Congress asks about cyber black ops

A recent written exchange between the Senate Armed Services Committee and the nominee for the Director of National Intelligence indicates the pace with which cyber warfare has progressed might already have outpaced existing policies and laws such as those requiring proper reporting of clandestine operations to Congress.

It should be no surprise to anyone that the U.S. military has offensive cyber capabilities, and on occasion may have used them in clandestine operations known as black-ops. Security experts believe China, Russia and the United States are in a dead heat when it comes to cyber capabilities.

As a regulator requirement, our military provides a classified quarterly report on clandestine activities as part of congressional oversight. After reviewing that report in mid-January, Congress quickly pointed out the absence of cyber operations in the document provided. This became very public as the Senate Armed Services Committee questioned Mike Vickers, the nominee for director of National Intelligence. Vickers replied and quickly pointed out that cyber/high-tech operations are not specifically listed in the law requiring the reporting of clandestine operations.

Were members of the Senate Armed Services Committee just asking general questions or were they looking for something specific? Could the vague inquiry have been related to claims that the U.S. military/intelligence community was involved in the sophisticated Stuxnet cyber attack on Iran’s nuclear enrichment program? That is a real possibility since Iran announced its intention to pursue legal actions through the International Courts against Israel and possibly others (United States and United Kingdom) for the murders of its scientists including the chief Stuxnet investigator.

The pace with which the cyber domain is changing is far greater than what we are accustomed to dealing with. Perhaps an honest oversight took place, or has the pace with which cyber warfare has progressed outpaced the policies and laws, such as the ones requiring proper reporting of clandestine operations to Congress. If it was directed at the Stuxnet incident, those are the topics best addressed behind closed doors in a classified setting and the questioning was way out of line for this setting.