The director of the National Security Agency, Gen. Paul Nakasone, often speaks about “persistent engagement” as a way to keep up pressure on adversaries in cyberspace. Since he took over last year, the spy agency has been pursuing a more assertive approach.
The head of the National Security Agency, Army Gen. Paul Nakasone, has a catchphrase: “persistent engagement.”
This covers a broad spectrum of cyber activities at the nation’s largest spy agency. But at its core, it means relentlessly tracking adversaries, and increasingly, taking offensive action against them.
“That’s the idea of persistent engagement. This idea of enabling and acting,” Nakasone recently told NPR. When he took over the agency last year, he said that rivals didn’t fear the U.S. in the cyber realm, and he intended to change that.
To get a glimpse of how Nakasone is fostering a more aggressive cyber strategy, NPR paid a visit to the expansive compound in Ft. Meade, Md.
You can still smell the fresh paint when walking the long, whitewashed corridors of the Integrated Cyber Center, the newest building on the compound.
“Technology is ever changing, national security threats are ever changing. And for us to be effective, we need to be as agile, ideally one step ahead of that. We’ve adapted to that next threat,” said Anne Neuberger, a senior NSA official.
Neuberger, 43, worked in financial services before joining the NSA a decade ago. Almost every job she’s had at the agency has involved launching a major new project.
She helped establish U.S. Cyber Command, the NSA partner dedicated to cyber actions abroad. She then served as NSA’s first chief risk officer. She’s part of the NSA’s Russia Small Group, a task force created in the wake of Russia’s election interference.
Nakasone has just tapped Neuberger to lead the new Cybersecurity Directorate, which launches in October. Broadly speaking, it’s intended to bring together the NSA’s full range of cyber capabilities, offensive and defensive. She’s intentionally vague on the details. But she does link her work to Nakasone’s larger theme of “persistent engagement.”
Anne Neuberger has helped establish several major projects at the NSA over the past decade. She’s now been tapped to head the new Cybersecurity Directorate.
Courtesy of NSA
Courtesy of NSA
Courtesy of NSA
“Knowing that we’re not waiting for the incident, we’re tracking, we’re understanding, we’re degrading their capabilities, their ability to operate in a way that hopefully prevents that key attack,” she said. “So when he says ‘persistent engagement,’ that’s what he means.”
She spoke near the Joint Operations Center, a cavernous hall with staffers in circular pods of desks. Huge wall screens feature cable news channels and flash updated information.
I’m allowed to watch briefly through windows overlooking the floor. Then, with the flick of a switch, the windows frost over, obscuring everything inside.
The key threats
“The four main threats that we’re concerned about from a cybersecurity perspective are China, Russia, Iran and North Korea. That’s not necessarily the totality of everything that we deal with. But those are certainly the big ones,” said Josh, a member of the NSA’s Cybersecurity Operations Group who is only allowed to be identified by his first name.
He’s in blue jeans and a short-sleeve shirt, untucked. Shaving hasn’t been a priority this week.
The new Integrated Cyber Center at the NSA. The agency describes the four main cyber threats as coming from China, Russia, Iran and North Korea.
Courtesy of NSA
Courtesy of NSA
Courtesy of NSA
Civilians like Josh account for about 60% of the NSA staff. They work alongside the roughly 40% that are military. It leads to an odd mix of cultures.
Down in software development, where Josh used to work, “jeans, T-shirt and flip-flops was pretty standard attire,” he said.
Elsewhere at the NSA, male staffers are usually in “slacks and a button-down. Of course, if we’re down at the White House for a National Security Council meeting, you’re in suit and tie. So you have the full gamut.”
The NSA is a big place and getting bigger. The agency is considered to have the world’s greatest concentration of supercomputers, operated by an army of computer scientists, mathematicians and linguists. Since its formation just after World War II, the NSA has shared as little as possible with the public.
James Bamford has written four investigative books about the NSA. When he wrote the first one in the 1980s, even “the name of the NSA was considered secret,” he said. “They were enormously paranoid. They threatened me twice with prosecution for writing my book.”
“They’ve moved gradually over the years to be more open. But I think each time it’s been forced on them through scandals and through Congressional hearings and oversight and so forth,” Bamford said.
Revelations in 2013 by then-NSA contractor Edward Snowden unleashed a powerful backlash against the agency. He raised a host of privacy issues, some of them still a source of fierce debate.
The 2015 USA Freedom Act, the law that allows the NSA to obtain U.S. phone records of terrorism suspects, expires at the end of the year. A battle is already brewing over whether it should be extended.
Neuberger said these concerns aren’t lost on the NSA.
“We are a surveillance agency in a democracy,” she said. “The risk of losing public understanding of what we’re doing, public trust and who we are as an organization is something that has to be forefront in our mind.”
When the NSA detects bad actors abroad, that information increasingly needs to be shared with the public, with U.S. companies and others being targeted.
Nakasone says he sent cyber warriors to Europe last fall to protect against Russian interference in the U.S. mid-term elections.
The U.S. reportedly unleashed a cyber attack on Iran after it shot down a U.S. drone in June.
This all points to the growing role of cyber in national security, and the NSA says it’s built a pipeline to attract top talent.
Cynthia Miller, the head of human resources, said the agency partners with more than 200 universities, funding academic programs and research.
“So we of course recruit a lot of people from those schools,” said Miller.
The NSA doesn’t divulge the size of its workforce, though it’s believed to be around 40,000. The NSA does not specify its budget, either, though it is routinely described as the country’s largest spy agency. The overall U.S. intelligence budget is around $60 billion annually.
Miller does volunteer that the agency has hired around 2,000 new staffers this year — many just out of college or graduate school — making this one of the largest intakes ever.
The bigger challenge is retaining talent.
“I’m not gonna be able to pay you what Google, Amazon or any of those type of companies can pay you and I don’t even attempt to have that discussion,” said Miller. “What you do get here that you can’t get anywhere else is the contribution that you make to the United States of America. That’s huge, thank goodness.”
Josh, from the cyber operations team, left the NSA several years ago to join a startup. But he came back, even though it meant a pay cut.
“There are those nuggets that you get to see here that nobody else gets to see, and there’s an excitement factor to that,” he said.
Josh added that the Islamic State attacks in Paris, which killed 130 people in 2015, prompted his decision to return. He came back to an operation that’s crippled ISIS online, just as it was beaten back on the battlefield.
Greg Myre is a national security correspondent. Follow him @gregmyre1.Share