WASHINGTON: The 2020 election has the potential for an epic train wreck: In-person voting disrupted by COVID-19, mail-in ballots denounced and opposed by President Trump, online voting systems notoriously buggy (and sometimes insecure), and the electorate bitterly divided in ways that Russian trolls can easily exploit. But the four-star general in charge of election defense, Gen. Paul Nakasone, exuded confidence this morning.
“Our number one goal, our number one objective at the National Security Agency and US Cyber Command, is a safe secure and legitimate 2020 elections,” said Gen. Nakasone, who heads both NSA and CYBERCOM. “How are we going to do that? First of all, we’re going to generate insights about our adversaries, much like [in] 2018. We’re going to know our adversaries better than they know themselves.”
That’s an extraordinary claim, and Nakasone didn’t provide extraordinary evidence to back it up in his talk this morning to AUSA. The legendary Chinese sage Sun Tzu famously advised commanders to “know your enemy and know yourself,” adding that the leader who knew neither was doomed to defeat, but even he didn’t discuss the possibility of knowing the enemy better than they knew themselves. That would take an intelligence coup on the scale of cracking German and Japanese codes in World War II.
Get started on your cybersecurity degree at American Military University.
Of course, Nakasone can hardly tell the public what his sources are. But we do know that the Pentagon has embraced a much more aggressive approach to cyber defense in recent years. Unleashed by President Trump in a 2018 directive, the new “persistent engagement” strategy includes “hunt forward” operations inside friendly nations’ networks (with their permission) and “defend forward” operations inside adversaries’ networks (obviously without their permission).
Nakasone also created a dedicated cybersecurity directorate within the National Security Agency, arguing NSA had lost focus on the defensive side of its mission. The NSA’s technical talent and ability to gather “rich, robust and penetrating intelligence …that tells us what our adversaries are doing” plays a vital role in guiding defensive efforts, he said.
Finally, Nakasone’s cyber hub at Fort Meade, – home to both the NSA and Cyber Command – has also been working more closely with civilian agencies like Homeland Security since the 2018 elections. For 2020, he said, the military seeks to expand that partnership beyond the government.
“We’re going to broaden that partnership,” Nakasone said. “In academia, we have a number of great institutions that are doing work to take a look at role of social media and influence operations, [such as] Clemson University or Stanford University or other universities. There’s tremendous work ongoing; we want to make sure that we partner with them.”
The general argued that American academia is a national source of strength in other ways as well, creating a pool of talent that adversaries cannot match. “There is no nation on Earth that has the universities, that has the innovation spirit, that has the capability to develop the talent that we have today,” he said.
While some of us are highly educated, however, Nakasone acknowledged that Americans can be pretty stupid about cybersecurity sometimes “We’ve allowed our adversaries to literally use the most simple techniques,” he said. “[Avoiding] clicking on links that lead to malicious software, patching our operating systems, [using] proper password or two factor authentication — those three things, in general, would eliminate roughly 90 percent of the threats that we’ve seen today.”
“We need to raise that bar,” he said. “We need to make sure our adversaries are having to use their most sophisticated techniques. Because today, they’re not.”
From this perspective, it sounds like our adversaries may know us better than we know ourselves.