Dec 16, 2020 - Politics & Policy

House Armed Services is paying more attention to cybersecurity — after big hack

Rep. Adam Smith.

Rep. Adam Smith. Photo: Scott J. Ferrell/Congressional Quarterly/Getty Images

House Armed Services Committee Chairman Adam Smith has outlined a plan for his body to improve its oversight of cybersecurity, although experts say suspected Russian cyberattacks show the focus is late in coming.

Why it matters: The alleged Russian penetration of the Pentagon and Treasury Commerce, State, Homeland Security and other departments shows the sweep of digital warfare and the need for an all-hands, all-of-government response.

The proposal being presented by Smith (D-Wash.) calls for splitting the existing Subcommittee on Intelligence and Emerging Threats and Capabilities into two more subcommittees. The changes would take effect next month when the 117th Congress convenes.

  • The Subcommittee on Future Defense Technologies would focus on the cybersecurity of Defense Department networks and weapons systems. It would oversee $31.5 billion in federal spending.
  • The Subcommittee on Intelligence and Special Operations would focus on the security of national and defense intelligence programs and activities. It would oversee $17.3 billion in spending.

Recognizing how important these issues are, they deserve greater emphasis," a committee spokeswoman told me. "With them all under one umbrella, it can be difficult to focus on them all equally."

Background: The committee highlighted its renewed focus in September when it published an 87-page report naming Russia the "most immediate threat" currently to U.S. national security — and China within the next 20 years.

  • Armed Services followed up by seeking the designation of a national cyber director, a new position that was included in the National Defense Authorization Act just passed by Congress.

But, but, but: Experts tell Axios the committee's focus is a little late.

  • “These attacks that just came out in the news, and we’ve been seeing over the last year, are basic, straightforward attacks that are compromising known vulnerabilities and we’re just not fixing to the level that we need to," Eric Cole, CEO of Secure Anchor Consulting, told Axios.

Other experts say they hope the committee looks more broadly, and advocates for an international accord policing the worldwide cyber community.

  • "China, North Korea, Iran and Russia, when the finger points to them they have a press statement that basically says 'We're not behind this. These are false accusations. We don't condone this.' Well if you don't condone it, then condemn it," said Theresa Payton, former White House chief information officer under George W. Bush.
  • "This isn't going to stop if there is no repercussions," she said.
Go deeper