Pentagon officials float possible NSA, Cyber Command split

The debate on the dual hat is back on.
U.S. cyber command
Cyber-warfare specialists serving with the 175th Cyberspace Operations Group of the Maryland Air National Guard engage in weekend training at Warfield Air National Guard Base, Middle River, Md., Jun. 3, 2017. The military and intelligence community are fighting over the future of government-backed hacking. (U.S. Air Force photo by J.M. Eddins Jr.)

Officials at the Department of Defense have floated a proposal in recent days that could sever the dual-hatted relationship between the National Security Agency and Cyber Command, according to a U.S. official.

The NSA, the Defense Department’s foreign signals intelligence agency, and Cyber Command, the department’s offensive cyber arm, are currently both led by Gen. Paul Nakasone in an arrangement that allows them to share resources and coordinate on priorities, such as protecting U.S. elections against foreign meddling.

A proposal to end that arrangement was circulated among Pentagon officials in recent days, according to The Wall Street Journal. DefenseOne first reported the news Saturday.

Whether Defense Department officials intend to follow through on the idea remains unclear.


Separating Cyber Command from the NSA is something lawmakers, the military and the intelligence community have mulled since the creation of Cyber Command a decade ago. Some, including Gen. Nakasone, have said they see the dual-hatted structure as a powerful partnership. Nakasone has said previously that working together allows the NSA and Cyber Command to more effectively share indicators of digital compromise and collaborate more effectively with other agencies, including the FBI, on national security matters.

Critics of the current organization say it can introduce bureaucratic red tape and that it pits espionage and military priorities against one another. While the NSA may want to maintain access to targets for surveillance, for instance, Cyber Command’s mission, at times, is to disrupt targets.

Although the prospect of separating the two has been raised on several occasions in recent years, the renewed interest in possibly separating the NSA and Cyber Command comes as the U.S. government is currently working to respond to a sweeping software supply chain attack. The proposal to reorganize Fort Meade, where Cyber Command and the NSA are co-located, also coincides with efforts to transition in a new administration.

The supply chain attack, in which suspected Russian hackers distributed malware to potentially tens of thousands of victim organizations, including a range of U.S. government agencies, is so extensive that the White House National Security Council activated an emergency response group to triage the damage in recent days. National security officials also have continued to brief President-elect Joe Biden on the extent of the damage.

In a tweet Saturday, President Trump claimed without evidence that media reports have exaggerated the size of the incident.


The notion is raising concern on Capitol Hill, in part because there are congressionally-mandated standards that the Defense Department must meet before going through with any split. The standards are in place to ostensibly ensure that a split would not reduce Cyber Command’s military effectiveness.

The chair of the House Armed Service Committee, Rep. Adam Smith, D-Wash., said in a statement Saturday he is “profoundly concerned about reports that the Department is unilaterally seeking to end the dual-hat relationship between the National Security Agency (NSA) and U.S. Cyber Command (CYBERCOM) without consulting Congress or meeting the conditions required by Law.”

Smith sent letters to Acting Secretary of Defense Christopher Miller and Chairman of the Joint Chiefs of Staff General Mark Milley earlier this week to request they not separate the NSA and Cyber Command.

Miller and Milley would need to certify the move fulfills congressionally-mandated conditions before any split could take place.

A Pentagon spokesperson declined to comment on the reported proposal.

Shannon Vavra

Written by Shannon Vavra

Shannon Vavra covers the NSA, Cyber Command, espionage, and cyber-operations for CyberScoop. She previously worked at Axios as a news reporter, covering breaking political news, foreign policy, and cybersecurity. She has appeared on live national television and radio to discuss her reporting, including on MSNBC, Fox News, Fox Business, CBS, Al Jazeera, NPR, WTOP, as well as on podcasts including Motherboard’s CYBER and The CyberWire’s Caveat. Shannon hails from Chicago and received her bachelor’s degree from Tufts University.

Latest Podcasts