NOVEMBER 20, 2021
Every day, foreign adversaries make millions of attempts to scan America’s military networks, Director of the National Security Agency and Commander of U.S. Cyber Command Gen. Paul Nakasone says, and there is incredible pressure to defend the nation from those adversaries.
“What’s at stake is obviously the security of our nation,” Nakasone told ABC News Chief Justice Correspondent Pierre Thomas in an exclusive interview. “We don’t want to have a failure to imagine what’s happening.”
ABC News was granted exclusive behind-the-scenes access to the “Battle Bridge” where the secret spy agency’s cyber operations take place.
Everyone from sailors to civilians works on the main floor of the Integrated Cyber Command Center at Fort Meade in Maryland outside Washington.
“This is military, civilian, contractor. This is Department of Defense. This is intelligence community. This is other agencies of our government. They’re all resident here working side by side,” Nakasone said, adding that they have “unlimited reach.”
The surge of ransomware is a national security issue, Nakasone said, adding that if you asked him a year ago what he thought about the response, he’d say it was a criminal matter.
“Think of your day, think of my day,” he said. “What do we do with regards to our information? How do we communicate? How do we buy things? How do we store our money? This is all done online. This is what our nation has been able to leverage for so many years. This is an important medium. And we have to make sure that that medium is safe and secure.”
To do so, the U.S. Cyber Command uses “Hunt Forward” teams.
“Our ‘Hunt Forward’ teams are defensive teams that are requested by a partner, an ally, a country to come and hunt on their networks. Why do we do that? Because we do that to be able to identify malware and tradecraft of our adversaries,” he said. “Once we do that, we share that with the private sector and that provides a level of inoculation or protection from that type of malware. So, we’ve done 24 missions over the past several years.”
Nakasone said he first heard about the Colonial Pipeline ransomware attack in the news media.
In May, hackers, who the government later said were based in Russia, caused Colonial Pipeline’s fuel lines to shut down and created a major disruption in the nation’s fuel supply and a run on gas stations along the East Coast.
“I heard about it from family members that said, ‘Hey, aren’t you the commander of U.S. Cyber Command and the director of NSA? Can’t you do something about this?’ That’s the moment in time when I knew that this is serious, this is touching the American people,” he said.
In addition to Colonial Pipeline, meat supplier JBS was hacked by a different Russia-based group, REvil, authorities said, prompting the Justice Department to put out a $10 million reward for information leading to its founder.
That reward shows the “national power” being applied against ransomware attacks, Nakasone said.
Stopping and protecting against cyberattacks takes private and public partnerships, he said, and 90% of the nation’s critical infrastructure is in the private sector.
Nakasone said six months ago he would have given American businesses a “low C” for investing in infrastructure to protect their networks and educating the workforce.
“I think that we’ve gotten a lot better since then, but we still have a ways to go,” he said.
Nakasone also assured Americans that the agency is not spying on Americans, as some have alleged.
“What I would say that makes me so confident is every single person that works at our agency whether they’re military, civilian, the first thing you do, you swear an oath to defend the Constitution,” he said. “The second thing is we have robust training here. And the third thing is we have a culture of being able to look and ensure what we’re doing is by the book and by the law.”
Asked about intelligence failures in Afghanistan, Nakasone said things always look different in hindsight.
“I think with any mission we always take a look back and say, ‘What could we have done better?’ We’ve had 20 years of experience in being able to deploy our people to Afghanistan, think about it,” he said. “What really was the difference is not the fact that we sent great technology or the fact that we had superb tradecraft, it was our talent that went to Afghanistan. But we’ll take a look back and we’ll say what could we have done better certainly.”
He said the NSA takes security seriously, especially after well-known security breaches like the case of Edward Snowden. “We take security incredibly seriously here. There’s a vigilance that’s applied to it. Understanding exactly what takes place here is something that we have learned our lessons on, and we’ll continue to make sure that we have a safe and secure workplace to make sure that we can operate from.”
Nakasone said a top priority is recruiting and maintaining the best talent, adding he prides himself on the diversity of U.S. Cyber Command and NSA’s workforce.
“One of the things that makes this place go, that makes our agency and command go, the best people. And so how do we recruit? How do we retain? How do we ensure the population can rejoin our agency once they go to the private sector? That’s what keeps me up at night,” he said.