Yanukovych. The forces are in a standoff against a small number of Ukrainian military units.

“Clearly, cyber will be an element of almost any crisis we’re going to see in the future,” Adm. Rogers aid. “It has been in the past. I believe we see it today in the Ukraine. We’ve seen it in Syria, Georgia.”

A U.S. official said the website of Ukraine’s National Security and Defense Council was shut down Tuesday in a cyberattack.

The cyberattacks involved what officials said was a sophisticated malicious software called Snake that some analysts have compared to the U.S. Stuxnet malware used to destroy some Iranian nuclear centrifuges a few years ago.

That software allows remote users — believed in Ukraine to be part of the Russian GRU military intelligence service — to conduct cyberespionage and digital attacks that could destroy data or disable networks.

On dealing with cyberthreats, Adm. Rogers said: “Adversaries today seek persistent presences on military, government, and private networks for purposes such as exploitation and potentially disruption.”

In written answers to questions posed by the committee, he stated: “We as a military and a nation are not well positioned to deal with such threats. These intruders have to be located, blocked, and extracted, sometimes over long periods of time.”

U.S. information systems and networks and communications networks are vulnerable, and U.S. military forces lack training and readiness “to confront advanced threats in cyberspace,” he said.

The commander of U.S. forces in Afghanistan revealed Wednesday that al Qaeda terrorists in the country have been weakened in military counterterrorism operations. But the terrorist group is expanding cooperation with other extremist networks in the country, Marine Corps Gen. Joseph F. Dunford said in written testimony to the Senate Committee on Armed Services.

The commander disclosed the “state of the threat,” that sustained attacks “have prevented al Qaeda’s use of the country as a platform for terrorism.”

“Operations have restricted their permanent presence to isolated areas of northeastern Afghanistan and have resulted in only a seasonal presence in other parts of the country,” the general stated. “These efforts have forced al Qaeda to focus on survival rather than on operations against the West.”

Military strikes and special operations commandos have eliminated fighters and facilitators and prevented attacks on the United States like those of Sept. 11, 2001, he said.

Gen. Dunford warned, however, that the battle against the Islamist terrorist group is not over.

“Continued operations are necessary to prevent al Qaeda from regenerating degraded capabilities,” he said, adding that the extremist network in Afghanistan has become “more complex” over the past 10 years.

“Where at one time al Qaeda could be isolated — as we intended to do in 2001 — extremist networks have now expanded in the country,” he said. “Increased cooperation and coordination can be seen between al Qaeda and other extremists like the Haqqani Network, Tahrik-e Taliban Pakistan, and Lashkar-e-Taiba.”

The Haqqani Network is “the most virulent strain of the insurgency, the greatest risk to coalition forces, and a critical enabler of al Qaeda,” he said, noting that the group shares the Taliban goal of expelling foreign fighters from the country.

Taliban insurgents continue to threaten Afghanistan and remain potent enemies, Gen. Dunford said.

The communist regime in North Korea is continuing to evade international sanctions on its nuclear and missile programs, according to a U.N. report made public Tuesday.

“There have been no signs that the Democratic People’s Republic of Korea intends to respond to the Security Council’s calls to abandon its nuclear, ballistic missile and other weapons of mass destruction programs,” the report by a U.N. panel said. “On the contrary, it is persisting with its arms trade and other prohibited activities in defiance of Security Council resolutions, while activities related to its nuclear and ballistic missile programs continue.”

The assessment is unwelcome news for the Obama administration as it indicates that policies designed to block the flow of nuclear and missile goods and technologies around the world (one of the administration’s stated priorities) are not working.

A State Department official said the U.N. report highlights North Korea’s efforts to violate sanctions.

“We intend to review the [panel of experts’] findings carefully and pursue appropriate action to implement its recommendations,” the official said.

According to the U.N. panel members, the Pyongyang regime has developed “multiple and tiered circumvention techniques” for acquiring goods for its nuclear and missile programs. North Korea’s covert arms network includes front companies and agents in China, Iran, Cuba, Myanmar, Tanzania, Ethiopia, Uganda, Mongolia and Turkey.

The seizure in July of a North Korean cargo freighter that was held in Panama revealed some details of the North Korean covert arms supply networks, the report said. The ship was found to be carrying MiG jets, anti-aircraft weapons and explosives hidden under bags of sugar purchased from communist Cuba.

North Korea continued development of nuclear weapons, including the resumption of nuclear activities at Yongbyon, near the capital. Satellite imagery also showed the North Koreans continued work, including construction, at the Punggye-ri nuclear test site.

The North Koreans also have ignored U.N. sanctions on missile tests, although no long-range missile tests were conducted during the past year.

Missile development work included tests of large rocket motors for long-range missiles, either the Taepodong-2 missile or the new KN-08 road-mobile ICBM. Construction shown in satellite photos indicates Pyongyang is building a launchpad and a radar tracking facility.

The report stated that the North Korean government announced in a letter to the United Nations that it has developed “powerful, precise means for conducting a nuclear attack and nuclear war methods.”

State-run news outlets in North Korea also threatened last March that leader Kim Jong-un has “examined and ratified the plan of the Strategic Rocket Force for firepower strike” to include attacks on U.S. military bases in Hawaii and Guam and in the continental U.S., the report said.

  • Contact Bill Gertz at @BillGertz.

  • Return to