tv Key Capitol Hill Hearings CSPAN November 4, 2015 8:00am-10:01am EST
when the missiles coming in 30 minutes and the briefings come in 30 hours. in cyberspace to go halfway around the world takes 67 milliseconds. that's your decision space. it doesn't provide any opportunity for us to miscalculate in this area. and when you think about what those who wish us harm want to do, if i were a bad guy, i'm a good guy, chairman, i believe, if i were a bad guy would look at this as a military campaign and see how don't want to attack our financial sector, our energy sector and our government. ..
for them to go fix their problem. i'm an advocate for industry upping their game having the capability to tell the government something is going on. these are areas i like to really talk about what is going on in this domain and when you look at it, in the internet, our nation is the one that created the internet. we were the first to do this. we ought to be the first to secure it. thank you, chairman. >> thank you very much, general. mr. clarke.
>> good morning, chairman mccain, ranking member reed, members of the committee. thank you for something us to testify on this very important topic. i like to highlight elements from my written statement to approach technology development and department of defense and to get at trends you and brought up earlier. what that is doing transitioning decades of military dominance we enjoyed since the cold war to now one of competition. we have to compete to maintain war fighting edge against likely adversaries. to be able to maintain our technology we need an effective strategy that goes after kinds of enduring advantages we need to be able to have to deter in the future. last time we were faced with
situation like this where we had long-term competition against a single or series of adversaries was during the cold war. during that period we used several offset strategies described by the secretary and others that could demonstrate to the soviets we would hold them at risk, attack their targets at home and attack their forces out in the field. these involved nuclear weapons initially with new look of president eisenhower's strategy in the '50s. it was followed later on with the strategies that the defense department mounted with precision strike, stealth and related capabilities, always keeping soviets on edge they didn't know if the u.s. would be able to effectively attack soviet targets at will. that kept them probably from attacking our allies in central europe. so these efforts were successful in large part though because we were able to identify the next phase, important mission areas
such as strike and undersea warfare, develop capabilities that would be effective in that next phase of those warfare areas and establish enduring advantage. i will talk about couple examples. in undersea warfare, beginning of cold war advocate of the nuclear submarine, that they would be key features of undersea warfare going into the cold war and developed those capabilities. as a result we were able to maintain dominant position in undersea warfare versus the soviets for almost entire cold war. that rebounded to benefit in terms of our strategic deterrents because we could protect our own ballistic missile submarines and threatening those of the soviet unions and ability to attack their attack submarines out at sea. another area is stealth. we saw later in the cold war soviet radar systems were getting bet he and better. those were proliferated to allies in the warsaw pact and
elsewhere. so we started to do develop stealth low technologies and low probability of detection systems we would need to be effective against the kind ever sensors the soviets were developing. to those capabilities enter force in the cold war and gulf war and later gave us advantage that is still benefiting night today in terms of ability to strike targets at will almost any place on the globe. so several decades of benefit came from anticipating next phase of warfare, developing capabilities for it and moving into that next phase with advantage that endures. so, once again now we find ourself in a situation where we are geographically disadvantaged because our allies are far away. we have to project power in order to support them. we are numerically disadvantaged because a lot of our potential versaris like china have much bigger forces than our own. we need to look at approach we took in the cold war, anticipating next phase in important warfare areas and important missions.
developing capabilities to be effective in them. that should be the heart of our technology strategy, offset strategy we talked about, the third offset secretary work talks about that look to be important to deterring adversaries we phase today. some of the ships i talk about them in detail in my written statement but to highlight major shifts, undersea warfare would see a shift of listening to submarines to passive sonar, quieting submarines where we use active sonar and non-acoustic methods to find sick marines. quiet submarines would not have same benefit as survivability as they do today. we need to detect active systems like above the water, use jammers to counter radars. we'll have to do the same thing underwater. in strike we see trend towards stealth and low probability sensors that started in cold war
but went on high abattues with the soviet union's fall. low detection features will be the in the warfare of the future. em spectrum we've been operating with very high power systems, very detectable systems and we're not going to be able to do that in the future. we'll move to systems increasingly passive and low probability of detection. there are key technologies we need to develop in those areas. last in air warfare sensory advancements, fast manueverrable aircraft will not lo longer be beneficial as large aircraft that carry big sensors and large payloads in air-to-air warfare. those are key areas we need to be able to take our existing advantage and build upon in order to be successful against the adversaries likely to face in the future. general alexander brought up sigher and space. cyberspace is obviously area of competition today. space will be an area of competition. but, it looks like given the
policy choices that the united states has made and likely to make in the future, and our own dependence on both of those areas, may not be areas where we gain a significant military advantage. we may be faced with a situation where we have to defend our current capabilities as opposed to being able to use those areas to asymphony metrically go after our enemies. may be forced into defensive mode there. so, to be able to advance these technologies we need to look how we've developed technology in the defense department. we talked about, and you talked about, senator, the fact we have 18-month cycle in technology but 18-year cycle in the defense department. there are key ways we need to drive the defense department to develop technologies more quickly. first is operational concepts. today, we developed technologies absent a real idea of how we're going to use them. we develop ways of fighting that don't take the advantage of new technologies. we need to marry those go ideas
up and leverage new technologies to build requirements that drive the acquisition system towards new systems. we also need to look at how we focus our technology investment. today our technology investment is spread all over a large portfolio of areas instead of focused on those areas that will give us greatest benefit strategically down the road. so we're watering all the flowers and hope some will turn into trees. in fact we need to focus ones most likely to turn into trees. last one, how do we develop requirements. acquisition reform has been a big topic, i know of big focus area of yours. in the department there is work going on as well. one area not addressed is need to define how we develop requirements. when we develop requirements for new platform we start from scratch every time we come up with a new airplane or ship or missile and define the requirements for it, up front before we even start building the thing. instead we need to look at ways to build requirements as we're
prototyping technologies to get an idea of what requirements will be feasible. how fast can it go for reasonable cost? what is achievable in terms of schedule. what is achievable in terms of the performance parameters of a particular weapons system. those can be defined in large part by prototyping existing technologies and building requirements as you do that. that would be how a business might go about it. in defense department we build requirements in isolation from any expectations how feasible it will be to deliver those requirements. so refining requirements process will be key feature of speeding up the introduction of new technologies. so we have an advantage. we have opportunity here with this current, our current technological capabilities, many of which are maturing in these mission areas that are really important but we need to make changes in order to leverage them to gain enduring advantage that will take us into the future. i look forward to your questions. thank you. >> thank you, chairman mccain,
ranking member reed, senators honor to be here today. we're living in midst of information revolution sweeping in its scope and scale. there are $3.8 trillion spent every year on information technology and that's more than double all military spending, r&d, procurement personnel by every country combined. that is technology in sensors, data processing, networking will have significant impacts. it is already having those impacts today. we're seeing changes in warfare much like how the industrial revolution led to changes in world war i and world war ii in tanks, aircraft and submarines. the u.s. already has been able to be first mover in information age revolution and gain many fruits of technology. gps and stealth and things we have mentioned today. now the challenge we have is this technology is proliferating to others. we got early move but don't get
monopoly. as chairman mccain mentioned, many efforts are happening outside of the defense sector. we saw in the gulf war what some of these technologies can do in terms of inflicting significant damage and lethality on the enemy but now we'll have to face that same technology and warfare. there is precedent for these kinds of changes. in the late 19th century the british developed an early model machine gun, a maxim gun, they used all across africa. but in world war one they faced an enemy that had machine guns with incredible devastating effects. in the battle of the sun, the british lost 20,000 men in single day. we're not prepared for changes that are coming as this technology proliferates to others and continues to evolve and mature. thousand of anti-tank guided missiles litter the middle east and north africa in hands of non-state groups. countries like china and russia are developing increasingly capable electronic warfare,
long-range precision strike weapons and anti-space capability as which threaten our traditional modes of power projection. now they have guided weapons they can target our forces with great precision, saturating and overwhelming our defenses. missile defenses are he have costly and cost exchange ratio favors offense. now this vulnerability of our major power projection assets, our carriers, our ships, tanks, or bases coincides with very unfortunate long-term trend in u.s. defense spending in decreasing numbers of capital assets. this precedes the current budget problem and will continue beyond it unless there are major changes. for several decades the per unit cost of our ships and aircraft steadily risen, shrinking number of assets we can afford. now to date our response is to build more capable assets. we have extremely capable, qualitatively capable ships and aircraft and submarines and
aircraft carriers. but this of course drives costs up even further reducing our quantities even more. this made sense in a world where others do not have weapons that can target us with great precision. we've been willing to make the trade. we've done so in many cases very deliberately trading quantity for quality. but this is no longer going to work in a world where others can target us as well with great precision. concentrate their firepower on our shrinking number of major combat assets. we're putting more and more eggs into a smaller number of vulnerable baskets. now the department of defense broadly refers to this access area of denial. the problem is reasonably well-understood, the problem is launching a new strategy to counter, better ship or aircraft alone will not solve the problem because of path we've been on with the acquisition system and requirement system that we have, we'll build something even more expensive. it will be good but even more expensive and have fewer of
them. so to operate in this area we need more fundamental shift in our military thinking. we need to be able to disperse our forces, disaggragate our capabilities into larger numbers of lower cost systems, operate and deceive the enemy through deception measures and decoys, and we need to be able to swarm and overwhelm enemy defenses with large numbers low-cost assets. early thinking along these lines is underway in many parts of the department. the army's new operating concept, talks about dispersed operations in anti-access areas. the marine corps is experimenting with distributing operations. naval postgraduate school is researching aerial swarm combat with 50 on 50 dogfight between swarm drones, that they're working to develop. and darpa system of systems integration technology experimentation program, one of those long dod acronyms, sosite,
to disaggragate aircraft capabilities entirely to swarm of low-cost, expendable, cooperative assets. collectively these hint at the next paradigm shift in warfare to occur from fighting as a network of a very small number of expensive exclusive assets we do today, fighting as a swarm of a large number of cooperative, distributed assets. the main obstacles that stand in our way are not fundamentally technological. we can build the technology, and within a reasonable defense budget if we're willing to make trades that are not financial. the main obstacle is conceptual. the willingness to experiment with new ways of war fighting. it is urgent we begin the process of experimentation now. thank you very much. >> chairman mccain, ranking member reed, distinguished members of the committee thank you for inviting me to join here today. it is deep honor. i'm a defense analyst who
written non-fiction books of importance of this series from private military contractors to drones and robotics, and security and my knew book, a novel. next world war with nonfiction style research with fiction style scenario with a 21st century gray power conflict to explore the future of war. this choice of scenario is deliberate. terrorism and middle east insurgencies are not going away we face return to most serious kind of national security concern that shaped geopolitics of the last century. great power competition which could spill into actual conflict either by accident or choice. in turn, the scale of such a challenge demonstrates stakes at hand hopefully we won't have to wait for to drive change. in my written submission i cover five key areas distinguish the future of war most especially in gray power context and needed actions we need to take. recognizing challenges of new domains and of conflict, space
and cyberspace. buying what i call pontiac aztek of war, defense projects overpromised overengineers and end up overpriced. i want to focus on one issue, new technology race at hand. since 1945 u.s. defense plan something focus on qualitative edge to overmatch adversaries planning to be generation ahead of technology and capability. this assumption become baked into everything from overall defense strategy, all the way down to small unit tactics. yet u.s. forces can't count on that overmatch in the future. mass campaigns of state-linked intellectual property theft has meant we are paying much of the research and development costs for our adversaries. these challengers are also growing their own cuttings edge technology. china for example, overtook the e.u. in national r&d spending and is on pace to match u.s. in five years. new projects from world's fastest supercomputers to three different long-range drone
strike programs. finally off the shelf technologies can be bought to rival even most advanced tools in the u.s. arsenal. this is crucial as not just, our many of our most long-trusted dominant platforms, from warships to warplanes, vulnerable to new classes of weapons, now in more conflict actors hands but an array of potentially game changing weapons lie just ahead in six key areas. new generation of unmanned systems, both more diverse in size, shape and form but also, more autonomous and more capable. meaning they can take on more roles, from isr to strike, flying off of anything from aircraft carriers to soldiers hands. weapons that use not just kinetics of a fist or chemistry of gunpowder but energy itself, ranging from electromagnet rail guns capable of firing projectile 100 miles and energy that reverse cost equations of offense and defense. artificial intelligence,
ubiquitous sensors and big data and battle management systems will redefine observe and orient the act. high speed rockets and missiles. 3d printing, technologies that threaten to do to the current defense marketplace what the ipod did to the music industry. and human performance modification technologies that will resame what is possible and maybe even what is proper in war. the challenge though is the comparison that can be drawn between what is now or soon to be possible versus what are we actually buying today or planning to buy tomorrow? our weapons modernization programs are too often not that modern. for example, if you start at the point of their conception, most of our top 10 programs of record are all old enough to vote for you, with several of them actually older than me. we too often commit to mass buys before a system is truly tested. locking in on a single major programs that are too big to fail and actually aren't all
that new. and dynamic shapes not just what we buy but extends their development time and ultimately our expectations how much of it we will buy decades into the future, limiting our present and future flexibility. to use a metaphor the froing per unit cost of the cart is driving where we steer the horse. at the heart of this is while disruption is the new buzzword in defense thinking today, part of the pentagon's new outreach to silicon valley, we struggle with the dual meaning of the concept. we claim to aspire for the new but to be disrupt, the outdated must be discarded. the roadblocks to disruption play at multiple levels from specific weapons programs to organizational structures to personnel systems and operating concepts. for instance, there is a long record of government funding exciting new projects that then wither away in space between lab and program of record because they can't supplant whatever old gear or program, factory or internal tribe that is in the
way. indeed there is even a term for it, the valley of death. the same goes for all new and important ideas and proposals you have heard in these hearings over the last several weeks. to be adopted though, something will have to be supplanted. as you program for the future, ultimately what you support in the new game-changers not just programs but also thinking, structures and organizations, what you eliminate in the old, and what you protect and future across that valley, will matter more than any single additional plane or tank squeezed into a budget line item or oco funding it. may even be the difference between the win or loss of a major war tomorrow. i would like to close i about everring two quotes that can serve hopefully as guidepost, one looking back, and one forward. the first is the in the last war period where churchhill said it best. want ton foresight and unwillingness to act when action would be simple and effective refusing council to until
emergency comes, these are the futures which constitute the endless repetition of history. the second is from a professor at china's national defense university arguing in a regime newspaper how his own nation contemplate the future of war. quote, we must bear a third world war in mind when developing military forces, end quote. we need to be mindful of both lessons of the past but acknowledge the trends and motion and real risks that loom in the future. that way we can take the needed steps to taken deterrents and avoid miscalculation. in so doing keep the next world war where it belongs, in the realm of fiction. thank you. >> thank you very much, doctor. general alexander, you mentioned that the legislation that was recently passed on cyber was a good step forward. what more? >> chairman, i think the key thing that has to be clear in that legislation, that when there's military response required from actions that has
to go immediately to the defense department. what i'm concerned about is, we set up process that it's delayed at department of homeland security, inspected and then sent. so how long does that inspection take? and for metadata we could do that automatically. so what i would encourage is the development of a set of standards, think of these as protocols, where both houses in congress could agree that these types of information hold no personally identifiable information, and is necessary for the protection of the nation, and could go directly to all the parties. so i'm not saying cut dhs out. i'm saying insure that dod gets it in real time. it would be analogous to a radar. instead of dod getting radar feed where the missile is, that goes to dhs and they tell you where the missile is. >> you said it is important to partner with industry. i get the impression that industry is not particularly interested in partnering with
us. >> i think there is two parts of that. it's been an exciting year-and-a-half out. what i found is industry is very much into cybersecurity. they're very concerned about what they share with the government because of liability but at the end of the day they recognize that the government is the only one that can defend them from a nation-state-like attack. >> dr. singer, is the f-35 the last manned fighter aircraft in your view? >> i don't know if it is the last because certainly other people may continue to construct them. we may as well. the question is, make historic parallel, is it's comparison thinking about interwar years, the spitfire or the to use a navy example, the wildcat systems that the investment proved worthwhile.
or is it parallel the gladiator, the last best biplane? i would ever to the committee to explore that parallel hit of a program we set the requirements. requirements were set early, and then the world changed around it. so all the things that seemed fantastic and useful about the gladiator, it was a metal biplane. it carried two machine guns. it could go faster than previous biplanes, and it was outdated before it even left the development cycle but they continued to push forward with it. the nickname among pilots that flew it during world war ii, not the gladiator but nicknamed the flying coffin. >> several of that aircraft inherited that moniker as well. >> so i think that the challenge is going to be, i'm not, we will buy the f-35. i think we'll have to wrestle with obviously issues you've
pointed out. per unit cost. how that will affect in long term our plans how many we want to buy. i have a hard time believing that, in the year 2025 or 2030 we're still going to be buying the same numbers we expect to buy now. the world will have changed. capabilities will change. enat that graduation with unmanned systems and what role will it play or will it be able to play in terms of partnering with unmanned systems or managing them. so there's a sea of change. my worry is that it is a program that many of the concepts for it were set, to put it bluntly the year i was leaving college. >> mr. scharre, we all agree that the pentagon is not structured nor is the command system structured now to meet the new challenges that you, the witnesses aptly described. take a stab how should we structure the pentagon to meet
these new challenges? >> thank you, mr. chairman. i think one important disconnect that's come to light in the last 15 years is the disconnect between what the pentagon is doing, in terms of long-term acquisition and very near-term needs in the combatant commands of the we saw this in iraq and afghanistan, the creation of all these ad hoc processes. like mrap task force and isr task force, things that were basically silver bullets the secretary had to personally fire at a problem to get it fixed. so the institutionalizing that is important not just for counterinsurgency or guerrilla wars, perhaps more importantly for major wars where the level of violence is likely be to be higher, timelines are shorter. need to innovate in the battlefield is essential to anticipate these problems. the department made some steps this that direction with creation of things like a joint emergent operational needs, sort
of pathway to create requirements but i think there's a lot more to be done to give the cocoms a voice, near term capability development and create a pathway. the services have some of these individually, the air force does, to do rapid capability development. >> mr. clark. >> yes, sir. so i would say we need to look at having one process how we develop requirements and acquire large manned acquisition programs, ships, aircraft, we might want to have more deliberate process to develop requirements because need for them to last several decades potentially protect large numbers of people on board. have a separate process like mr. scharre is talking about where we acquire smaller programs. everything below that, which is 99% of the programs we develop in dod. where we develop the requirements in concert with a technology demonstration and prototype program. a lot of technologies that new acquisition programs leverage are already mature and sitting,
waiting at the valley of death to make the trip across. they're waiting for some boat to come to pick them up and carry them there. we could take advantage and bridge that valley and said, everything that is not large manned platform is for example, weapons, sensors, unmanned vehicles, et cetera is able to take advantage of acquisition process where we develop requirements at same time we develop specifications and plan for the system. it would merge requirements and acquisition to much greater degree. >> so we wouldn't need a thousand page document for a new handgun? >> exactly. new handgun, new unmanned system. all technologies are ones we'll harvest from industry or dod labs already developed. why not just create a process that develops the specifications that we actually want in the final program very quickly based on what's already been achieved technically. we know what the cost is going to be.
>> thank you, senator reed. >> thank you very much, mr. chairman. thank you gentlemen for your very, very insightful testimony. it strikes me that we're asking many of you mentioned disconnect between reality we recognize. even leaders in the defense department and my colleagues here and, operational practice, institutional outlooks. the equipment, the training, everything. the question is, how in very real time, quick time, we think those things up? one thought, is by having exercises where we actually game this out in comprehensive way. and i'm recalling someone mentioned the inner war years where, chairman mentioned the development of the carrier, et cetera, that was done when people were sitting at the war college in newport thinking very
carefully about the threats, the new technology and providing a basis. so where are with he in the process forcing the system by having comprehensive exercises that will force us to answer specific questions like, how do we organize or reorganize? what equipment do we really need, et cetera? general alexander, you can start and i ask all the witnesses. >> senator, i think first thing we have to look at is to expand our outlook on what cyber can do to our country. i think in the military we focus on military on military engagements but practically speaking an adversary they will go after our civilian infrastructure first. on war, when people talk about total war, take the will of the people out to fight. we're seeing that in some of the things going on today. take down the power grid and financial sector. everybody will forget about these problems. and we are, essentially isolated so i think we have so step back
to look at this in more comprehensive manner. what does it mean for the defense department to really protect the nation in this area. i think there is a great start with the way teams are set up and what they can do but there is a long way to go. i think we have to have this war game. during my tenure at cyber command, some questions came up. do we go from subunified to unified to separate service. folks like petraeus said go to separate service. i was not there but i think we do have to step into this area. secretary gates had some great insights on, how are we going to do this? because it's a new way of thinking about warfare where our nation now is at risk. in the past we could easily separate out the military to overseas and what went on in the country as others. in this area, you can't do that. because the first thing they're going to go after is our civilian infrastructure. and so i think the war games got
to start with that. and how we respond to that. and it's going to escalate at orders of magnitude faster than any other form of warfare that we've seen. >> thank you. again, please mr. clark. >> senator, i think looking at inner warriors is the great example. what we did back then, it was warfighters would get together at systems hall up in the naval war college and play out war game with the war there with play ships and models and go out do series of battle experiments at sea to practice best-of-breed concepts that came out of that process. right now the department of defense is reinvigorating war gaming efforts to try to put intellectual capital to the development of new war fighting concepts and those war fighting concept as merge from those, best-of-breed if you will how we fight in the future, need to be taken out, as you're saying experimented with exercises using real systems in real operating environment. i would say one other thing that
dod does not do well, which they need to do better job of is incorporating technology technologists into this discussion. we put a number of operates together, we give them a problem they know systems or aircraft they left and figure it out to find the best way to fight. they're not figuring out what technology will offer them in next five to 10 years which is the timing we're aiming for. we need to bring in war games in subsequent experiments that technology expert know where technology is going but don't necessarily know how it is going to be used. putting toes two types of people together you get operational concept out of it and leverage new technologies different than we did before. in the past examples where we had stealth or passive sonar, perfect examples, where technology people said this is possible. operators said i think i know how we would use that. they came up with a way to apply
it and we take it out to the field to practice it and that is something dod needs to do better job it. >> mr. scharre, my time is diminishing. your comments please. >> thank you, senator. process of experimentation is really critical. i would add it has to be segregated from training in terms of qualifying a unit, right? when we send in army units like ntc, that is about ensuring unit readiness and training. there may be resume for taking some units, we've done this in past, setting them aside as experimental units to try new concepts and that is something the department should be looking at. >> thank you. dr. singer, finally. >> very rapidly i think the challenge in the existing system the exercises either are about validating existing concepts. you hear the phrase often, getting back to basics. what if the basics changed in interrim or about allies, making allies feel better about themselves. partnership capacity and
capacity building. that is different than the early war years of louisiana manuevers and fleet exercises. those were very valuable in inner war years not just showing what to buy how to use it but the who. what personnel thrive in new aisles of war. linking exercises to the personnel system. third, rapidly quick issue, budget is not a preventative of it. they went through the great depression and figured out aircraft carriers and amphibious landing. it is often culture of emly mentation. beware of the lessons people say they adopt but only in uneven manner. i think back to circle back to the cybersecurity aspect is challenge. we're taking a lot of new capabilities, putting some of them into old boxes. we built up cyber command with you we still have a weapons system where pentagon found in their own words, considerable vulnerabilities in every single
major weapon systems. >> i assume, everybody agrees, general alexander comment this is much broader than the twenty of defense and we tend to look ourselves in stovepipes of defense planning but this has to be usually comprehensive exercise involving federal reserve, department of defense, major utilities, everyone epgauge and i assume everyone agrees. with that i. >> thank you, mr. chairman. general alexander, i appreciate the time we had, i learned a lot in the time we spent together in your position. i recall when i first was elected i came from the house to the senate, i replaced date boren. he was chairman of the develop against committee. he said one of the problems we were never able to deal with. we have all the technology and things we find out but we seem
to be competing with ourselves. fbi, cia, nsa, didn't have homeland security then but, i'm kind of seeing the same thing that, we made some headway there. in fact, up in during the bosnia thing, first time all of the entities i mentioned were in one room together. at least they were talking. now you mentioned in your statement, you said commercial and private entities can not afford to defend themselves alone against nation-state attacks or nor nation-state-like attacks in cyberspace and that the u.s. government is the only one that can and should fire back. now, just seems to me we had the agency, i ask you what agency, how this should be restructured? because we have, each one of these, nsa, they have a cyber division. the cia and all that, how would you envision, i know you have given some thought to this, restructuring this thing to be more effective?
>> well, i'm going to take from what i talked with secretary gates about because he think he had great insights. when you look at departments responsible for protecting the country in this space, you have homeland security, department of justice and you have department of defense and practically speaking all the technical talent really lies at nsa in deep technical expertise in the network and hence the reason we put cyber command there, so you marry those two pieces up. fbi has some great talent for domestic capabilities but they don't have any of the deep technical talent that came out of world war ii or encryption, decryption and things that really helped the network operate. so when you talk about network operations that is probably best expertise. i think when you look at, the question becomes, what do you do that brings those three departments together? and he looked at a third hat,
and i would ask you to reach out to him and get his thoughts. i know he testified once but he had some great insights. i think directly from him on that, was probably the best approach. we actually started down that road, and it fell apart at one point but i think that is where our country needs to get to because that allows you to get to what you will do to defend the nation and what you will do to recover when bad things happen and both of those have to be synchronized as we go forward. specifically goes back to what senator reed brought out. if our nation is attacked and they take down the power grid and do massive damage, with is your first priority for the future of the nation? is something that has to be, well, how am i going to defend this country is first and foremost, has to be put on table. those kind of decisions have to be made. i think that is what i would do. i'm not sure, i have not been able to think of a way of collapsing all the intel agencies together unless you just smash them all together under the dni, and then made
subagencies but you're actually back to where you are today. so i don't know a better way off the top of my head to do that, senator. >> i was going to bring up effort you made in that position, going after university of tulsa and working with, they develop ad great program there. as dr. singer mentioned, we have to watch what the chinese and others are doing, emphasis they're putting on. they're teaching their kids, i look down the road and think, are they passing us up everywhere? let me just real quickly get back to the fact that the statement that was made by bob gates, talking about how we never once gotten it right. i can remember when the last year i served on the house armed services committee was 1994. i recall when we had experts testifying, and one of them said in 10 years we will no longer need ground troops. well, that is kind of an example
what is out there and reality we haven't been getting it right. one thing i think bob gates got right, when he was on the panel. incidentally, we had great panels the last three weeks and up to and including this panel of experts. we have the people in think tanks. we have the five professors from different universities but we had them all responding to the fact that bob gates stated in 1961 we spent, defending america consumed 51% of our budget. today it is 15% of our budget. in all the problems that you were addressing. you've been talking about it, i would ask all the questions. are we not giving right emphasis to defending america? right now with sequestration coming on they're insisting equal amount of money affecting social programs as defending america. so, do you think that we need, you say yes or no, run down the table, to reprioritize, making defending america number one
priority again? dr. singer? >> sequestration is incredibly unstrategic but it is akin to shooting yourself in the foot, not shooting yourself in the head. so how we deal with it will determine success or failure. >> i think that is yes. mr. scharre? >> thank you, senator. i acknowledge there are very difficult domestic compromises here, but make it clear we're certainly not spending enough on defense today in order to defend the country adequately. >> thank you. mr. clark? >> yes. >> thank you, mr. chairman. >> thank you, mr. chairman. thank you all of you for being here today. general alexander, if i could ask, which country or which group has the most to gain from attacking cyberattack to america? russia, china, isil? who do you rate as number one?
>> each of them have different objectives. when russia, we disagree on crimea, we saw increased attacks on companies like target and home depot from their hackers. >> how would that benefit their country? >> they allow hackers freedom. go do this. we're not watching. they have a good time. they make money. we get hurt. russia sends indirect message. same thing in iran. when you look at the disruptive attacks on wall street, what they're doing is they're sending a message. you have sanctioned us, and finance and energy sector. we'll fire back. saudi aramco, your energy sector. in china, it is different. china is all about building their economy. all they're doing is stealing everything they can to grow their economy. it is intellectual property, it is our future. i think it is greatest transfer
of wealth in history. interesting we could stop that. i believe that, i really do. i think, senator, if i could, what senator reed and senator inhofe brought up, if you put those two together, why don't we have major exercise with industry in there, industry is willing to pay their portion for cyberdefense, i'm convinced of that. and if they did their part right, in defending what they need to do, setting up the ability to tell the nation when they're under attack, you could stop attacks from iran, russia and china. we should do that. >> let me ask you about the nsa. we're talking about all this outside trap in attack the united states for many, many reasons you just stated. what have they done to stop the edward snowdens of the nsa from attacks? >> we set up program in 2013 to look at all the things -- >> was it surprise?
i'm so sorry to interrupt you. surprise to have this happen? i know you were there and go on? >> i was surprise ad person we entrusted to move data from one server to another really wasn't trustworthy. >> you had him at high level? you knew you had him at very sensitive high level and didn't vet him well enough. >> no his level was exaggerated by himself. he was a very low level system administrator with important job of moving information from the continental united states to servers in hawaii. in doing that, he took data from those servers. we came up with 42 different series of things that could be done. we shared those actually with the rest of government, with industry, ones we could how to stop insider attacks. you're seeing, it is interesting, when i talked to most of the financial institutions, more than 50% of their concerns come from insider attacks. these are things going on. you have got to do both. all behavioral analytics and modeling that would go on to stop that. so i think we did a good step
but i note a very important point, we were caught flat-footed on snowden. >> do you think steps were taken to shore that up? within the nsa you're not sure if other private organizations taken y'all's advice or lead? >> for sure in the nsa we ran tests. we gamed and ran backward data and found we detected him every time. >> how damaging was the information that he has shared or basically stolen and taken with him and distributed around? >> i think it was hugely damaging. you can see what the dni recently said about support to our troops in afghanistan. the fact that some of that information has gotten out, and our ability to now detect adversaries in afghanistan has been impacted. the same thing on terrorist attacks. it has set us back and i personally believe what he is doing with russia is hurting our country. >> do you believe snowden should
be treated as a traitor. >> i do. >> and tried as such? >> yes, i do. >> thank you. >> thank you, senator mccain. and for your leadership and for the series of hearings we've been having. i would just join with you and your comments about our breaches and snowden and those issues on general alexander. i think it is very important and i do not sense from my study of it that we are having any significant threat to individual americans liberty. apparently the president knows everybody that owns a gun in the last campaign and ran ads targeting everybody or every little thing they favored they knew about and targeted the campaign message. so we don't have anything like that with regard to our defense analysis. well, several years ago this, my
subcommittee, strategic, talked about the threats we might have to our missile and space systems and we asked and we have analysis and reports of that. senator levin who chaired committee at time, senator mccain and others agreed this was not only a problem for our missile systems but for our entire defense systems. i think dr. singer just said that earlier and, so we've got legislation, general alexander, that focuses on that, that calls for analysis of our vulnerabilities, and, puts now 200 million toward identifying those, in creating a response, a plan to protect our vulnerabilities. so i will ask you and mr. clark about that.
others if you would like to share thoughts about it. so first of all, are you familiar with the legislation? do you think it's a step in the right direction? do we need to go further? and are we you vulnerable and can we take actions that would improve that, limit our vulnerability? >> i'm not 100% steeped in it. i'm aware of it. let me give you my thoughts if i could. on vulnerabilities and where we protect and repair vulnerabilities we have to continue to upgrade how we do that. let me give you example. when i had cyber command, the issue we faced was 15,000 enclaves. how do you see all those conclaves? the answer is, as commander responsible for defending our networks i could not. when i asked, how do i know these guys are fixing vulnerabilities and do everything we told them to do? well, they report up. so it cascades up. so a simple fix is done at manuel speed. takes months. when it should be automated.
humans should be out of the loop. so i think it's a step in the right direction. i would look to encourage you to look how we could now automate parts of this. because i think it is crucial to blocking those attacks. i think what you're doing is right. think there are steps now we could take to go beyond that would i be happy to talk to some of your people on that. senator? >> thank you very much. mr. clark? by the way, mr. clark, i see you had the distinction of serving on the nuclear submarine alabama. >> i did. >> that is special to me. what, tell senator mccain what you say when you finish off on your announcements on the alabama? >> roll tide. >> thank you. go ahead. >> first boat. >> deeply moving. >> it is, isn't it? so i would say, i agree with general, obviously that the need to move towards using automation to much greater degree to protect our systems from cyberattack.
this idea that we need to modernize our networks that deal with missile defense and for strategic deterrents in particular, to reduce the number of separate systems involved and reduce them out of surface area, if you will. every separate enclave he described has its own vulnerability to attack, like a bunch of little forts out there. you have to defend each little fort individually. we need to bring those into the same enclave. defend one perimeter as opposed to a hundred perimeters. in areas where we have legacy systems cobbled together over time we have a bunch of different systems interconnected as opposed to one system able to protect itself automatically. that goes back to the automation idea. i say couple things of with regard to our vulnerability in space though, we have to deal with the fact in space, advent of new technologies like micro satellites and servicing robots, to use again quotes, the idea
there are countries developing is the lights that are small satellites designed to repair or service or put new batteries into other satellites could also be used to attack a satellite without generating debris we would normally deter somebody from attacking satellite in space. new technologies that would allow attacks in space are something we have to consider as well, in terms how we protect our satellite infrastructure we depend on for strategic deterrents and for missile defense. >> thank you. mr. scharre or dr. singer, would you like to add to that? >> thank you, sir. i would just add on the space side an important component of enhancing our resiliency in space is off space back ups and networks for redundancy. in part to protect our assets but also to reduce incentives for attacking them in space. the department of defense had a program to build a joint aerial layer network to do
communications and timing and number of years consistently underfunded. in large part it is kind of thing that doesn't strike core constituency in the service. that is something to add to thinking about our strategic resiliency. >> dr. singer. >> thank you, senator. i would add a note of caution, maybe a little bit of disagreement on panel and suggestions. caution is, we shouldn't lean too much on the cold war par less of deterrents and mutuality of response, thinking that showing our ability to hit back will deliver 100% security in either space. also the idea of quick timeline. yes, cyber moves at digital speed but for example, attacks take not days but months, sometimes years to put together. on average it's a time period of 205 days between an attack starts and when the victim finds out about it. in turn your best response often in cyberattack is not try to hit back within the 30 minute window with nuclear weapons parallel,
pause, study it, steer them into areas they can't cause harm. so the parallels are not exact. the deterrents model i hope we look for, we heard from it panel in space and cyber space, more deterrents by denial, building up resilience, whether in space by moving from billion dollar, single points of failure that can be easily taken out to networks of smaller, cheaper, micro satellites. same thing in cyberspace. building up resilience in both military and on the civilian sector. within that, i hope we're willing to look at alternative approaches and stop trying to take new capabilities and problems to put them into old boxes. so, to, i would contrast our defense approach and way it's not doing a great job of pulling in civilian talent, to, estonia was mentioned as a model of a victim of one of the first victims of state level
cyberattack but they have also built up a level of national resilience that we don't have. i would suggest model of the estonian cyberdefense league as alternative to our approach right now that might be very positive on. thank you. >> thank you. mr. chairman. >> one of the problems with the estonian model is the privacy issue that causes many industries here and companies to be resistant to that model. senator shaheen. >> thank you, mr. chairman. thank you all for testifying this morning. i, if i could, ask each of you to give a very brief response to, do you think the biggest threat, as we look at cyber attacks and other challenges, to our power grid and to the united states come from the great powers, the great power competition that you referred to, mr. clark? or do they come from terrorist
groups and non-nation states? general alexander? >> i think the greatest concern comes from nation states. the most frequent attacks comes from hackers, terrorists and others. but one -- >> mr. clark? >> i agree. i think greatest threat will be from nation states. >> does anybody disagree? >> yes, i guess i would disagree. in terms of large-scale, certainly nation states can bring more power to bear but i think this issue of frequency and likelihood is absolutely critical. we need to factor into thinking about threats. i think it is clear non-state actors can wreak quite a bit of destruction on united states. deterrents is less effective. >> general alexander, i think i understood you to say that we could stop attacks from iran, russia and china and you prefaced that by talking about the importance of the private sector and their willingness to invest in their own cybersecurity. if we can do that, what's been
the impediment to doing that and how should the operation be organized? >> so i think there are several impediments. first having right cyber technology, a holiestic and comprehensive approach that allow as commercial entity or company to understand when they're being attacked or exploited. the ability to share that information, both from cyber legislation and from a technical perspective. the ability for the government to receive and then to respond. and i do think it's here where war gaming and other things would go on. so what's your response going to be if these events occur? so you thought that through ahead of time and you know how and what and the commands know what they're going to do. >> again, if we can do that, should it be organized under cyber command within dod? should it be organized someplace else and why have we not done that already? >> well this goes back to the organizational structure that
was asked previously. we have parts of this in dhs, that's really responsible for the resiliency, correctly. we have the dod defend the nation. then you have the department of justice who has responsibility for criminal activities. and what secretary gates said, you have got those three but they're all talking about the same domain. you can go very quickly from, as, mr. scharre brought up, you can go quickly from non-nation-state actor acting like a nation-state actor. you have to have war games. you have to go through that. we haven't organized ourselves right. now, did we bring bost and industry together. we don't have legislation to allow that to occur? >> are you suggesting we should organize within the department of defense? >> i think the department of defense has to have a key, if not the lead role because when push comes to shove, somebody has to respond respond to the good of the nation it is the defense department.
be recorded. and i worry that our forces on the ground are not adequately trained and prepared for the. we have seen one incidents in these wars where there's an incident of the koran burning or someone urinating on corpses and enter strategic effects. but a world where every action by one of our soldiers and marines on the ground is recorded and tweeted around in real-time is something that i don't think we are prepared for. i say this in large part from personal experience fighting as an seal on the ground in iraq and afghanistan, where occasionally weird interactions with the population where things are rough. it's a difficult conflict but having it go viral as a different kind of environment. >> my time is up but tragic if i could ask just one more question. secretary gates when he was here referenced the fact that the u.s. information agency is defunct now, and that our
strategic efforts to communicate really pale in comparison to some of our adversaries, certainly that's true with russia. it's true with isis i think. and so how do you come any of you, suggest we better respond to that? should those efforts to get out, given the challenges of transparency that you mentioned, but our need to do a better job in these areas, how do we do that and who should head that effort? should it be defense, state department? >> i think it's worth exploring the idea of a new agency. it's possible that the conclusion. certainly we do need to adapt our communications to this digital and social media age. >> i would add that i think one area we have not fully exploited since the cold war is taking advantage of the demonstration of new technologies, whether they are successful or not, and
comedic intent to potential adversaries to create uncertainty in their mind as whether they will be successful. we develop a new railgun, we develop an electronic warfare system that we think will offer a lot of promise here we go built a few of them and to demonstrate them and then communicate that so it's widely understood. i think we can take a radical transparency and turn it around and use it for our own purposes by creating uncertainty in the minds of potential enemies. >> i agree with that. dr. singer? >> part of why they been so successful at it is they using protect occupants in their network and coming out with a networked style approach. i would guard against us coming at it with a kind of 1940s centralized approach. that's part of why we are not doing well. second is they know specifically what they want to be. we have not yet figured out whether we want to counter narrative or take them off the network, or intern take advantage of this very same
radical transparency and intelligence gather on the. on one hand isil is getting its message out and on the other and we are gathering more information. we need to figure that out for ourselves. third, why they've been able to do it in some manners better than us is that they have cohesion between their two mitigation strategy and the battle field operations. so, for example, before they launched the operation against mosul they had preset hashtags ready to go. we don't have that kind of cohesion between our strategic an indication that are battlefield operations. >> thank you all. thank you, mr. chairman. >> thank you, mr. chairman. dr. singer, earlier you said the per unit cost o of the card is where we steer the horse. i would like to open it up to the entire panel and ask what can we do about cutting, where can we do less? a lot of times we talk about where we can do more.
i'd like your opinions on what we can do less with regards with research, with training. what won't we need in the future? dr. singer. >> i think you've heard from the panel many great ideas, and the question is whether we'll be able to element them in shifts and everything from our personnel system and professional military, education, all the way to the example of distinguishing between the type of systems and to require but that will be built for them when we approach it. the problem of legacy systems. another thing i would put specifically on the table is our tendency to plan and assume for the best, and then we act surprised when things don't work out that way. that was what i was referenced g terms of the pontiac aztec of war problem where we have
systems, and again all of you are thinking but certain systems in terms of we develop a warship that the navy says will not be survivable income put into act surprised and said we've got to fix that. or a tanker aircraft that are planned not to be in anything above a median threat environment and, of course, the enemy gets a vote and we go gosh, we should have figured out about that. what i'm getting at is we too often in an attempt, we get caught in this dynamic with the per unit cost of shipping everything from what we develop to oh, my goodness we can change the amount we were planning to buy for what it will do to the future per unit cost of it. as part of this we should be able that i would associate myself with other remarks, we visualize how certain weapon systems can take on new and important roles. the way the b-52 bomber was from strategic nuclear deterrence operations to close air support. we may be able to rethink that approach in everything from what is an aircraft carrier, will
subrecipient to take on that role, to the long-range strike bomber. is it just for strike or will it be able to take on isr or even air to air combat roles in the future? these are possibilities if we allow them to happen and not be locked in by past decisions. >> mr. scharre? >> thank you, senator. i think there's an issue of wanted to get there shortly our places to turn the quantities of assets, not just with fewer numbers of more capable things but then to trade that for larger numbers of lower cost systems. moving to this issue of thinking about, these major combat assets as think of them as sort of a quarterback behind a fight. a bomber that is not just carrying asset to the fight but the pilot pilots are controllede of maybe lower cost unmanned vehicles. antisubmaantisubma rine as the hub of a network of economists
undersea vehicles on undersea payloads, ma but then expand the capabilities we have in the fight. >> what this kind of points to is separating the platform if you will from the payload. so what we have done in the past as we develop the chip or the aircraft with all of its system built into it and we were then periodically modernize that by tearing it apart and rebuilding it all with a new technology every 10 or 20 years or so. we need to move towards not bind the next generation of these aircraft and ships and other platforms in a way that integrates all the systems but instead much cheaper and less equipped things and didn't equip them with payloads that can adapt much more quickly over time. the innovation cycle for something like a missile or a radar system or a passive radar sensor is much quicker than that of the overall platform. we can afford to get a cheaper platform. in terms of what we have today, i wouldn't say we want to throw stuff on the scrap heap that we
go hand in the fleet, but we want to look at ways we can we equip it with the next generation of payloads. instead replacing them with another highly integrated airplane or ship, let's keep them, take other old stuff and just use interchangeable payloads to start reducing the cost of these platforms in the future. so to get to the f-35 example, maybe f-35 is in the last aircraft we buy that's really a purpose built strike fighter, to dr. singer's point, maybe you do end up with airplanes in the future that are just larger and a bigger sensors and they do all the nations and the payload changes to accommodate that. >> senator, i think one of the things we should look at is the commercial industry spends billions if not trillions of dollars a year in cybersecurity alone. and when you think about all the money that is being spent, is being spent to solve their problem. if they work together to great a
sector solution and that sector solution could be very important for defending our country. if we have government and industry work together in a way that was meaningful so that what they apply to those resources for help give a more reflective surface in cyber, that would tell the government when the government has to act. you could focus government resources where it's really neat. so i think the idea of having a wargame and then looking at how you get the financial sector, the energy sector, the health care sector and the government together, and maybe a few others, but those in the room and look at what they're doing. what you would find out it is one big bank alone is spending almost $750 million a year in cybersecurity. what if it was done in a way that helped protect the whole sector and if they work together? that service would be far better than anything the government could do. we need them to do that so that the government can focus on what you want especially the defense department to do.
>> mr. scharre, you were talking about swarms and a change in war fighting. if i could, then i could, then do we care about platforms. we care about payloads. what about personnel? are we going to be looking at the same infantry in 20, 30, 40 years puts the infantry can take and hold ground it can technology replace that? >> i think technology can certainly aid in taking around, yes. when it comes to holding it and then building up a secret infrastructure to tap onto some of those combat something that will require interpersonal enemy action. and we use robotic systems more to help ground maneuver warfare? i think absolutely. i think there's a lot of opportunities the army probably is not yet using to look at something like a modern-day robotics to experiment with maneuver warfare. when it comes to sitting down with tribal elders, a person has got to get. >> thank you.
thank you, mr. chair. >> thank you, mr. chairman, thank you to the witness. general alexander, you talked about and what about all the time the number of cyber attacks on the nation or on governmental agencies that are occurring with greater frequency. i think he is a 350 cyberattac cyberattacks. i'm not sure what unit of time that was. give us a good example of a counter cyber attack that the united states has undertaken a so when we have been attacked give me a good example of something we have done in response. >> senator, i can give you that in this forum but i think that is something that would be good to discuss for the committee in a classified session. >> can't i just cannot want to make this point. i thought i was going to be your answer. there is not a deterrence doctrine of people don't know what the response will be. the president last week said he was going to send 50 special forces to transit.
i know to the number how many bombing raids we've run in the war against isil that is now in its nearly 16th month. we know the number of personnel have been deployed. when the american public and policy makers reach over and over again and the press about cyber attacks on the nation, they are very public. but when we can't discussed even with the committee in a public setting or with the american public what we are doing in response, it kind of late to look at the beginning of like we are impotent against these attacks and i know that we are not. but if we can talk about troop deployments in the war on isil and bombing sorties that are run but we can talk in open session about what we do in response to cyber attacks that are added as in the public news as any of the bombing campaigns are. i think it relates to a sense of helplessness by the public and the committees themselves. i hope we want to follow up to talk about this. >> let's go hypothetical instead of actual, and we could talk
about hypothetically what the defense department could do, and others. so we talked about -- >> i would rather actually move to another topic. hypotheticals are great. why can we know actual in so many realms of what we do in defense but we are not willing to talk actual about cyber? because we hear about the actual attacks on us. so i think that raises a question i would like to explore more. very interesting hearing, although written testimony and oral testimony, too. and the title is provocative, the future of warfare a lot of the discussion has been about tactical, technology issues. i think would've interesting areas about the future of warfare is the question of unilateral with partners. we were attacked on 9/11 by al-qaeda, and we immediately assembled a coalition that amounted to about 60 nations to try to respond to that. the first thought after the attack on pearl harbor was not
we got to go out and assemble a coalition, although there were other nations, the allegations that were involved in word or two. is there something unique about the future, certainly the future of warfare that renders this whole idea of coalitions qaeda more of a common feature for the f-35 as a platform that was built with the participation of nine partner nations, not just different service branches but partner nations. talk about coalitions and alliances in the future of warfare. i would just be curious taking afterthoughts about that. >> if i could in the cyber realm, we would be much better off with partners in this area. think about the undersea cables that come from the united kingdom to us, 12 of, 17 of 18. so united kingdom and europe come if they had a similar approach to cybersecurity and they agre agreed to defend their income we defend our income we have now moved our defense out
to europe for our country. i think that's a very good thing and we could do things like that. i do believe there is much need for collaboration but also brings in all the issues. you have a civil liberties and privacy because every nation sees a different come even in europe. every one of those sees it differently. i think where to set the standard and that's one of the things we could do as a country. country. >> the benefit we get from coalitions is primarily nonmaterial. i would argue that they don't bring a lot of military capabilities that are easily applied in a unified command context that makes it harder if you're trying to do with multiple nations forces. what did you bring is access to areas that we otherwise would not be able to base from our operate from or be able to monitor. and it also provides the political top cover so that if we can demonstrate that is the way we are used to operating, it may drive our competitors are our adversaries into a
calculation way they realize i'm not just an upset of the united states if i take this action but also upsetting a number of my other neighbors which could retreat other problems down the road politically for them to do maybe a political benefit in the wrong term to us managing things through coalition. >> thank you, mr. chairman. general alexander, do we have a stated doctor and with regard -- doctrine with regard to what is a cyber attack or do we have a defined limit where we identify something as an act of war if our defense, our energy or our financial resources or attack? >> the only thing that i know that comes close to that is the president's statement in 2009 about how we would respond using any form of power, cyber, military, diplomatic, to respond to a cyber. there are no rules of the road or red lines in cyber.
i think wargames can help tighten some of that up, and and should. >> would anyone disagree with that analysis? >> i would add one thing. one of the challenges is that if we tried is a cyber capability to respond to a cyber attack, we may end up making clear to the adversary the access we have into his networks. someone probably have is we don't want to burn the source. if we are attacked in cyberspace we might need to go to some of the means to respond because we don't want to give up the fact that we've got access with networks that are able to monitor his activities in the future. as general alexander, said what might able to take advantage of the attack to gain the access that we don't want to make clear to the enemy. >> i would just add, the key is not the means. it's not that it is cyber. it's the end of that which will determine it. so whether it's to cyber or a missile, whether it causes loss of life, physical damage, even if someone set, a foreign
adversary set a fire that killed hundreds of americans, we wouldn't say gosh, you use matches, not cyber or a missile. so cyber can be a little bit of a misdirection to its more about the end of that and how we judge that. >> do we need an established doctrine to determine whether or not a cyber act is an act of war? >> i would say we need a more clear definition of what we can constitutes an attack that would be meriting of a response. because we do that in the physical realm for much greater degree, and it will get held up as a body of action over time. it is the president who does it to some extent. >> i think when you look at our nato responsibilities, i think we got to this laid out. we can't do is walk into a war because we didn't understand that this would be an act of war. so that if someone were to attack one of our nato allies
and cause destruction and lives, what constitutes an act of war is not really clearly stated. there's been a lot of stuff in the papers have been written but it doesn't get to the point of this is a clue. and so i think we need of those discussions that are classified and unclassified realm so everybody understands. i do agree with the intent of individual. if their intent is to do harm, i think you now need to look at where you take it. >> can you share with me what you think it would be a considerable response? >> i think first idea you could prevent it but if you couldn't prevent it i think you now have two things that are going on. resilience in your networks bring those back up, and then a whole series of action from political, economic, diplomatic, military. and in cyber there are a lot of things you could do to stop that nation from key mitigating outside the nation with other tools. and i think it's those types of
capabilities and working and things that ought to be looked at analogous to the way we did our murder warfare 70 years ago. >> sometimes a talk about this in no way in which we have a tendency to literally scare ourselves because we're talking about serious these can be. do we have the capability and the resources right now to actually respond? should we have that type of a cyber attack that would amount to come if we define a probably come as an act of war? are we in a position today as a country to respond to an act of war? >> so you have, we have 40 authentic games that recruit at u.s. cyber command. those teams have some great capabilities. it doesn't cover the whole world but it gives you a great starting point. i think our first thought was in 2010 was not setup with initial force structure that we needed, set it up in terms of offense and defense and teams that could
actually do offensive actions to defend the country. >> does anyone have anything to add to that? >> i would just add two things. the first is the idea of assuming that our response would have to be limited just to cyber means that if someone carries out an act of war against us using cyber means, we are not and should not be limited in our response to of the means and that's why we are seeing that kind of deterrence hold. that second note is to know as general alexander said, we have built a great cyber offense capability. there's many things that mr. snowden did but one of the other things he did was revealed that we have very potent cyber offense capability. i would add to those who believe in building up more will deliver deterrence, the question why has that not delivered deterrence yet? there's no question that we have great cyber offense of capability and yet the attacks have continued to come.
that's why i am go back to we need to do more about building of deterrence through denial which is making ourselves more resilience both in terms of military and civilian teams we can shrug off those attacks which therefore makes the attacks less productive, less likely on us. >> thank you, mr. chairman. >> thank you, mr. chairman. dr. singer, i must compliment you. to found a technology advisory firm is an act of a genius. i also enjoyed your trip to quote. one of my favorite churchill quote was he was once asked how he thought history would treat his role in world war ii. his response was very well, because i intend to write it. on this issue of deterrence, and i think senator rounds really hit the point that i think we should follow up on this come is the question of what is an act of war and when will we respond. because it's an act of war isn't
defined, your opponent has to know that you're going to consider it an act of war and that there will be a response. mr. singer, i think your point is well taken that it doesn't message of have to be a cyber response but i do think there does need to be some response. the deterrence by denial it seems to me ultimately, you've got to have some offensive capability. you got to be able to punch back or you're simply always on the defense. your nodding your head. i assume you agree with that concept. >> i very much agree. i will compliment you in turn. thank you for your kind words. i will have an article coming out next week on this question of the deterrence and the three approaches are what with the committees wrestled with. it is one to set very clear norms, so both sides of all the sites understand what is and isn't an act of war.
so that there's no miscalculation. effect is to understand that you can respond but you can respond in many other means, many other areas and it's not just through military. it may be through trade and maybe through espionage whatever. there is a far more complex game put on in cold war where your only response was you hit me with a new, either integer back. at the third is a this point about deterrence by denial, something that was impossible in the cold war, the idea of civilian involvement was kind of, the bomb shelters and the like were not very useful. determined by denial with the a useful concept and importantly, resilience works not just against a level attacks but it is also effective against all the other attacks out of there, whether it is nonstate actors like terrorist borges criminal groups. >> on that point, general, good to see it again at a think a point you made that i had not really thought about was the idea of a joint private sector,
cybersecurity effort, perhaps a facility by the government but not with governments of all but passionate involvement. it strikes me as inefficient in the extreme to bank of america spending go against on cybersecurity on anthem and target and wal-mart when in reality they are all chasing the same problem. it may be that a consortium. as i recall there was a semiconductor consortium several years ago to deal with this in a joint way might say the private sector a lot of money. the government could act as a facilitator. dr. clark, an important point is made today and one of the hearings the other day was instead of building weapons systems that have absolutely everything that are going to last 40 years and, therefore, by definition be obsolete, we ought to be building modular systems that can be modernized on the
fly rather than starting all over again. is about essentially what your testimony was? >> yes, definitely. it gives you the ability to convince of the cycle that exist for those smaller systems. we talked about moore's law and have a result in a doubling of computer programming power every 12 to 18 months. and computers are the heart of almost every one of our payloads whether it's a sense or a missile or even a smart bomb today, unmanned vehicle. so we should take advantage of the fact that technology cycle will be so fast and develop those payloads on a much faster timeline. >> and trying to build a weapon system does everything for everybody at one time that will be fixed in time is just the wrong way to go spin which gets back to the requirement of problem. if i defined in isolation from what the technology might give me any near-term timeframe, i end up aspiring to something i will never -- >> and everybody wants come is
the problem of a camel is a horse designed by a committee. >> right. >> mr. singer, dr. singer, if your article has not gone to press i would urge a quote from robert frost a good fences make good neighbors. when people know where the rules are, that's when you can avoid conflict. final question it just for the record. general alexander, very chilling in your early testimony that we won't have time for human decision-making in responding to some of these kinds of attacks. in other words, for 30 minutes or an hour for the missiles is now in a matter of seconds. the question is how do we war gamed and prepare response that can be done instantaneously without the intervention of human discretion? i think that's an issue, my time is expired but i think that's an issue that deserves some serious thought and discussion.
thank you, gentlemen very much. visiting very illuminating. >> dr. singer, i would suggest words of chairman mao. it's always darkest before it is totally black. senator urged. >> thank you, mr. chair. gentlemen, thank you for your support to our nation in so many varying ways. i think the discussion today has been very beneficial. i think for all of us, and our constituencies. general alexander, i'd like to start with you, sir. we spent a lot of time talking about the cyber threats that exist out there and the devastating effects to our networks, should they be attacked or when they are attacked. and really the ability to recruit and retain some talent to deal with the cutting edge threats that exist out there. what i like it is a little bit more, how can we utilize our reserve at our national guard forces to bring in some of the
best and the brightest? we have a lot of folks that certainly serving very similar capacities and their civilian employment is there a way we can use them to leverage our forces speak of actually that's a great question. we were doing that when i was on, i know that continue to each of the national guard units are setting up the cyber games that would also help. as you note some of these have some of the best technical experts and civilian industry that partner with us. so you go out to washington, the state of washington where microsoft employees, all around the world come all around the u.s. i think there's some great partnerships are there and it also gives you an opportunity to bring those on to active duty when you need them and then take them off. finally, if we work it right it also helps provide security for the state and local government. >> i think that's wonderful. i know in my transportation company we had some computer whizzes work in the civilian industry.
they were truck drivers when we were mobilized, so but a lot of talent that exists out of there. and mr. scharre, paul, i know we've spent some time talking about future personnel generations in our department of defense, and i would like to visit a little bit with you about again of the national guard and reserves and where you see their role in the future, whether it's army, navy, air force, marines. and how they can support future conflicts. >> thanks, senator. i think this issue of civic expertise as a unique capabilities of the national guard and reserve brings to the table, and this example of computer experts are driving trucks, right, and i saw active duty reservists many similar things in iraq were even did civil affairs functions. we still had people misaligned, not unlike as well as it could be but some of the skills that
are resident in regard and reserve force. and so a process inside the department to actually identify have service members of self-identified those skills and allow them to be tracked inside the department so that if the nation needs to draw upon that we could no who are these experts would be extremely valuable and i think away to increase even further the skills and capabilities that the national guard and reserves bring to the table. >> i think that's a great idea. i know we do identify many of our civilian skill sets for the guard and reserves but i don't know that the dod truly pays attention to that. i think a lot of as i said talent and abilities that could be better utilized on or with an active duty force. do you think of the dod will continue to rely heavily upon our guard and reserves as of into the future conflicts and outline years, as heavily as i have made in the past 14 years is because i think there's no
question they will continue to put a value the role. certainly we've asked a lot of guard and reserve members and have given a lot in the last 14 years. i think they will continue to be a valuable, they will contribute in the future. >> i will move onto a different topic, and mr. clark, maybe you can assist with us. today i did read a number of my colleagues in a letter regarding our concern for russia's activities near some of our underwater cables, and it is very concerned because these are fiber-optic cables and they carry everything from sensitive information, communications, and many of these things that are vital to our economic stability. and i know that it is a very sensitive topic, but i think it's pretty vital we start talking about our interests in underwater fiber optic cables. so are you concerned at all about the security that we have that either exist or that does
not exist out there? and if you could expound on that, please spend i'm very concerned about it. those cables carry trillions of dollars in financial transactions every year, about 90% of the world economy runs on the undersea cables as a result of that. the russians for a long time that an undersea recognizance program but a good look at things under the water and it taken an interest result in undersea cables, we can tell by the areas where they're operating that they're looking for something down there into this in a fantasy cables. out in the open ocean these undersea cables are fairly hard to find because you kind of have to search a large area but in areas where they have their landed on the shore either of the united states or over in europe or in the middle east, they are relatively easy to look at the trace back into the water. one concern we would have is in conflict those cables could be easily broken. they are broken fairly regularly to do as result of trawlers or
anchors that take them up. antedate the responsibility for responding or replacing or repairing those cables life with industry and so they have on call cable laying ships to go and fix it if you are talking a timeframe of weeks to months to go repair a cable that's been damaged as result of either hostile or accidental action. so one concern i would have is when you do with the ability to rapidly respond to these types of attacks, to restore the activity on those cables. and then we need to be able, we need a better monitoring capabilities into the send of these landings where it's a target-rich environment for an undersea vehicle or a ship that is going to deployed a remotely operated vehicle to go attack them. there are technologies that could provide the ability to monitor these areas pretty well, but counter that delta would be a key part of and be able to find something small like
dr. singer and mr. scharre have talked about is going to be really hard. we need to come up with better capabilities to detect these very small underwater vehicles that could be used against undersea cables. it's a huge potential vulnerability that could be exploited both in peacetime or in more. >> i agree. thank you very much. i appreciate that. i think that is something many deterrent or direction to also, so thank you, mr. chair. >> thank you, mr. chairman, and to all of you who are testifying. the department of defense has used the technology basically of quality over quantity to stay ahead of the other countries. so one of the other hearings we had said we are falling behind in our ability to rely on our technical superiority. so do you share that view asked if so, what are some very fundamental steps should be taking in order to increase our
capacity, technological capacity? any of you can answer. >> okay, i'll start. one of the main factors is time. how do we shorten the time by which we develop major programs? mr. clark talked about modularity, think about payloads over platforms. i would also encourage others to think about software over payloads, upgrade software very rapidly. but the are even more fundamental shifts that people are thinking about. this darpa program i mentioned earlier is thinking about basically taking a major platform and breaking it apart entirely into a larger number of basically just the payloads that are all interacting together. and that is something with xp meeting with and exploring. >> are you saying that we should spend more money on r&d or visit also the way we are structuring how the money is spent speak with i think the way in which we spend what is absolutely critical.
>> how would you change how we are spending our money? >> the r&d spending in the department is very decentralized and fragmented. and so just about centralized process that focuses as mr. clark mentioned focuses on the key areas. efforts underway with the long range of something something defense acronym, yeah, i think are beneficial in that regard. >> senator, i would just add i think it's both the way we also clearly don't spend enough on r&d come and we see the percentages go down vote on the government side but also as a nation assessment and the defense industry site as well. and issue of quantity called is not just in terms of the weapons assistance but simply -- quantity quality. if you run out of missiles you have to exit so you may survive but to defer to the enemy in that time. >> as we -- did you want -- >> i just have one more thing is about we probably come with a
pretty good investment inside dod in r&d. it's not well focused as we talked about. in addition, industry used to do a lot of internal research and develop with her own money to go explore new capabilities that may be beneficial in the future. they have reduced that invested significant with reduction over the last several years because its own a percentage of perturbatent also do something the department is doing that has been this incentivizing industry from pursuing its own research and development that in the past has given us things like stealth and things like new radar technology. wondering what to look at is how do we encourage industry to be independently looking at problems that they could address with their new technologies. >> and perhaps one of the ways we incentivize the private sector is of course have the potential of technology transfer in whatever research that they are doing. developing. for mr. scharre and mr. clark,
what impacts do you anticipate our reliance on fossil fuels will have on her plan and effectiveness of our future warfighters? what is your assessment of the department progress in terms of reducing its reliance on fossil fuels sources? >> i think a couple of key reasons to do so. one is of course strategic risk and vulnerability. another what is cost. but an important one is that alternative energy solutions can help increase the insurance for many various long endurance capability particularly robotics that we can put out on the battlefield. things like better batteries, solar power can allow us persistent surveillance systems out there can help detect the enemy for months are just out of time. so there are some significant operational advantages as well. >> it's about not so much fossil fuels come it's just reducing our energy dependence in general. which is a threat to project force over a very long this is
because all of our friends and allies are an ocean away from us so we are generally transferrtransferr ing those forces overlong disappeared even when they get to their having to operate at the very edge of our logistics chain. so reducing the amount of energy they need in general would be aboard picking taking phish of technologies that don't require fuel at all would be aboard. the idea of going to new battery technologies that are able to last for a very long period of time and then eventually be recharged by the sun or by returning to some docking station would be a very good way for us to reduce the tablet we have to maintain. right now we have to have refueling aircraft and ships out at the edge of the ships their refueling and then refilled a ship for example, every few days while it is operating at an aircraft have to operate for much short period of time but let's be refueled. moving to technologies that don't have to be -- on a regular basis would be very important. >> thank you.
>> thank you, mr. chair. and sorry we were, senator hirono and i had just about for a few minutes. we were actually celebrate the 240th birthday of the united states marine corps. so we had to welcome that year and a ranking member as navy and the army -- >> a dark day. [laughter] >> gentlemen, thanks very much for your testimony. general alexander, i was actually struck by your testimony in one area that come in a couple of areas i thought it was very insightful but one of the things we've been hearing about in terms of cyber is this idea that this notion that we're constantly being at that, constantly, and she mentioned it in some of the dollars and statistics you had in your test went on cybercrime and what the cost is really eye-popping. but there's been this notion of us being on defense, defense,
defense. one thing i liked about your testament is that you talked about all of it in terms of offense, or we've invented a lot of this technology. we are the leader in it's still. so there's all kinds of opportunities for offense. to do just provide some examples that? picture of his opening statement about turning technologies into offensive advantages i think was very illuminating from a historical perspective. but what are some opportunities in terms of offense that we have with regard to cyber? >> there are a number of offenses capabilities. i think first and foremost you have to be able to see what the adversary is doing. hence, the need for the commercial sector to be part of the need for this solution. so what is hitting them can be seen by everyone. if you think about how to computers actually talk, i want to talk to you, you come back
and stay on the channel, that takes time, milliseconds. and if you think about some computer time to get in while that's happening, if the government conceded, the government can stop it or at least delay it or stop the router or do some things -- something to it. the issue comes down to, so what would you authorize, for example, cyber command to do a note to defend it? you might say well, i'm going to let you do everything you can to block all the way to work its originate from either its originate from eithe but it dont you to destroy systems yet. destroying systems will go a step further. technically speaking, and you see this, you could destroy a computer in cyberspace by getting on and doing certain things to get. so the technical ability is a bear. it's public record. now all you need is access. and i get into that access is where you take the capabilities
of an innocent with a cyber command and fbi at times and put those together. so you have tremendous opportunities. and i think we look back at our capability, you look at we are the most integrated network society in the world. and we look back and we see look at all these opportunities on offense, and you look at ours on the defense and to say man, we are broke. if we throw rocks, we have all these glass windows. first step, fix those. >> let me ask a related question i know there's been a lot of discussion in his testimony on deterrent or raising the cost of cyberattacks. it seems to me, and i would welcome any of your opinions, that if you're from an authoritarian regime like russia or iran or china that they in some us have an advanced because they can just deny and lie and no, we had nothing to do with that, even though they did or did you.
but you mention like one example to me that the iranians were attacking our financial system. wouldn't it make sense for us to say publicly that if you do that again, we will crash your entire financial sector. i mean, isn't that the kind of thing that we should be looking at in terms of raising the cost? it seems to be if you're an authoritarian regime you can lie about who is doing it, but the cause of action all these attacks is almost minimal because we don't react. should we maybe look at being a little more public and upping the ante and say if you do this, north korea, iran, china, we will respond? you know, and some of these countries i'm sure we could crash the whole economy. i mean, what would be a problem with that kind of deterrence that makes it a little more transparent but raises the cost dramatically? that, of course, if we announced that, we would have to act.
i'm curious, any other panelists, what would you think of something a little more transparent from our perspective? we have a disadvantage when we are dealing with the authoritarian regime july's? >> the deterrent action may need to be fairly proportional with the action is intended to deter because it will have credibility otherwise. if we say because the iranians are attacking some of our banking sector that would go and crash their financial system, that might be disproportional and, therefore, they don't find that to be a credible threat. if we did it, it may deter further action but it may be seen by the international tenet has been highly disproportionate. so we may need to come up with a more proportional reaction to things like that so the adversary would say he would do that. this is something that united states could do in response. that gets to where maybe the response needs to be not in cyberspace but in another domain. for example, electronic warfare jamming, small attacks on oil
infrastructure, those could all be undertaken with relatively small amount of collateral effects while also demonstrating the resolve of the united states and being able to do something that they would find to be credible and that we could repeat but that does not cause such a huge damaging reaction that people are not going to believe we would ever use it. >> the challenge in this is not the mutual in terms of the old bad mutual assured destruction. for example, we are far more vulnerable to cyber attack that north korea but that's actually a good thing because we are integrated with the global economy. we have freedom, all these other things. we would want to be in a position that they are in. recognizing the lack of mutuality, but i would add one more important thing when we talk about offense and steering cyber command to taking on these roles, into the lead, it's moving it and us away from its
role in clearwater itself. at the determinate of success or failure in future wars with cyber when i think about individual but how it is integrated with other war fighting capacity. the more you focus on the power grid, the less it is integrating that cyber capabilities in terms of -- using it to take down an air defense so it is cohesive with their war plans going over as for israel was doubled off an operation orchard. what i'm getting at is be careful of steering cyber command more and more towards civilian roles. it may lead us to success in non-war, but set this up for a fall in real war. >> i just want to add some clarity to that to make sure that at least from my perspective you understand, because where you can get a virtual entity to help is to do their part. that's the working and the
effort. but cyber command in our defense department can't work without the energy sector. if that is shutdown we've got a problem. our defense department needs to defend the nation in this area. i'm not proposing that they go in and prop up an energy company or any of these. help them build provide cyber secrets we know they can defend themselves and call for help when they need it. and then push that out beyond the boundary. but i think our defense department have to think more comprehensively this whole thing or i agree going after all the targets and stuff is part of it but my concern is the easy thing if i were a bad guy, i would just go after our infrastructure. i would take it out before you could respond. and that's what the chinese approach to warfare is. so i think where to put all that on the table working, then ensure we have the correct for cyber command. >> thank you. thank you, mr. chairman. >> i want to thank all of you for being here. appreciate it. i wanted to follow-up, general
alexander, on something that you and your prepared statement and he wrote for russia's intervention in ukraine and in syria, this in conflict, just the the start of a series of actions that seek to reshape the international environment. so i wanted to get your assessment based on all your experience of what comes next with moscow and what should we be doing to respond to? >> my greatest concern is eastern ukraine, i think everything that is going on is for putin to get more closure on eastern ukraine where the weapons platforms that he really cares about are created. i think he wants control of that, and i think by pushing what he's done is going to continue to go for that. there is nothing that i seem to indicate he's going to stop from doing that and i think people like you will do everything he can imagine help make that happen. syria is a great way to push come think of it as a faint.
he can account for some real object is there between iran, syria and russia, it is doing that i helping to shape what he thinks are the best proxies for russia, syria and iran come in the region. so he wins twice but it takes our focus off the eastern ukraine. people are still dying there, and focuses everybody on syria. i would not be surprised if over the next six months we see some more action in eastern ukraine at the same time. with respect to syria what i'm really concerned about is that tension that creates up. we get to a point where we have to fire back against russia or iran for the actions in syria. if we do that i think we're going to see the response in cyber. i really do. i think it will come, because there's no way iran can come after us. they can launch terrorist attacks. we've been very good at stopping those but they can hit us with cyber. goes back to what's a credible deterrent. what happens if they change
their approach from disruptive attacks against financial sector, to destructive against the financial and the energy. >> i guess i would come anyone who wants to comment on this, but as i to discuss this i think if we let him continue to do this without any response as far as i can see, doesn't this almost become a fait accompli which we see ourselves head in this direction which is going to require, put us in a more dangerous situation? so what, if you advising right now, the president, what would you tell him to do to respond to put in? >> i wouldn't say we focus back on ukraine. so syria is obviously a very dynamic and difficult situation, but ukraine is a situation where we have a friend of the united states, not an ally but a part of that is under threat and attack by russia, and providing ukrainians decade ago to better
defend themselves into electronic an electromagnetic spectrum as well as in cyber would be really important to giving them the capability to defend themselves and disrupted the russian attempts to gain more territory. and that would force putin cannot refocused his effort accounted that and make a determination as to whether he is going to be resolved and continue in ukraine or if he will eventually receive. right now because we've not been focused on it he has been able to great influence without any counter. >> if i could, i agree. i think our vital interests in eastern europe and inabilities are at risk. i think we've already had some outcomes of every media. having some do with iran to stop nuclear weapons is a board. we lost some our allies in doing this. and losing those allies is something we cannot afford to have happen. i think went a step back and see what's our strategy for both. we're going to have to deal with both at the same time in the
middle east we need our allies to know we're going to stand beside them. it's the same thing in eastern ukraine. because everybody is looking at it. basic unit made all these declaration about nader, about you will be there for us, so what happened what are you going to be there? and at times unintentionally our actions may look like we are not. what i'm concerned about when you talk to the saudi committee israelis and others they think hold it, or you're with us or argue with iran? what's your objective? i think we have to clarify that our nation needs to let our allies no, we are there for dinner i think that's the first and most important thing we should do. we should discuss how we're going to stop issues in ukraine with nato, and what we're going to do in the middle east too sure of our allies there. >> does anyone want to add to that? >> i would just add that the last several decades of u.s.
foreign policy strategy, defense strategy has been focused on the challenge set up networks of individuals, criminals, insurgents, terrorists, and the problems that have failed the states. and moving toward we will have to recognize that whether it's a rush or also china we have a return to great state competition. what that means is that when we look at certain areas we need to look at it through evidence of not just a failed state by proxy warfare as well. and i think we are seeing certain echoes of that and we need to be absorbed the lessons from the past of what does and doesn't work in proxy warfare and reframe our approaches along those lines. and on top of this is focusing on how do you keep compounded when the competition but also keep a lid on it from escalati escalating? >> thank you all. appreciate it. >> general, just to follow up on your comment to senator ayotte.
use a 2-wood have to take some actions to reassure our allies, or other nations in the region in the middle east. what actions would those be? >> i think we need to reach out to saudi arabia, united arab emirates, kuwait, jordan and sit down and say we are here. i think some of the things about this -- >> we say that all the time either way. >> and then put in place, we look at and you look at egypt, perhaps some of best comment i've heard on a strategy for egypt was how to get instability? how do you get them security? you've got to have energy to grow with jobs. you got to give these guys jobs. 24% in the point is that for us. it's bad for the world. how do we help the middle east taken place? they have enough money to do it. we have the expertise to help them get there. we have to look at the security, stability, energy sector and the jobs come and economic development for the middle east
to get into a place where they could be looking forward to the future versus finding all these issues we've seen with radical islam. so i think a comprehensive program like that led by our country and others in the middle east is a step forward and let them know we are going to be there, not just for a couple of hours but for the next several decades. >> right now the egyptian regime is becoming more and more repressive. 45,000 people in prison, no semblance of a really progress on a number of areas, which are in contradiction to our fundamental principles. >> we believe this program at this point as the u.s. senate is about to gavel in ticket the day started. lawmakers continue work on a resolution expressing disapproval of the epa rule governing streams and wetlands. the senate yesterday failed to
block similar legislation for a final vote on the disapproval resolution is expected today at noon eastern. and now to live coverage of the u.s. senate here on c-span2. the presiding officer: the senate will come to order. the chaplain, dr. barry black, will lead the senate in prayer. the chaplain: let us pray. lord, of us all, everything belongs to you. use our lawmakers today to