Pentagon and intelligence community chiefs have urged Obama to remove the head of the NSA
National Security Agency Director Adm. Michael S. Rogers speaks at the third annual Intelligence and National Security Summit in Washington in September. (Gary Cameron/Reuters)
By Ellen Nakashima November 19 at 2:15 PM
The heads of the Pentagon and the nation’s intelligence community have recommended to President Obama that the director of the National Security Agency, Adm. Michael S. Rogers, be removed.
The recommendation, delivered to the White House last month, was made by Defense Secretary Ashton B. Carter and Director of National Intelligence James R. Clapper Jr., according to several U.S. officials familiar with the matter.
Action has been delayed, some administration officials said, because relieving Rogers of his duties is tied to another controversial recommendation: to create separate chains of command at the NSA and the military’s cyberwarfare unit, a recommendation by Clapper and Carter that has been stalled because of other issues.
The news comes as Rogers is being considered by President-elect Donald Trump to be his nominee for director of national intelligence to replace Clapper as the official who oversees all 17 U.S. intelligence agencies. In a move apparently unprecedented for a military officer, Rogers, without notifying superiors, traveled to New York to meet with Trump on Thursday at Trump Tower. That caused consternation at senior levels of the administration, according to the officials, who spoke on the condition of anonymity to discuss internal personnel matters.
The White House, Pentagon and Office of the Director of National Intelligence declined to comment. The NSA did not respond to requests for comment. Carter has concerns with Rogers’s performance, officials said. The driving force for Clapper, meanwhile, was the separation of leadership roles at the NSA and U.S. Cyber Command, and his stance that the NSA should be headed by a civilian.
In a speech before the National Press Club on July 16, the director of the National Security Agency, Adm. Michael S. Rogers said that the agency is increasingly involved in responding to cyber threats. (C-SPAN)
Rogers, 57, took the helm of the NSA and Cyber Command in April 2014 in the wake of revelations by a former intelligence contractor of broad surveillance activities that shook public confidence in the agency. The contractor, Edward Snowden, had secretly downloaded vast amounts of digital documents that he shared with a handful of journalists. His disclosures prompted debate over the proper scale of surveillance and led to some reforms.
But they also were a black eye for an agency that prides itself on having the most skilled hackers and cybersecurity professionals in government. Rogers was charged with making sure another insider breach never happened again.
Instead, in the past year and a half, officials have discovered two major compromises of sensitive hacking tools by personnel working at the NSA’s premier hacking unit: the Tailored Access Operations. One involved a Booz Allen Hamilton contractor, Harold T. Martin III, who is accused of carrying out the largest theft of classified government material. Although some of his activity took place before Rogers arrived and at other agencies, some of it — including the breach of some of the most sensitive tools — continued on Rogers’s watch, the officials said.
Martin’s alleged theft was discovered when some of the tools he is accused of stealing were mysteriously released online in August. They included computer code based on obscure software flaws that could be used to take control of firewalls and networks — what one former TAO operator called “the keys to the kingdom.”
Martin, who moved from the NSA to a job in a Defense Department acquisitions agency last year, was arrested in August. The news broke last month.
A federal contractor suspected in the leak of powerful National Security Agency hacking tools has been arrested and charged with stealing classified information from the U.S. government, according to court records and U.S. officials familiar with the case. (Monica Akhtar/The Washington Post)
But there was a second, previously undisclosed breach of cybertools, discovered in the summer of 2015, which was also carried out by a TAO employee, one official said. That individual also has been arrested, but his case has not been made public. The individual is not believed to have shared the material with another country, the official said.
Rogers was put on notice by his two bosses — Clapper and Carter — that he had to get control of internal security and improve his leadership style. There have been persistent complaints from NSA personnel that Rogers is aloof, frequently absent and does not listen to staff input. The NSA is an intelligence agency but part of the Defense Department, hence the two overseers.
FBI agents investigating the Martin breach were appalled at how lax security was at the TAO, officials said. “[Rogers] is a guy who has been at the helm of the NSA at the time of some of the most egregious security breaches, most recently Hal Martin,” a senior administration official said. “Clearly it’s a sprawling bureaucracy . . . but I think there’s a compelling case that can be made that some of the safeguards that should have been put in place were either not fully put in place or not implemented properly.”
At the same time, Rogers has not impressed Carter with his handling of U.S. Cyber Command’s cyberoffensive against the Islamic State. Over the past year or so, the command’s operations against the terrorist group’s networks in Syria and Iraq have not borne much fruit, officials said. In the past month, military hackers have been successful at disrupting some Islamic State networks, but it was the first time they had done that, the officials said.
The expectation had been that Rogers would be replaced before the Nov. 8 election, but as part of an announcement about the change in leadership structure at the NSA and Cyber Command, a second administration official said.
“It was going to be part of a full package,” the official said. “The idea was not for any kind of public firing.” In any case, Rogers’s term at the NSA and Cyber Command is due to end in the spring, officials said.
The president would then appoint an acting NSA director, enabling his successor to nominate their own person. But a key lawmaker, Sen. John McCain (R-Ariz.), the chairman of the Senate Armed Services Committee, threatened to block any such nominee if the White House proceeded with the plan to split the leadership at the NSA and Cyber Command.
The rationale for splitting what is called the “dual-hat” arrangement is that the agencies’ missions are fundamentally different, that the nation’s cyberspies and military hackers should not be competing to use the same networks, and that the job of leading both organizations is too big for one person.
But McCain is concerned that placing Cyber Command under its own leadership will hinder its effectiveness, as it is highly dependent on the NSA for capabilities.
Meanwhile, in February, Rogers announced a major reorganization, which he called NSA21, at the NSA to better adapt to the digital age. He has merged the agency’s spying and hacking arms with its computer-security division into one Directorate of Operations. That reorganization has only intensified the discontent that has marked Rogers’s tenure at the agency, current and former officials said.
“The morale is horrible,” one former senior official said. Especially during a period of change, a leader needs to be present, the official said. “Any leader knows that when you institute change, you have to be there. You have to help heal the wounds, be very active. He was not.”
But Saxby Chambliss, a former Republican senator from Georgia who served on the Select Committee on Intelligence, said that he thinks highly of Rogers. “When it comes to the world of cyber, there’s nobody more capable than Mike Rogers in the military world today,” he said.
Nonetheless, Rogers has seen other embarrassing network breaches on his watch. In 2013, Iranian hackers managed to penetrate the Navy’s unclassified network when Rogers was head of the 10th Fleet/Navy Cyber Command, the unit responsible for protecting the Navy’s networks. It took months to expel the attackers.
Rogers is a Navy cryptologist whose military career spans 35 years. He began his career as a surface-warfare officer in 1981. A Chicago native, he also has served as head of the Chairman’s Action Group, an in-house Pentagon think tank to advise on policy and long-term issues, under then-Chairman of the Joint Chiefs of Staff, Gen. Peter Pace, and as director of intelligence at Pacific Command and then on the Joint Staff.
Ellen Nakashima is a national security reporter for The Washington Post. She focuses on issues relating to intelligence, technology and civil liberties.