National Intelligence Director James Clapper; Mike Rogers, the Chief of NSA’s Cyber Command, and Marcel Lettre, a Defense Undersecretary for Intelligence testified today to the U.S. Senate Armed Services Committee. The overall theme of the hearing was supposed to be Russian interference in the recent presidential election in the United States. As it turns out, the intel community has not yet completed its study. Nevertheless, a few notes on the hearing are provided below.
The intelligence community has concluded that Russia interfered with the election and that the plan was directed and planned directly by the Kremlin, including with knowledge of the President of the Russian Federation.
No proof was offered, because to offer the proof would destroy intelligence collection methods.
This was a long testimony. Here, the intent is only to report on what was said, that is, the major conclusions that have been made by the intelligence community regarding Russian hacking. The set-up to the testimony by Senator John McCain was tricky. He stated that attacks against election emails were “consistent” with Russian techniques of hacking, but he did not say the hacks were Russian.
2,000,000 personnel records of the U.S. government were stolen by China, according to McCain. “Indecision and inaction” has thus far been the U.S. response. The cost needs to be raised for conducting cyber attacks against the United States. The opening statement from the Democratic side blamed election problems on Russia. These statements were made by Jack Reed, Democrat, Rhode Island, who argued also that Russia takes these actions because democracy is a threat to countries near to Russia, which is in what it claims is its “sphere of influence”.
Marcel Lettre. Threats. DOD defines 5 challenges. Russian coercion and aggression, particularly in Europe. Historic change in Asia Pacific. Risks with China’s destabilizing actions there. Iranian influences in Middle East. North Korea nuclear provocations. And Terrorism fighting, ISIS and Al Qaeda. All of these present a cyber threat.
The DOD strategy is to maintain dominance in this domain. Three missions: Defend DOD networks; giver cyber options to commanders; defend US against cyber attacks. “Cyber Mission Force” now is operational.
Clapper (DNI). Regarding Russian interference in the electoral process. Said that the Russian tools detailed in the NCCIC report showed how they influenced the election. Russia has increased cyber espionage operations, and has leaked crucial data. China continues to attack US government and US companies. Iran and North Korea continue improve their capabilities. ISIS is using Internet to collect funds, broadcast propaganda, and recruit new members. Cyber attacks can also change or alter information. All of this chips away at the public trust. All instruments of power should be used to respond to cyber attacks. Using cyber to counter cyber attacks. Recommends separating NSA and Cyber Command.
Rogers (Cyber Command and NSA).They are awaiting the findings of a joint intelligence review. Their conclusions still have not been collected. Russian cyber groups have “a history of aggressively hacking into others’ governments”.
McCain first started to discuss Julian Assange. Confirmed that Wikileaks published names of people who had their lives put in danger. No credibility should be attached to his views, according to Clapper, Rogers and McCain. McCain does not believe Russian actions
“They did not change any vote tallies; we have no way to gage the impact it had choices of the election.” Would that be act an of war if elections were changed? That is a “very heavy policy call”, but it definitely should carry great gravity. No one seems to know what to do if there is a cyber attack. They report it, but remain bystanders.
A “deterrence and response” framework needs to be put into place. There is a conclusion that the Russians interfered in the election. CIA, NSA and DHS will create joint report. They DO conclude that Russia interfered in the election. Rogers (NSA) said largest problem is “speed; speed and speed”.
Fake news sites; fake news stories also were part of Russian actions. A multi-facited campaign. Hacking was only one part of it. It also included classical propaganda, disinformation, and fake news. Russian’s used “classical tradecraft”, particularly for misinformation, to hide source of the news information.
“People in glass houses should not throw too many rocks”. The attack against the Office of Personnel Management (OPM) was an act of espionage, not a cyber-attack. We do the same type of espionage. “Large data sets have become a particular high priority target” because “it is possible to mine the data”, according to Rogers.
The implication of Clapper’s statement is that cyber-espionage is not an “attack”. This is because every nation does it.
“If there is any connection with the Internet, there is an inherent security vulnerability,” according to Clapper.
Senator Nelson (Florida) compared cyber war to nuclear war. He argued that there is “no deterrence” in the field of cyber. A cyber response to a cyber act “may not be the best response”, according to Clapper. Also, you never know “what kind of cyber-retaliation” will be bought back from the other side. “All instruments of national power” should be used.
If a country launches a cyber counter-attack, then it is necessary to use the infrastructure of other countries, and this brings up a variety of legal issues.
Senator Claire McCaskill, Missouri Democrat, was highly critical of any contact with Assange. He is under indictment by Swedish government for sexual crimes. He exposed information that put people at risk. The “people in the intelligence community do not have much respect for him.”
CONCLUSIONS
The intelligence community has not yet completed its report. There appears to be a significant amount of evidence that Russia participated in the election, but there is no hard evidence yet presented. The key actors that oppose the United States are (1)~Russia; (2)~China; (3)~North Korea; and (4)~Iran.
One theme emphasized several times was that there is little strategy developed for responding to cyber attacks. “We don’t have a strategy.” Also, the coordination needed for a response is very complicated, and takes too long. This prevents the United States from have a coherent and effective response to a cyber attack. “We are being hit repeatedly because the benefits outweigh the cost”.
There also were indications that the intel community may have an idea of what happened inside the Kremlin. This will not come to light, because it obviously would give away too much information about “sources and methods” of intelligence collection.
In addition, there is no policy of responding to acts of espionage because we do the same.
Bottom line: The current thinking is that the Russians at the highest levels approved of and directed the hacking campaign against the United States. In this context, it means President Putin himself. This is not really good news. Clapper sees Russian actions as being in the same tradition as the Cold War, like what happened in the 1960s.
Below is a rough sketch of the categories of cyber activities under discussion.
PROSPECTS FOR CYBER ARMS CONTROL
There are two ways to think about the election hacking. First, there are arguments that political activity should be considered to be a “critical infrastructure”, and the consequence of this would be that such hacking would be considered to be an aggressive attack against the country. Second, the current line of thinking is that espionage (passive information collection) should be separated from collection of commercial industrial espionage, or political interference.
In the Cyber War Matrix, above, cyber arms control would apply to the warfare rows. There will never be any international agreement to limit espionage or active measures.
Note: This blog was originally posted on cyberarmscontrolblog.com January 6, 2017