Killer Apps found it interesting that cyber security featured prominently in last week's confirmation hearing of Sen. John Kerry, with the next secretary of state calling cyber threats the nuclear weapons of the 21st century. He even went so far as to agree with Sen. Dick Durbin's (D-Ill.) labeling of cyber security as the world's "greatest threat."
My how things have changed. During Condoleezza's Rice's 2005 confirmation hearing there was nary a mention of cyber, hackers, or even the Internet. The trickle of cyber awareness at confirmation hearings for secretaries of state and defense began in 2006, when Robert Gates acknowledged that Chinese computer hacking was a threat -- but he admitted that he wasn't too well versed in it. Fair enough: the Iraq War was raging and COIN was the theme of the day. It wasn't until 2009, with Secretary of State Hillary Clinton's confirmation hearing, that the word "cyber" was brought up.
There is almost certain to be cyber talk at Chuck Hagel's confirmation hearing tomorrow. Hagelians in the Obama administration reached out to Killer Apps earlier this month to argue that the nominee gets cyber. Stay tuned: this afternoon we'll bring you a look at how Hagel answered advance questions on cyber that the Armed Services Committee sent him.
In the meantime, here's a look at what nominees have said over the last decade. Use it as a rough, unscientific measurement to the growing cyber awareness among the U.S. government's national security leaders.
Condoleezza Rice's testimony to the Senate Foreign Relations Committee, Jan. 18, 2005:
No mention of "cyber," "Internet," or "hacker."
Robert Gates' testimony to the Senate Armed Services Committee, Dec. 5, 2006:
While the term cyber wasn't specifically mentioned, Sen. James Inhofe (R-Okla.) asked Gates for his take on Chinese hackers breaking into the U.S military and defense contractor networks between 2003 and 2006 as part of the Titan Rain attacks. Gates, admitting to being under informed about Titan Rain's details (understandably), framed these attacks as more of an intelligence and counterintelligence perspective rather than as one element in an entirely new combat domain -- akin to sea, air, space and land. That would change by the end of his tenure:
Inhofe: "But I am concerned about China, and I'd like to hear what your thoughts are. Just in the last month the Chinese hackers, as you, I'm sure, have read, have shut down the e-mail and official computer work at the Naval War College. This is referred to by this commission as the Titan Rain..."
Gates: "Yes, sir. I have not read the reports. I would be more than willing to do so. I've been aware, just from reading in the newspapers, it's been a number of years since I received any classified intelligence on what the Chinese were up to.
But it's been my impression that they've had a very aggressive intelligence-gathering effort against the United States.
Some of these other things that you've mentioned, this is the first time I've heard about that. And clearly, if confirmed, this would be something that I would want to get well-informed on."
Hillary Clinton testimony to the Senate Foreign Relations Committee, Jan. 13, 2009:
Only two years later, things had radically changed. Then Sen. Clinton mentioned "cyber" in a list of weapons of mass destruction that posed "the gravest threat" to the United States should they fall into the hands of terrorists. And she said would reorganize the state department to handle "these new threats."
Clinton: "The gravest threat that America faces is the danger that weapons of mass destruction will fall into the hands of terrorists. We must curb the spread and use of these weapons -- nuclear, biological, chemical, or cyber -- and prevent the development and use of dangerous new weapons."
She went on to say:
"You add to [traditional WMD] the growing threat of cyber terrorism, which has the potential of disrupting the networks we rely on for all kinds of things, like traffic signals and electric grids and the like, which would be incredibly disruptive and dangerous -- I mean, this is the number one threat we face, there's no doubt in my mind. So we're going to start calling it such. We're going to reorganize the department to be better prepared to deal with nonproliferation, arms control and these new threats."
Leon Panetta's testimony to the Senate Armed Services Committee, June 9, 2011:
Finally, we get to Defense Secretary Leon Panetta's June 2011 confirmation hearing where cyber security featured prominently. This was the first such hearing where the both senators and the nominee, who was then director of the CIA, seemed to have a fairly strong grasp of cyber security. Panetta hints at his desire to expand DOD's cyber fighting capabilities and its role in defending U.S. critical infrastructure from cyber attack -- something that has been one of the hallmarks of his relatively brief tenure as defense secretary. You also get the sense that Panetta understands that cyber is much bigger than buying the best software and hackers -- that dealing successfully with cyber threats may mean establishing international codes of conduct dealing with cyber war, espionage and crime.
Sen. Jack Reed (D-RI.): "There is a whole a whole new dimension [of conflict, in addition to land, air, sea], cyber. I don't think we know enough yet to be fully prepared, fully conversant, but can you comment briefly on the strategy that you will try to develop?
Panetta: "There is no question that the whole arena of cyber attacks, developing technologies in the information area represent potential battlefronts for the future. I have often said that there is a strong likelihood that the next Pearl Harbor that we confront could very well be a cyber attack that cripples our power systems, our grid, our security systems, our financial systems, our governmental systems.
This is a real possibility in today's world. And as a result, I think we have to aggressively be able to counter that. It is going to take both defensive measures as well as aggressive measures to deal with it. But most importantly, there has to be a comprehensive approach in Government to make sure that those attacks don't take place.
My goal would be to work very closely with [NSA] and with others to develop not only the capability, but also the law that I think we need to have in order to determine how we approach this challenge in the future."
Sen. Kirsten Gillibrand (D-NY): "Can you share with us any of your vision, design, goals with regard to how we create a greater platform for cyber security and cyber defense?"
Panetta: "This is an area of great concern for me because I think what I have witnessed at the CIA and elsewhere is that we are now the target of increasing attacks that go after our systems, and it is extremely important for us to do everything we can to confront that threat.
He went on to say: "What I would like to do is to develop an even more effective force to be able to confront cyber terrorism, and I would like to work with you on the effort to try to develop those kinds of relationship not only here, but abroad, so that other countries can work with us in this effort. We talk about nuclear. We talk about conventional warfare. We don't spend enough time talking about the threat of cyber war."
Dana Stuster contributed to this report.