Vice Adm. Mike Rogers, who also has been nominated to take over U.S. Cyber Command, provided little new insight into how he would handle planned changes of the NSA's surveillance programs.
Several senators questioned Rogers about a breach of an unclassified Navy computer network, which occurred last summer, and he acknowledged it was "significant." Officials have blamed the incursion on Iran, but Rogers would not confirm that Tehran was behind it. He said, however, that "in this case, they did not opt to engage in any destructive behaviors. And my concern from the beginning was, well, what if they had decided that was their intent."
Officials have provided little detail on the breach, but said hackers got into the system by taking advantage of vulnerabilities in the network.
Rogers, a former intelligence director for the Joint Staff and the current head of the Navy's Cyber Command, said the damage done by the breach was "of concern," and added that he ordered a broader response that would do more than simply remove the hackers from the network to prevent another breach.
Defense officials have acknowledged it took about four months - until early November - to purge the hackers from the network.
"The geopolitical consequences of such an attack should really be profound," said Sen. James Inhofe, R-Okla. "However, it remains unclear what, if anything, this administration would do in response to such behavior. Would a similar penetration by the Iranians' warplanes into American airspace be treated with such ambivalence? I would hope not."
On the planned changes to the NSA's data collection programs, Rogers said a key concern would be to maintain the ability to quickly run queries through the data "to generate information and insight in a way that enables us to act in a timely way."
"There are definitely some challenges we'll need to work through, but I'm confident in our ability to do so," he told the committee. And while he pledged to make the NSA's activities more transparent to the American public, he also warned senators that doing so without revealing classified intelligence is not an insignificant challenge.
While the president has the authority to appoint an NSA director, Rogers needs confirmation by the Senate in order to get a fourth star and take over Cyber Command.
Rogers has been nominated to replace Army Gen. Keith Alexander, who is retiring after nearly nine years as NSA director. Alexander also became the first commander of the Pentagon's Cyber Command, which was set up in 2010.
President Barack Obama has called for changes to the phone data collection program, which sweeps up the metadata for every phone call made in the U.S. The metadata is the number called, the number from which the call is made and the duration and time of the call, but not the content of the call or the callers' names. Turning over custody of the data from the government to a third party is among the changes under consideration.
Rogers and Gen. Paul Selva, who has been nominated to take over U.S. Transportation Command, also described ongoing concerns with the Russian military intervention in Ukraine. Rogers declined to provide details on any Russian cyberattacks against Ukraine but agreed that cyberintrusions are an element of almost any crisis, and "I believe we see it today in the Ukraine."
Selva said the U.S. is prepared to move cargo in and out of Afghanistan without going through Russia, if it becomes necessary. He said his biggest concern is that about 20 percent of food and noncombat items move through the northern distribution route that crosses Russia.
"We'll have to look at other options than the overflight or transit through Russia should the conduct in the Ukraine continue," Selva said.
Another 20 percent of the food and noncombat items travel through other northern routes that swing westward and do not go through Russia.
Selva added that he believes the military is on track to get equipment out of Afghanistan as the U.S. winds down the war. And he said military leaders can wait "through the early fall" before having to make a final decision on whether the U.S. will have to pull all troops out of the country by the end of the year. At that point, he said, the U.S. would still have sufficient ability to get cargo out of the Afghanistan using a variety of different routes and methods.
Afghan President Hamid Karzai has refused to sign a critical security agreement with the U.S. that would allow American troops to remain in Afghanistan after 2014.
In other comments, Rogers offered a grim assessment of the growing cyberthreat against the United States, and the government's abilities to overcome the risks.
He said he believes enemies may consider the U.S. "an easier mark" because the procedures and requirements governing how the nation can respond to a cyberattack "lead the adversary to believe, rightly or wrongly, that we do not have the will to respond in a timely or proportionate manner," even if it's clear who launched the breach.
Rogers also says that improvements are being made to staffing and resources for Cyber Command.