What is CYBERCOM Doing About Russia?

On Tuesday, Adm. Mike Rogers appeared before the Senate Armed Services Committee in his capacity as the commander of the U.S. Cyber Command (he is also the director of the National Security Agency). U.S. CYBERCOM is the Pentagon’s unified command charged with protecting the DOD’s computer networks, enabling joint force commanders by creating effects in cyberspace, and participating in the “whole of government” approach to defending the nation against cyberattacks.

To read some of the coverage, you’d think Rogers, who is due to retire this spring, made it sound like President Trump and Secretary of Defense James Mattis were tying his hands in the effort to combat Russian propaganda in the United States. But that’s not what he said.

No new authorities

Engaging in offensive cyber operations requires a directive from either the president or secretary. Rogers admitted in his testimony that he has not received any new authority to carry out cyber operations against the Russians. The key there is “new.”

The committee’s ranking Democrat, Rhode Island Sen. Jack Reed, led the charge against the administration. “Essentially, we have not taken on the Russians yet,” Reed proclaimed. “We’re watching them intrude on our elections, spread misinformation, become more sophisticated, try to achieve strategic objectives that you have recognized, and we’re just essentially sitting back and waiting.’’ (Some news outlets placed a question mark at the end when quoting Reed, but it was a statement, not a question).

Rogers tried to keep things unclassified. “I don’r know if I would characterize it as ‘we’re sitting back and waiting,’ but I will say it’s — and again, I apologize, I don’t want to get into the classified here — it’s probably fair to say that we have not opted to engage in some of the same behaviors that we are seeing.”

Reed continued to push, to which Rogers, almost lost in the crosstalk, replied, “No. We are doing some things.”

It is tempting to take Rogers’s statements as proof that the president is “soft on Russia.” Forgive me for not seeing it that way.

So What is Cybercom doing?

We know from Rogers’s testimony what they’re not doing: they’re not doing the things Russia did to us. This means they’re not hacking the email servers of Russian political parties and giving the contents to Wikileaks. They’re not using social media networks to spread disinformation and sow dissension among the Russian population. They’re not trying to break into local Russian voter registration systems.

But as Rogers tried to tell Reed, that is not the same thing as doing nothing.

Last summer, the Washington Post revealed that President Obama had approved a “previously undisclosed covert measure that authorized planting cyberweapons in Russia’s infrastructure.” The paper correctly said that it would have been Trump’s decision to continue the efforts, or to cancel them. Nothing anyone has said, even in the deepest leaks, has given any indication that those authorities are not still in place.

That is certainly what Rogers tried so hard to avoid discussing in an open hearing. That, and the fact that CYBERCOM is but one piece of the intelligence community — one whose teams are not even fully functional yet. The command has 133 Cyber Mission Force teams, comprising 5,000 people as of last October. While they have achieved initial operating capability, they will not achieve full operating capability, and their full compliment of 6,200 people, until later this year.

There’s simply no telling what other government agencies, particularly the Central Intelligence Agency, are doing in reaction to the Russians. Remember, despite the presidents public skepticism, the IC is unanimous in its conclusion, and is undoubtedly addressing the issue. The CIA, in particular, has a fair amount of experience meddling in elections and spreading disinformation itself.

To borrow a phrase from Black Swan author Nassim Nicholas Taleb, don’t confuse absence of evidence for evidence of absence.