Skip to main content

tv   Key Capitol Hill Hearings  CSPAN  September 30, 2015 4:00am-6:01am EDT

4:00 am
state of florida. we can balance economic interests and environmental progress but don't stifle it because you are upset that american entrepreneurialism american exceptionalism has created a booming energy sector that you don't like is you want to be able to pick the winners and losers from washington d.c. and impose your will on the rest of the country. that's not how america works. america works far better from the bottom up rather than top down. let's unleash this entrepreneurial spirit and use of federal lands and i will promise you that i will do that as well. [applause] the final suggestion i have is that there should be greater deference to the state. in this world where everything is all the smart people apparently in the age of obama reside in washington d.c.. the rest of us are just kind of in awe of their raw intelligence and a great capabilities to tell us how we are supposed to live
4:01 am
our lives. we need to turn that upside down it is for janelle wants to allow our federal waters off the coast to be able to develop that because they believed that will help them grow their economy than there should be some difference of recognition that virginians know what's going on. they don't want to destroy their beaches in their natural environment. if alaska wants to do the same thing then there should be some deference rather than imposing the will from washington d.c.. when i'm elected president of political hacks and academics are going to take the backseat. the people that will be making these decisions who might have practical experience in the real world and i apologize but i think that's the best thing to do. [applause] so here's my aspiration. i believe we can create a million 21st century manufacturing jobs with the lowest most abundant source of energy in the world. i believe we can continue to
4:02 am
give the middle class of this country the greatest -- they have had in last six years which are lower gasoline prices and lower power generation utility prices because that's you make a deal they have had in the last six and a half years. if we can continue to do that in a way that liberates the oil and gas producers to be able to provide continued source of abundant low-cost energy. i believe they cannot compete in a country in the world including china. i reject the notion we are in decline as a nation that we have two dixies complex things and if we do our economy will grow at 4% and we will do it in a way that will create security for the country. the one beautiful thing about proper energy strategy as it also is a defense of the homeland. there are great threats in this world right now whether it's russia trying to dominate europe by using his energy to blackmail the eastern european or western european countries for the
4:03 am
seaplanes being challenged in the south china seas, the united states needs to be strong and a strong america means we have to grow our economy at a far faster rate in energy and food security. we have food security and energy security no one will be able to out compete the greatest country on the face of the earth. thank you all for coming. [applause] >> we sat down last night and said we can ask you a couple questions who each have our own questions and i'm glad to ask them on behalf of all four of us. the first question. several years ago we were a
4:04 am
small business starting in pittsburgh so as we look at small businesses today how do your policies help grow small businesses in america? >> small businesses in america for the first time in recorded history. it may have happened in the 16th century where you guys came from in england, there might have been a time when there were businesses closing and opening. that's what it is in america today. it's tragic day this country is let the world because we are dynamic and the world doesn't work in a planned way in america. we don't plan it out real well. the responder opportunity and that's how we succeed. we are 10 steps forward, five steps forward, three steps forward, two steps back country. we are totally horrible at that and the small business sector is the one that's been hurt by all of these rules on top of every
4:05 am
aspect of the endeavor. it starts in washington but frankly some states have also imposed rules on top of everything. to start a business in california you have have to pay 800 bucks to start with and you have to do it again and again of the year. if you have a business with 10,000 bucks and you are pursuing your dream yours was probably a little bit more when you started but a lot of businesses start with borrowed money from crazy uncle harry and he gives you 10 grand and you are out killing it trying to do your best. if you have to pay $800 for an occupational license fee are tax and you have to pay another tax and you have to pay a living tax than you have to go to washington and have higher health care costs because of obamacare and the system we have. you add it all up in the small businesses don't have the accounts. they don't have the compliance offices. you guys are just starting to learn about this as a public company in the mix is harder.
4:06 am
scale is not the definition of a successful business but in that fact in america it's becoming more that way. incumbents to mind when dodd-frank imposes all kinds of rules on every borrower. they don't care because the big banks can basically share those costs over a gigantic asset they sprayed there've only been two banks formed in the last six years in america. two new banks. there's a reason for that. the complicating life shifting regulation way from washington to the state level, rick and i said that there should be an economic benefit for every rule that is imposed by believed that to have a regulatory budget in washington. if you create a budget this is what the u.k. has done. every dollar of additional cost in my mind there ought to be a dollar of savings. you should have no increase in regulation would have to have a sunset review of all the rules to have a spring housecleaning to be able to shed some of the
4:07 am
rules that might have made sense 30 or 40 years ago. putting men and women in positions of responsibility that understand the business, dentistry that they are regulating and don't have a political agenda they want to have a balanced view between protecting the water, the air or the workforce environment and the economic impact that businesses bring. bringing common sense to washington would be helpful. i'm 62 years old. i know i look a lot anger than that. you told me i was charismatic or good looking or something. so here's the deal. i was governor for eight years where we get all this stuff and small-business growth per year. we created 1.3 million new jobs during those eight years even though the government grew by -- we cut taxes. we created a "field of dreams" and people pursue their dreams and florida more than other places because of it.
4:08 am
i've been in the private sector for 33 years and the government for nine. in the practical private sector experience is what i want to bring to washington d.c.. starting a business with three people in growing its the largest commercial real estate company in south florida before they kicked me out the door. that experience was the one that was more relevant in many ways and what's wrong with washington. they hang out with the big companies. they interact with their lobbyists and their lawyers and the small businesses don't have access to them they are being hurt by all of this. it's all i've got. >> good answer. [applause] >> this question from derek who is the pessimist in the rice family. derek says supporting energy is good for companies like rice energy but how does affect america's role in the world? >> it may sound counterintuitive
4:09 am
, some people think we should import it and the net result of that is refiners get higher margins when gasoline prices are higher. exporting crude lowers costs at home. it may seem counterintuitive but if you talk to the experts they will tell you unanimously that that's the case so it's good for consumers. it's good for people working because every time you create a new market for your product whether it's gas or liquid or oil you are creating an opportunity to grow your business and invest in your own business and that creates economic opportunities for employees of rice energy and for all of the suppliers of rice energy. this community -- and for the landowners leasing of the properties and they are buying pickup trucks.
4:10 am
thanks to those royalty checks. they are able to provide for their child's education. they are saving their money so their kids can go to the university of their choice. they are doing also to things that they want to do rather than being told what they can do. there's a vitality to this that helps not just the business but the entire community in which they are serving. frankly it's also national security issue. it's going to get cold here pretty soon. not here but in estonia and in poland and in germany and romania. if you look at the keating necessities of europe it's really cold there. where did they get their gas? by and large they get it from the russians and they're basically held hostage and they can be blackmailed. they can raise their prices anytime they want and they have done it. as the ukraine people what it's like to live through a winter with russia being your sole-source of supply.
4:11 am
why not use it as a national security tool to be able to export lng to be an alternative to russia's natural gas? it's cheaper. it's cleaner if you are interested in the environment. it's less carbon-intensive than the russian gas. we are more committed to protecting the environment so we are exporting a cleaner energy source but more importantly it's in our national security interest to show resolve against russia to show support for the nato allies. when we need them they are not going to be there if we are not on their side. we should have a north-south corridor from poland to eastern europe using american natural gas as a source of our foreign policy tools. the same applies to the nation. there's no reason why this can't be an effective tool for us to ring gauge the world. this is a wonderful intersection of high wage, high growth, high job growth economy where we have benefit because we are
4:12 am
energy secured. where we lower energy prices as we use them for tool for energy secured around the world today can't think of a better deal exploiting it to the fullest extent possible. [applause] look at this guy right here. that's a heck of a picture right there. a picture of them taking pictures of me. >> the third question comes from the youngest brother ryan. ryan's question is how would your reform plan -- [laughter] >> my dad is in the aggie so i'm an aggie. [applause] >> i went to the university of texas but frankly in our family
4:13 am
because my dad's library is at texas a&m university i'm an aggie too. that's why give him such a warm embrace. >> ryan's question is how would your reform plan for government regulation affect energy workers and their families in pennsylvania? >> every dollar of reductions of a rule that creates economic benefits and achieves the social good. i'm not suggesting on record in the world to what i'm suggesting is 21st century rules rather than a complex 20th century rules allow progress to go forward which means more money in your pockets, plain and simple. every dollar that we extract from the cost of making, creating possibilities for workers and businesses creates money in people's pockets. we haven't had that. we have had 6 million more people in poverty and we have declining income for the middle of this country.
4:14 am
disposable median income is down $2000 since the day that barack obama got elected president. it's because of this massive uncertainty and the confusing rule and the cost of the rules that businesses have to share with their workers. that's plain and simple. the same of health care. every time you create a well-intended idea of obamacare, the simple fact is that imposes costs on businesses that force businesses to make employees have to share more than health care costs. you see it happening. hire detectable in higher co-pay marcottes employees. so the best kind of rules of the ones that protect whatever it is you are trying to protect but have the lowest possible cost so people have money in their pockets. that may give an example because your success makes environment both miserable.
4:15 am
it's a radical one. they don't like it and it makes no sense to me. a growing economy allows us to spend money on protecting wild america. when our economy and quarter grew by 4.4% per year we generated revenue that allowed us to have the largest land purchasing program in the country to protect pristine florida. we began the process of seriously trying to restore the everglades and the incredible treasure for our country. we focused on cleaning up water bodies, not just the everglades would others. if we were growing at the rate of the economy today we wouldn't have the resources to be able to protect the nash -- natural environment so there has to be a win-win. that's where we need to get to his commonsense regulation and not this making people feel like they are doing something bad when in fact you have created printer plus jobs, but the median income of a community. all of the suppliers that are
4:16 am
dependent upon your business now love you too. you are creating wealth and prosperity for yourself but for hundreds if not thousands of other people as well. that's american way. we should be celebrating. this is what we should be doing. [applause] >> i hope your stock price goes up. that's american capitalism at its best. it shared by everybody and everybody's interest is aligned right way. i get fired up when i see examples like this because this is what separates us from the rest of the world. one other point about how we should be proud of this country. there are places where shale exists in other parts of the world. it's all over. argentina has a massive potential shale. the russians have it. the polls and the germans and the u.k., the britons have shale
4:17 am
plates. where else other than united states has it worked? nowhere. it's only an american why is that? we take risks. we have a culture of risk-taking. not crazy risks but risks that really allow you to move forward we have private property rights embedded into er. in our dna. we were watching the men and women do to the leasing for. that's a robust market that only exists in america. only in america to private landowners owned the rights to the extent they do in this country and that creates a dynamic energies such year. as prices go down you create opportunities at you to take advantage of it. it's uniquely american to try something and if it doesn't work you make it more dynamic.
4:18 am
cost of your productions have dropped in the last four years by 50%. where else in the world to get this kind of dynamic response? we should stop trying to default being told by washington d.c. on what to do. this is what makes america so special and this is one totally convinced we can grow at 4%. we have to unleash the animals. in america and we will be a america renewed again. [applause] i feel like i'm at the pulpit. like a tent revival meeting. >> the last question is on the last point you made. right now the economy is growing at 2%. you say can grow 4%. why do you think that can be done? >> because it has in the past.
4:19 am
the path can be prolonged if you have to have the right policy. if you impose these rules on every aspect of business you are not going to go. if you have the most complex tax code in the world. the me give an example. we have a new phenomena called inversion and this is a reality because of our tax code. a small foreign business buys a large u.s. business to consolidate their activities in that other country because their corporate tax rates are lower. we have the highest tax rate in the industrialized world. the effect is we lose jobs the government loses revenue and we lose income. these offices have a diminished partner if you will and the people that depend on these large businesses and the community they lose part of their economic vitality. in my tax proposal i've said it's because we have worldwide
4:20 am
income as our driver. where is the cfo? nod your head if i am correct. our companies are taxed on worldwide income. there are $2 trillion of cash overseas that doesn't come back because it will be taxed at an onerous rate. what i propose is a .75% rate for that money to come back, $2 trillion to come back and move back to a territorial source of taxation which every other country has. he did that he would have hundreds of millions of dollars invested in enterprises across this country creating higher wage jobs. if you fully capitalize dustman the first year you were going to have an explosion of productivity and we are rebalancing from wall street to main street in effect. we are creating leveling of the playing field so that the
4:21 am
heartland of our country and the industrial side of our economy will begin to grow and fosburgh. everybody else does better when that happens so fixing our tax code, fixing the regulatory system embracing the -- fixing a broken immigration system that ran as a drain on our economy that could be it cute -- catalyst for huge economic growth. we have protected our border and made it clear that coming here legally is easier than coming here illegally and pick who we want to have this new americans. you would grow the economy at a far faster rate. in dealing with the structural deficit problem that relates to our entitlement challenges we have to preserve and protect our entitlements for those that have them but we need to make sure that we reform the whole system so the next generation can receive it. you will grow at 4% as far as the eye can see and we will lead the world. we will be as we are, we will
4:22 am
lead the world and i will close with this. simple exercise because i know people are deeply pessimistic about the future the country and they listen to politicians talk about how bad things are. you need therapy probably at therapy probably offended some of these debates. we opened up the entire world and said you have 30 days one-way ticket you can pick where you want to live, i wonder who would win that. we would win it. we would when it's 1000 to one. we would win it because this country is still the beacon of freedom. this is the hope for the world. this is the greatest country on the face of the earth and if we start acting like it we will be it. it's that simple. that's what i believe. [applause] so thank you all very much. we love you very much. [applause] ♪ ♪
4:23 am
♪ ♪ ♪ ♪ ♪ ♪ ♪mr. mcconnell: mr. president?
4:24 am
the presiding officer: the majority leader. mr. mcconnell: mr. president, last night 77 senators voted to advance legislation that would fund the government through the fall at the bipartisan level agreed to by both parties. it's now the most viable way forward after democrats' extreme actions forced our country into this situation. let's remember how we got here.
4:25 am
democrats knew the american people were unlikely to buy their desire for more bureaucracy and more debt but they figured they might in a crisis. so democrats pursued a deliberate strategy of blocking government funding all year in order to force our nation to the brink. democrats said they'd block government funding legislation they even voted for this committee, and some of these bills, mr. president, came out of committee overwhelmingly on a bipartisan basis. democrats said they'd block government funding legislation that they'd actually praised in their press releases when these bills emerged from the appropriations committee with large majorities. democrats even voted repeatedly to block the bill that funds our military, to repeatedly block the bill that funds medical care and pay raises for our troops. that's how far, mr. president, democrats are willing to go at a time of daunting international
4:26 am
threats in order to tear down the normal government funding process and force our country into this situation that we now face. well, i'm not prepared to let the government -- i'm not prepared to let the democrats lead us over the cliff. the bill before us would keep the government open. it would allow time for cooler heads to prevail. that's why i joined 76 other senators and voted to advance it yesterday. but, look ... obviously, the best way to fund the government is by, first, passing a budget; then passing appropriations bills. the senate already passed a budget. the senate is prepared to pass appropriations legislation, too. all that's needed is for democrats to drop these endless filibusters. we know that nearly all these funding bills are bipartisan. we know that democrats have supported and praised them. and with the c.r. behind us, we
4:27 am
can turn back to the work of trying to pass to vitiate the qm call. the presiding officer: without objection. paul palmr. paul: i'm re-mingedt line from "cool-hand luke," what we have here is a failure to legislate. what we have here is is a failure to use our leverage, a failure to use the power of the purse. conservatives across america are unhappy and rightly so. we were told that when we took over congress, when republicans were elected to congress that things would be different. that if voters put us in charge, we would right the ship. we would stop the deficits. and here we are with another continuing resolution. what is a continuing resolution?
4:28 am
it is a continuation of the deficit spending of the past. it is a continuation of the waste. it is a continuation of the duplication. what is a continuing resolution? it is a steaming pile of the same old same old. let me be clear. a continuing resolution is not a good thing. it is more of the status quo. it is a warmed-over version of yesterday's failures. it is an abdication of congressional authority. it is an abdication of congressional power. let us at least be honest. with a continuing resolution, no waste will be cut. no spending will be cut. no regulations will be stopped. and the debt will continue to mount. we are told that we cannot win,
4:29 am
that we need 60 votes to defund anything. but perhaps there is an alternate future where courage steps up and saves the day. all spending is set to expire automatically. this is the perfect time to turn the tables. to tell the other side that they will need 60 votes to affirmatively spend any money. you see, it doesn't have to be 60 votes to stop things. all spending will expire, and only those programs for which we can get 60 votes should go forward. what would that mean? that would mean an elimination of waste, an elimination of duplication, an elimination of bad things that we spend money on. if we have the courage, we could use the senate's supermajority rules top stop wasteful spending. if we had the courage, we could
4:30 am
force the other side to come up with 60 votes to fund things like planned parenthood. the budget is loaded with nonsense and waste. some will say our job is to govern, to preside. but to preside over what? to preside over a mountain of new debt to be the same as the other side? to continue to add debt after debt? our debt will consume us if we continue to preside over the status quo. it is as if we're on the tie p tan nick and -- titanic and just simply reshuffling the chairs. a continuing resolution continues the spending of wasteful money. i'll tell you of a few we spend money on. $300,000 last year studying
4:31 am
whether or not japanese quail are more sexually promiscuous on cocaine. these things should never have money spent on but if you do a continuing resolution it will continue. we spent several hundred thousand dollars l studying whether or not we can relieve stress in vietnamese villagers by having them watch television reruns. i don't know about you but i don't want one penny of these dollars going to this ridiculous stuff. we spent $800,000 in the last couple of years developing a televised cricket league for developing afghanistan. do you know how many people have a television in afghanistan? one in 10,000 people. i don't care if they've all got
4:32 am
tv's, it's ridiculous that our money -- which we don't have, we have to borrow it from china to send it it to afghanistan. if you're passing a continuing resolution, you're agreeing to continue this nonsense. we spent $150,000 last year on yoga classes for federal employees. so not only do we pay them nearly one and a half times as much as the private sector employees, we give them yoga classes. if you pass a continuing resolution, this goes on and on. nothing will change. the status quo will continue, and we will continue to spend ourselves into oblivion. we spent $250,000 last year inviting 24 kids from pakistan to go to space camp in alabama. we borrow money from china to send it to pakistan. it's crazy. it's ridiculous. and it should stop. we have the power to stop it.
4:33 am
congress has the power to spend money or not spend money, and yet we roll down and we just say say -- we roll over and we say it must continue. we don't have the votes to stop it. nonsense. the other side doesn't have the vote to continue the spending if we would stand up and challenge them. we spent a half million-dollar last year and the year before developing a menu for when we colonize mars. we sent a bunch of college students to hawaii to study this. $5,000 a piece we paid them. they got two weeks all expenses paid in hawaii. and you know what a bunch of college kids came up with for the menu for mars? pizza. this is where your money is going. i could go on, hundreds and hundreds of programs. if we do not exert the power of the purse, this continues. we should attach to all of the
4:34 am
spending bills, all 12 individual bills not glommed together, we should attach hundreds of instructions, thousands of instructions. some of the media said those would be riders on appropriations bills. exactly. that's the power of the purse. if you object to the president writing regulations without our authority, congress should defund the regulations. congress should instruct him on obamacare, what we object to. congress should instruct him that we don't want money spent on planned parenthood. hundreds and hundreds of instructions should be written into every bill and passed and sent to them. would we win all of these battles? do we have the power to win every battle and defund everything we want? no. but you know what we start out with? our negotiating position right now is we start out with we defund nothing. why don't we start out with the
4:35 am
negotiating position that we defund everything that's objectionable, all the wasteful spending, all the duplicative p spend, let's defund it all and if there has to be negotiation let's start from defunding it all and see where we get. but it would take courage because you have to let spending expire. if you're not willing to let the spending expire and start anew, you have no leverage. the power of the purse is only there if you have courage. you must courage of convictions to say enough's enough, that the debt is a greater threat to us than letting spending expire. now some will report on this speech and say oh, he wants to shut down government. no, i don't. i just want to exert the power of the purse, and that means spending must expire. but i'm all for renewing the spending, but let's only renew the spending that makes sense. we have the power of the purse
4:36 am
if we choose to exert it. look at the mountain of debt. look at the debt that continues to be added up. we have not been doing our job. the way we are supposed to spend money in congress is 12 individual appropriations bills. they've passed out of committee. why aren't they presented on the floor? the democrats have filibustered the only one presented. let's present every one of them and let the public know, let everyone in america know that it's democrats filibustering the spend bills. it's democrats who desire to shut down government. it's democrats who desire not to have any restrictions on where the money's spent. it's the democrats who are saying we don't want to end wasteful spending. we don't want to end any spending. we don't want any controls over spending. we want to continue the status quo. but we should not be complicit with them. we have allowed this to go on
4:37 am
for too long. it threatens the very heart of the republic. it threatens our very foundations to continue to borrow $1 million a minute. it's time that we stood up. it's time that we took a stand and said enough's enough. when's the last time we did it in the appropriate fashion? when is the last time congress passed each of the individual appropriations bills with instructions on how to spend the money? 2005, a decade ago. it's been a decade. in the last decade we've added nearly $10 trillion in new debt. many it's time to take a stand. i for one have had enough. i've had enough. i'm not going to vote for a continuing resolution. a continuing resolution is simply a continuation of the mounting debt. i for one will not do it. a continuing resolution is retreat. it is announcing your defeat in
4:38 am
advance. what we should do is take a stand. we should say to the other side in the senate it requires a supermajority. what does that mean? 60 votes to pass spending. what would happen? you would have spending that is controversial, like planned parenthood, would fall away. they can ask for private donations. good luck on that. you wouldn't find things being funded that are controversial. what would happen stlld no longer -- is there would no longer be spending for wasteful and duplicative projects. we listed these a couple of years ago. i think we had $7 billion worth of duplication. did we fix it? no. every year the president, even this president puts forward $10 billion, $15 billion, $20 billion worth of programs that could be eliminated. do they get eliminated? no, because congress is dysfunctional and we continue to
4:39 am
pass a continuing resolution which means we do not to exert the power of the purse. congress is a shadow of what it once was. madison said that we would have coequal branches and that we would pit ambition against ambition. we no longer do that. congress is a withering shadow. it's a shadow of what it once was. congress has no power, exerts no power, and we walk and we live in the shadow of a presidency that is growing larger and larger and larger. the president's not afraid. he says he's got his pen and his phone. so he is writing and creating law. one of our founding fathers -- one of our philosophers they look to is montesquieu, and montesquieu said when the executive begins to legislate, a form of tyranny will ensue. that's what we've got now. we have executive tyranny. not just this president, though. it's been going on for awhile. probably for 100 years we've
4:40 am
been allowing more and more power to accumulate in the hands of the presidency. what we need is a bipartisan taking back of that power. we need congress to stand up on its own two feet and say enough's enough. we are reclaiming the power of the purse and we are going to do whatever is necessary to get rid of the wasteful spending, the duplicative spending, the offensive spending. and we are going to do what the american people want, and that is to spend only what comes in. but i will tell you, i for one will oppose this continuing resolution, and i recommend that everybody in america call their congressman and say we're tired of the mounting debt. we want you to stand up. we want you to stand up and say enough's enough. let the funding expire and make the other side come up with 60 votes to spend the money. it's time we took a stand.
4:41 am
4:42 am
minutes. [inaudible conversations] >> good morning, we meet today to talk to robert work and the
4:43 am
commander of u.s. cybercommand, director of the national security agency and chief of the central's dirty service, we thank the witnesses for their service and for appearing before the committee. we meet at a critical time in just the past year and we all know that the united states has been attacked by north korea, china, russia and the attacks have only increased, crippling our networks and compromising sensitive national security information. recent attacks against the joint chiefs of staff are just the latest examples of the growing boldness of pushing acceptable behavior in cyberspace.
4:44 am
new hacks are occurring daily. trends are getting worse, but it seems the administration has still not mounted an adequate response. they say that they will respond at the time and manner of our choosing but then they either take no action or pursue symbolic responses that have zero impact on our adversaries behavior. not surprisingly the attacks continue and they gain a competitive economic edge in improving the military capabilities. to demonstrate their own need to attack are critical of the structure and they do all of this at a time and manner of their choosing and more and more they are leaving behind what the ad while recently referred to as cyberfingerprints, showing that they feel confident that they can attack us without mexican consequences. just consider the recent case
4:45 am
with china after china's efforts to steal intellectual property and wage economic espionage against u.s. companies. instead last week's state visit simply a amounted to cyberand enabled the rat. what's worse is that the white house has rewarded china with diplomatic discussions about establishing norms of behavior that are favorable to china and russia and any internationally agreed upon with rules must recognize the right of self-defense is contained in article 51 along with meaningful intellectual property rights protections. the administration should not concede this point to autocratic regimes who seek to distort or
4:46 am
principles or detriment. we are not winning the fight in cyberspace. the adversaries put simply, the problem is a lack of deterrence. the administration is not demonstrated to our adversaries that the consequences of cyberattacks against us outweigh the benefits. until this happens the attacks are going to continue and our interests are going to suffer. establishing deterrence hires a strategy to defend and aggressively respond to the challenges to our national security in cyberspace and that is exactly what the congress required in fiscal year 2014 national defense authorization act. that strategy is now over a year late and counting and while the department of the defense is a big improvement over previous
4:47 am
such efforts, it still does not integrate the ways and means to deter the attacks in cyberspace. establishing deterrence also requires robust capabilities both ostensibly in defense of late that can pose a credible threat and a gold in which the committee remains actively engaged. the good news is that significant progress has been made in developing our cyberforce and that will include a mix of professionals trained to defend the nation to support the geographic combatant commands and to defend dod networks. this is good, but the vast majority of resources have gone towards showing up cyberdefenses and far more needs to be done to develop the necessary capabilities to deter attacks and fight and win in cyberspace. policy and decision should not
4:48 am
become an and capability development. we do not develop weapons because we want to use them. we develop them so as we do not have to. we are at a tipping point. he said that we have to broaden our capabilities to provide policymakers and operational commanders with a broader range of options. and we must invest more in the offense and capabilities that our teams need to win on the battlefield. we seek to address this challenge and a number of ways including our pilot program to provide us with limited authorities and finally we know the defense department is in the process of assessing whether the existing command structure can elevate cybercommand to a unified command.
4:49 am
there are worthwhile arguments on both sides of the debate and i look forward to hearing views on this question in his assessment of how and elevation might enhance our overall cyberdefense posture. and i also look forward to hearing from eyewitnesses what if any progress has been made on addressing disagreements within the agency on the delegation to use cybercapabilities. and i think the witnesses appearing before the committee and i look forward to their information. >> it is important to talk about this and i want to thank the director and the cybercommander for their information. let me start with china.
4:50 am
i expect we will have a robust discussion about china's can compliance china's leaders must be aware that the reputation may continue to decline if this does not stop, which ultimately will have it immensely negative impact on our relationship with china. i would also emphasize how important it is to embrace these norms, which include refraining from the tax on the other nations critical infrastructure. and that includes whether we can go to a full unified command and whether the commander of cybercommand also serves as a director of the nsa. and i understand that the problem could elevate it to a
4:51 am
unified command. we have questioned whether or not the arrangement should continue on an arrangement is made and put simply if they are so reliant that, leadership is necessary, is the command ready to stand on its own. this is an issue that the senator has drawn attention to and i think it's something that's very critical for this committee. and directly related to the military cybermission unit that we've had over the last two years. the department is leading this with training for personnel and that includes equipment, tools, and capabilities that remain limited. and that includes a mandate that the secretary of defense designated this bill with a
4:52 am
unified platform. and that includes command-and-control that is necessary for these forces to operate effectively. it will take a number of years to build these capabilities and we are behind in developing this military capability because the defense department was persuaded that the system is an capabilities that we are to have would be adequate to use inside the command. and this is an important commonality between intelligence operations and military operations and in some cases that turned out to be not accurate. and that includes articulating a strategy for implementing them. some believe that retaliation is a necessary and effective component of an effective strategy and i look forward to hearing the views of her
4:53 am
witnesses. as my colleagues and witnesses are aware, having reached an agreement i know that the chairman is in full agreement to pass that legislation this year. we must also recognize the defense department and intelligence community are protecting america's cyberof the structure, lying relying upon the department security protection of america's critical infrastructure and the use of contingency operations to avoid the budget control act helping the dhs or other nondefense partners avoid effective sequestration and this is another solution that we need. and finally i think it's important that we encrypt communications and offer
4:54 am
services for which even the companies themselves have no tactical capabilities. this fbi director has given multiple warnings that they will be going back. these and other questions are vitally important and i look forward to your testimony. >> i think the witnesses and the director, i have tried to impress. ..
4:55 am
i do want to take note of and thank the members of the committee who are engaged on this issue and have spoken to a publicly, as the two of you just half. the cyber threats are increasing in frequency, scale, sophistication, and severity of impact. although we must be prepared for a large armageddonlarge armageddon scale strikes that would debilitate the entire us infrastructure, that is not the most likely scenario. a primary concern is low to moderate level cyber attacks from a variety of sources which we will continue and probably expand. this imposes increasing cost of the business and us economic competitiveness and national security.
4:56 am
because of our heavy dependence on the internet nearly all information communication technologies and it networks and systems will be perpetually at risk. these weaknesses provide an array of possibility for nefarious activity by cyber threat actors, including remoteactors, including remote hacking instructions, supply chain operations to insert compromised hardware software, malicious action by insiders, and simple human mistakes by system users. the cyber threats come from a range ofa range of actors including nationstates which falls in the two broad categories, those with highly sophisticated cyber programs, and those with lesser technical capabilities with more nefarious intent such as iran and north korea but who are also much more aggressive and unpredictable.
4:57 am
then there are non- nationstate entities, criminals motivated by profit, hackers, extremists motivated by ideology. profit motivated cyber criminals we will i hung loosely networked online cyber marketplaces referred to as the cyber underground or dark web that provided a forum for the merchandising and elicit tool services and infrastructure. so on personal information and financial data. the most significant financial cyber criminal threats come from a relatively small subset of actors, facilitators command criminal forms. terrorist groups will continue to experiment with hacking which could serve as the foundation for developing market basket for these. cyber. cyber espionage, criminal and terrorist entities all undermine data confidentiality. denialdenial of service operation and data deletion attacks undermine availability. in the future, i believe we will see more cyber
4:58 am
operations that will change or manipulate electronic information to compromise its integrity. in other words counter intelligent risks are inherent when foreign intelligence agencies obtain access to an individual's identity information. of the problem the department of defense has encountered. they could target the individual, family members,individual, family members, coworkers and neighbors using a variety of physical and electronic methods. speaking of opm breaches, let me say a couple of words about attribution. it is not a simple process that involves three related but distinct determinations, the geographic? of origin, the identity of the perpetrator, and the responsibility for directing the act. in the case of opm we have
4:59 am
differing degrees of confidence in our assessment of the actual responsibility such malicious cyber activity will continue and probably accelerate until we establish and demonstrate the capability to determine malicious state-sponsored cyber activity. establishing a credible deterrent depends upon reaching norms of behavior by the cyber community. in summary the cyber threats have become increasingly diverse, sophisticated, and harmful. other law enforcement intelligence and sector specific agencies. every day each of these centers and entities get better at what they do individually. i believe we have reached a point where we think it is
5:00 am
time to knit together the intelligence's activities need to defend our networks because while they may be defending different networks they are often defending against the great sand threats. they integrate cyber threat intelligence, and i strongly believe the time has come for the creation of such a center toa center to parallel the centers we operate for counterterrorism, proliferation and security. >> chairman mccain, ranking member,mccain, ranking member, distinguished members of the committee, thank you for inviting us. the committee has led the way. the response to the threats and the departmentin the department looks forward to working with the committee to get better in this regard cyber intrusion and attacks by state and nonstate actors have increased dramatically in recent years and particularly troubling are the increased frequency and
5:01 am
scale of state-sponsored cyber actors these adversaries continually adapt and result in response to our counter terror networks. the critical infrastructure and us companies and interest globally. the recent state of cyber events to include the intrusions into opm, the attacksopm, the attacks on sony and the joint staff networks by three separate state actors is not just espionage of convenience but a threat to national security. as oneas one of our responses be released in 2015 the department of defense cyber strategy which will lead the development of our cyber forces and strengthen our cyber security and deterrent posture which is insane. the department is pushing hard to achieve the three
5:02 am
core missions as defined in the strategy. the 1st and most important is to defend department of defense network systems and information. sec. sec.information. secretary carter has made this the number one priority in the department command we are getting after it now. to defend the nation against cyber offense of significant consequence and to provide sever support operational and contingency plans and in this regard the us cyber command may be conducted to have programs along with other nations. now, my submitted statement contains additional detail on how we're moving out to achieve these three strategic goals. especially since i noi know this is key in the minds of most of the members here. i want to acknowledge upfront that the sec. and i recognize that we were not where we need to be in our deterrent posture.
5:03 am
we do believe that there are some things the department is doing that are working, but we need to improve in this area without question which is why we have revised our cyber strategy. deterrence is a function a perception that works by convincing a potential adversary the cost of conducting the attack file way any potential benefits and therefore are three main pillars of our cyber insurance strategy in terms of deterrence, denial, resilience, cost command position. they continued to perform their essential military task even when contested in the cyber environment, and cost and position is our ability to make her adversaries pay a high price i would like to briefly discussed these three elements, to deny the attacker the ability to adversely impact our military missions we have to better defend our own information networks and data. wewe think the investments we have made are starting to
5:04 am
bear fruit, but we recognize the technical upgrades are only part of the solution. nearly everynearly every single one of the successful network exportations that we have had to deal with can be traced to one or more human errors. they allow entry into our network. so raising the level of individual cyber security awareness of performance is absolutely paramount. accordingly, we are working to transform cyber security culture, something we ignored for a long time. long-term by improving human performance and accountability in this regard. we have recently published the cyber security discipline implementation plan and a scorecard that has been brought before the secretary and i every month critical to achieving this goal of securing data and networks and mitigating risks.
5:05 am
this scorecard holds commanders accountable for hardening and protecting their endpoints and political systems and also have them hold accountable the personnel and direct the compliance reporting on a monthly basis. the 1st scorecard was published in august of this year, and it is being added to an improved asend up as we go. denial means defending the nation against cyber threats of significant consequence. the pres. has directed dod working in partnership with other agencies to be prepared to stop the most dangerous cyber events. there may be times when they direct dod and others to conduct defensive cyber operations to stop a cyber attack from impacting national interest which means building and maintaining the capabilities to do just that. this is a challenging mission requiring high-end capabilities and i trained teams building our cyber mission force and deepening our partnership with law enforcement and intelligence communities to do that.
5:06 am
the 2nd principle is improving resiliency by improving the ability of our adversaries to execute mission in a degraded cyber environment. our adversaries view dod cyber dependency is a potential for time vulnerability. therefore, we fight through cyber attacks is a critical mission function which means normalizing cyber security as part of our mission assurance efforts, building redundancy when systems are vulnerable, training constantly. our adversaries have to see that these cyber attacks will not provide a significant operational advantage command a 3rd aspect of deterrence is demonstrating a capability to respond through cyber non- cyber means. the administration has made clear we will respond in a time, manner, and place of our choosing, and the
5:07 am
department has developed options. if successfullyif successfully executed, our mission requires a whole of government and nation approach, and for that nation we continue to work with our partners, agencies, and the private sector and partners around the world to address the challenges that we face. secretary carter has placed particular emphasis on partnering with the private sector. they do not have all the answers. we think it will be critical our relationship is absolutely critical. the secretary and i appreciate the support provided to dod cyber activities throughout from the very beginning, and we understand and are looking forward to the national defense authorization act to see if there are other improvements that we can do. i encouraged continued efforts to pass legislation on cyber security information sharing.
5:08 am
data breach notification and law enforcement provisions related to cyber security which were included in the presence legislative proposal submitted earlier this year. i know you agree the american people expect to defend the country against cyber threats. the secretary and i look forward to working with this committee and congress to ensure we take every step possible to confront the substantial risks we face. thank you for inviting us here and giving the attention that you have always given to this urgent manner. i would like to pass it off now to have more rogers, if that is okay. >> chairman, ranking member, distinguished rumors of the committee come i am honored to appear before you today to discuss us cyber policy. i would like to thank you for convening this forum and for your effort in this important area. i amarea. i am honored to be sitting aside director klapper and
5:09 am
deputy secretary of defense. it gives me great pride to appear before you to highlighting command the accomplishments of the uniformed and civilian personnel. i'm grateful for and humbled by the opportunity i haven't given to lead our team in the important work that they do in the defense of our nation and department. we are being challenged as never before to defend our nation's interest in values in cyberspace against states, groups, and individuals that are using sophisticated capabilities to connect cyber coercion, aggression, and exportation. the targets of their efforts extend well beyond government and into privately owned businesses and personally identifiable information. our military is in constant contact with agile learning adversaries in cyberspace, adversaries --dash on the capacity and willingness to take action against soft targets in the us. our countries integrating cyber operations and were told strategic concept. they usethey use cyber operations to influence the
5:10 am
perceptions and actions of states around the and to shape what we see as our options for supporting allies and friends in a crisis. we need to turn these activities by showing that they are on acceptable, unprofitable, and risky for the instigators. building capabilities that can contribute to cross domain deterrence and make our commitment even more printable. we are hardening our networks and's showing our opponent cyber aggression won't be easy. we are training a mission force that is defending dod networks, supporting joint force commanders and helping to defend critical infrastructure within our nature. partnering with federal, foreign, and industry partners in exercising together regularly to rehearse concepts and responses to the structure cyber attacks against critical infrastructure. generating options for commanders and policymakers across all phases of conflict and particularly in
5:11 am
phase to hold that risk what adversaries truly value the demand far outstrips supply, we continue to rapidly mature based upon real work to have real-world experiences and our service server components. icyber components. i assure the committee us cyber command has made measurable progress and are achieving significant operational outcomes and have a clear path ahead. with that, thank you mr. chairman and members of the committee for convening this forum and inviting all of us to speak. our progress has been made possible in no small part because of the support from this committee and other stakeholders. the stakeholders. the effort within our department and across the government is essential command i appreciate and i welcome your questions. >> thank you, avril, and think the witnesses. director klapper recently,
5:12 am
former chairman of the joint chiefs was askedchiefs was asked about various threats to the united states security and said that in aa range of threats we have a significant advantage accepted cyber. do you agree with that assessment? >> it is probably true. we have not -- we have not exhibited are potential capability. i think that is one of the implicit reasons why i have highlighted cyber threats in the last three years. >> thank you command you have done that with great effect before this committee as a result of the leader, the chinese leader in washington they're was some agreement announced the us and china. do you believe that will result in an elimination of chinese cyber attacks. >> hope springs eternal.
5:13 am
i think we will have to watch what there behavior is, and it will be incumbent upon the intelligence community to depict, portrayed to policymakers with behavioral changes, if any,changes, if any, result from this agreement. >> are you optimistic? >> no. >> thank you. apple rogers, you recently stated, there is a perception there is little price to pay for engaging in some pretty aggressive behaviors. because of a lack of repercussions you see actors, nation states willing to do more. what is required? what action is required to deter these attacks since there is little price to pay? what do we have to do to make it a heavy price to pay? >> we must clearly articulate in broad terms what is acceptable.
5:14 am
we have to clearly articulate that as aa nation we are developing a set of capabilities that we are prepared to use if required. they arerequired. they are not our preference. we clearly wish to engage in a dialogue, but we do have to acknowledge the current situation we find ourselves in. i don't think anyone would agree that it is acceptable or in our long-term interests as a nation. >> i say that with respect. i understand it is not acceptable. what would be, relations and other areas, counter attacks? in other words, what actions would be an hour range of arsenal to respond? >> potentially all of those things. the 1st comment, sony is an extract -- instructive example. when you think about deterrent much more broadly and not just focused within the cyber arena i thought the response we talked about
5:15 am
the economic options as a nation, exercise as a good way to remind the world around us there is a broad set of capabilities and levers available and that we are prepared to do more than just respond in kind. >> one of the things that has been disappointing to the committee is that in the fiscal year defense authorization bill. choir the president to develop an integrated policy the strategy is now one year late.late. can you tell us where we are in the process? what you feel is, what my bring the administration into compliance? >> you are asking me about policy development. >> yes. >> ii think i would defer to the secretary of work on that.
5:16 am
>> mr. chairman, as we have said over and over, we believe our cyber deterrence strategy is constantly evolving and getting stronger. >> i'm talking about a policy, not a strategy, mr. secretary. he required a policy, the fiscal year 14 national defense authorization act. >> a policy is still in development. we believe we have a good cyber strategy. the policy has been outlined in broad strokes by -- >> not broad enough. does it describe whether we deter or respond or whether we -- in other words, as far as i know in the committee's nose there has been no specific policy articulated and compliance with the requirement and the defense authorization act. if you believe that it has i would be interested in hearing how.
5:17 am
>> i believe that broad strokes -- >> i'm not asking broad strokes. suppose there is a cyber attack, do we have a policy is to what we do? >> yes. >> first we deny and then -- 1st we find out can't do the forensics. >> am not asking the methodology. masking the policy. do you respond by counterattacking, trying to enact other measures? what do we do in case of a cyber attack? >> or respond in a time, manner, and place. >> that may be one of the options. >> that is not a policy, secretary. that is an exercise in options. we have not got a policy. for you to sit they're and tell me that you do aa broad stroke strategy is not in compliance with law. >> thank you very much, mr. chairman. director klapper, we are constantly engaged in
5:18 am
information operation with many other nations and they are involved with information operations trying to influence the opinion, disguise activities, disrupt, etc. what agencies are under your purview or outside your purview were actively engaged in information operations in the united states and the cyber world? >> actually, sir, from an intelligence perspective we would see -- see that in that we don't, at least what i can speak to publicly, engage in that as part of our normal intelligence activity. theyactivity. they feed other arms, support other arms of the government, normally the state department,department, and is responsible for messaging. the national counterterrorism center has an office that is devoted to countering violent extremism
5:19 am
context, helping to develop themes or recommending themes based upon what we glean from intelligence as potential vulnerabilities and messages that would appear to the various groups to obfuscate the message, disrupted, or compete with it. but generally speaking, intelligence a large does not actively engage. >> are these other agencies that you provide information to adequately resourced and staff so that they can use it effectively? are they getting a lot of good insight and sitting around wondering what they can do? >> i think i would have a much more robust capability from the standpoint of resource commitment to counter messaging.
5:20 am
>> and that would fall outside the purview of intelligence for the state department? >> correct. >> the voice of america when it was a pretty dominant sort of source of information. >> personal opinion only, i would -- i think perhaps, you know, the usia on steroids that would address these messages more broadly and more robustly, but that is strictly personal opinion. >> in terms of what you are observing, particularly some of our competitors have been extraordinarily robust information operation. they don't like the resources or personnel and are constantly engaged in these type of information operations. enhancing there image, discrediting them to come opponents, actively engaging
5:21 am
local groups and other countries of interest, and we are on the sidelines. >> that is quite right. in contrast to us russian intelligence services are very active and aggressively engaged in messaging. >> thank you. admiral, this issue of encryption that was pointed to, your thoughts would be helpful. >> the issue that we find ourselves -- this is less for me on the us cyber command side and much more in the nsa side, communications in the world around us increasingly going to end-to-end encryption where every aspect is encrypted in the data in the communication is protected at a level that with the current state of technology is difficult to overcome. clearly that is in the best interest of the nation, and strong encryption is important to strong and chinainternet defense and a well defended internet is in our best interest as a nation. within that broad framework
5:22 am
the challenge where trying to figure out is realizing that that communication path is used by law-abiding citizens, nationstates command companies engaged in lawful activity. .. in the end i think this is about how to we get what's best, when i look at our capabilities of a nation there is nothing we can't overcome if we work
5:23 am
together. i think that is the way ahead in broad terms. >> thank you very much, mr. chairman. >> thank you mr. chairman. you've given us a good summary on the threats that we face and the threats that are occurring today and i appreciate that. senator mccain asked you about reporting on the policy that congress has passed asked you to report on and that has not been done. the house and senate agreed on requirement that the services need to report on the threats. that is something that came out of our strategic subcommittee and eventually expanded to
5:24 am
include all weapon systems not just satellites and national missile defense. we don't have that final report. this budget, i believe, has $200 million in it to help fund this effort. what can you tell us about that? >> first it may take some time. if it does, i understand. i don't we have had any report from the dod to state what progress you've made and how much longer it will take. >> again, on both points, on the policy we expect it is in the final the liberations. it is an interagency effort. we are trying to establish norms and deterrence which is essential to the policy. i'm the first to admit that we are the farthest ahead on the denial and the resilience part. those are the areas where we are moving faster.
5:25 am
we have elected to attain the retaliatory mechanism just like nuclear weapons because of the risk of escalation. >> what about the other vulnerability to our weapon system? >> it is a big, big problem. many of the weapon systems we have now were not built to withstand a cyber threat. going through every one of the weapon systems, he has prioritized prioritize the weapon systems and is working through very carefully, and i expect this work to be done very soon. we now have new requirements in our key performance requirements. >> so you've indicated an individual to be responsible for this? >> yes. this individual is working with
5:26 am
our cio and the cyber command and all of our cyber experts. he is responsible for taking a look at the weapons system and also requiring key performance parameters to make sure they have security built in from the beginning. >> do they maintain and build the systems and have highly sensitive information -- are we satisfied their insufficiently protected? >> we certainly recognize a vulnerability there. we've made changes to the contractual relationships between us and those companies where they have to meet security requirements and inform us of penetration. we are clearly not where we need to be but we continue to make
5:27 am
progress. >> i think it's a bipartisan commitment on congress to help you with that. if it takes more money, let us know. we will have have to evaluate it and i also understand that some of the protection can be done without much cost and some might require considerable cost. we hope that you will complete that. mr. rogers, i believe last week you reported in the los angeles times about the threat from china. you know one thing they are involved in obtaining u.s. commercial and trade data. they are a foreign nation, nation, advanced ally of ours and i was told one of their company's bid on a contract and the chinese got all of the bid data from the web. his comment was, it's hard to win a bid when your competitor knows what your bidding.
5:28 am
is that kind of thing happening? >> it has been an we've been very public with that. i think that's reflected in the agreement that you raised during the president of china's visit last week when we were very concerned about that. >> my time is up but i would just ask, if you saw an american business being damaged through improper action, you're not allowed to advise them or share any information with them while our adversaries do their business. is that the way it works? >> the way this works is i would provide information and insight. if under that authority i became aware of activity, i would share the insight with dhs and the fbi to interface with the private sector much more than i do. >> thank you mr. chairman, and pink all three of you for your service and being here today. which country is the most
5:29 am
committed successful hacker of the u.s.? >> china has been the one that we have been the most vocal about but they are not the only one. >> last time you were here you had more concerns over russia having the ability or expertise to do less damage. >> i thought your question was focused on valium. if your question is on capability, if you will, then we then we have been very public saying i would put the russians higher than china. >> but it feels like china is more committed and determined to do it. >> they do it at the volume level. >> i understand. i know you just said no, you don't believe this agreement
5:30 am
that the president and our president has made will work. are there any penalties in this agreement if someone violates it? >> in terms of what i have seen, i don't think it treats, certainly there are implied penalty. the threat of economic sanctions is what would meet something to the chinese if they violate this agreement. i think as they were discussing earlier in terms of sanctions,
5:31 am
there is a whole lot of options here. it doesn't have to be and i to an i can be some form of retaliation. i'm not aware of the specific penalties if the agreement is violated. >> that's why i think you're pretty quick to say no i don't think it will work. >> the reason i said no, of course, is the extent of which the chinese have been pervasive in terms of adding our data. whether or not the government orchestrates all of it is still in question. we are inherently skeptics.
5:32 am
>> i have a question for you secretary. the recent news article that examines similarities between china's strike finder and our strike fighter. what they have been able to do in such a rapid time without any r&d, do you believe that gives them a competitive advantage? i understand there might be some differences in the software and weapon tree, but they are making leaps which are uncommon and we know this. we are not taking any actions against them. >> i would like to work this in and follow up with your first question. at the highest levels, we have made it clear that we believe the chinese actions are totally in acceptable in cyberspace.
5:33 am
i would characterize the agreement that we have as something where we are asking them to prove to us that they are serious about what they say and what they will do to control these efforts. there were really for things that we agreed to do. first we would give timely responses to information when we say hey, we believe there is a problem here and we have agreed to exchange information on cyber crimes, we've agreed to collect electronic evidence and mitigate malicious cyber activity that is occurring on our soil. we both agreed that we would not knowingly conduct cyber theft of intellectual property. we told them there was a problem and it was unacceptable. they have said that they will work to curb that.
5:34 am
then we have agreed to have common effort to promote international norms in the final thing is we will have a high-level joint mechanism where we can meet at least twice a year and say, look, this is just not working. you are not are not coming through with what you said. this isn't a treaty or anything like that. they have to prove to us, and we know they have stolen information from our defense contractors and it has helped them develop systems. we have hardened our systems through the initiative. >> we know the j20 is pretty much nearing our weapon. when we know this, why wouldn't we take hard action against them ? i just don't understand why we wouldn't retaliate.
5:35 am
>> from a financial standpoint. >> there are a wide variety of options that we have. they are developed through the inner agency. again it's not necessarily tit for tat. it is proportional response and we are working through all of those. >> my time is up. if we could just meet up later and discuss those. >> certainly. >> if i may, just add a word about terminology what this represents, of course, is cyber espionage. of course we to practice cyber espionage in a public forum to say how successful we are, but were not bad at it. when we talk about what were
5:36 am
going to do to counter espionage or retaliate for espionage, i think it's a good idea to at least think about the saying that people live in glass houses shouldn't throw rocks. >> so it's okay for them to steal our secrets that are most important? >> i didn't say that. >> that we live in a glass house , that is astounding. >> i did not say it is a good thing. i'm just saying that both nations engage in this. >> i want to thank all of you for being here. with regard to the chinese, i want to follow up, we talked about the stealing of the highest secrets in terms of our weapon systems, but what about the 21 million people whose background check and personal information has been associated
5:37 am
publicly with the chinese, and the fact that 5 million sets of fingerprints as well, leading to potential vulnerability for our citizens. if you put that in a context of these other issues that we've raised, it seems to me i looked very carefully at some of the language you've been using. you gave a speech in london and said to turn deterrence must be promoted. you said cyber attacks have created a a permissive environment. i'm trying to figure out, based on what you said, how we are not in a permissive environment in light of what they have stolen with our weapon system and the huge infringement on 21 million people in this country. also, could you you comment on
5:38 am
the vulnerability of that data and where we are in terms of how it will be used against us? >> first, that is an assessment of what was taken. we don't know in terms of specifics, but that frames the magnitude of this theft, and it is potentially very serious, has very serious implications. first from the standpoint of the intelligence committee and identifying people who are under covered status, one small example, it poses all kind of potential -- and unfortunately it is the gift that will keep on giving for years. it's a very serious situation. what we tried to do is educate people with what to look for and
5:39 am
how to protect themselves. again, this is a huge threat of theft and has potentially damaging implications for people in the intelligence agency and other agencies. >> i think what you're hearing is what are we going to do about it as the issue as opposed to shared agreement on generic principles with chinese. this is a pretty significant issue that will impact millions of americans. i'm not hearing what were going to do about it but that may be a higher-level decision going up to the pres., but it seems to me, if a point to talk talk about deterrence, if we don't follow up with action, and if you look at that combined with the testimony we heard last week about the artificial island being built by the chinese and the fact that we won't go within
5:40 am
12 nautical miles of those islands, if you put that all to the chinese perspective i think one might think we can do whatever we want because we haven't seen a response yet. i'm not asking for all of you to answer that because it probably needs to be answered by the president and his security team, but it seems to me they aren't seeing a response from us and therefore we will continue to see that behavior from the chinese. before i go, i have an important question on another topic. that is, yesterday, we heard public reports about the potential violation of the inf treaty by the russians and that essentially russia tested the new ground launch mission that violates the 1987 inf treaty. of course this is going back also to the reports as early as
5:41 am
2008 of russia conducting tests of another ground launch cruise missile in potential violation of the inf treaty that we raise with them. when sec. carter came before his committee on his confirmation, he listed three potential responses to these violations. now we have the russians violating the inf treaty yet again and my question is, sec. carter rightly identified that we should respond through missile defense, counterforce or countermeasures. what are we doing about it? >> senator this is a long-standing issue that we have been discussing with the russians. the system is in development and has not been fielded yet. we have had different discussions with them on our
5:42 am
perception of the violation of the inf and they have come back. this is still in discussion and we have not decided on any particular action at this point. >> so are you saying you don't think they violated the inf treaty? >> we believe very strongly that they did. >> we believe that. that's what i thought. now we have another situation going back to 1987. >> we. >> we are still in the mist of negotiating. we are giving our position but if they do feel the system that violates the treaty, i would expect us to take one of the three options outlined before the committee. >> i see a lot of talk and no action unfortunately and people take their cues from that and that worries me. thank you all. >> think you mr. chairman. mr. clapper you testified
5:43 am
recently that while the united states makes distinction between cyber attacks conducted for economic purposes to gain foreign intelligence, that is the espionage arena that you are referring to, or to cause damage , would you consider the opm breach to the extent that we believe it is a state after who did that that that would be in the category of espionage? >> yes. that was the tender of the discussion at the hearing. that that has to do, as a mentioned earlier, the importance of definition nomenclature and the definition of these terms. the theft of the opm data, as
5:44 am
egregious as it was, we wouldn't consider that an attack but rather a form of theft or espionage. >> you say other countries, including our own engage in such activities. my understanding of the recent agreement between the u.s. and china has to do with commercial cyber theft. i think that is a very different category that has to do with obtaining information about corporations, et cetera. therefore that is in the category of economic attacks. so dir. clapper, would you consider that kind of agreement to be helpful? i realize that you are skeptical, but to the extent that we are defining a particular kind of cyber attack and that we are contemplating through this agreement and
5:45 am
ability of these countries to engage in high level dialogue regarding these kinds of attacks is that a helpful situation? >> it would be very helpful if, of course, the chinese actually live up to what they agree to. what the agreement pertain to was theft of data for economic purposes, to give the chinese an advantage or their defense industries and advantage. as opposed to, i don't believe we have agreed with the chinese to stop spying on each other. so there is a distinction. >> mr. sec., you can weigh in on this as well. they say we created a potential for dialogue or an environment where there is a process to be
5:46 am
followed. in cases where we suspect a cyber attack, at least we have a way we can talk to the chinese. you also mentioned, director clapper, clapper, attribution is not the easiest thing although we are getting better at determining who were the actors conducting the cyber attack. one hopes that even with a great deal of skepticism going forward, this may create the space for us to have more than a conversation, but one that would lead to some kind of change in behavior on the part of these state actors. mr. sec., fill free to give us
5:47 am
your opinion. >> i think that's exactly right. as director clapper said, first you have to find out the geographical location of where the attack came from and then you have to identify the actor and whether the government of that space was controlling it. >> that's not the easiest to do. >> we have determined china and in some cases they said this was a a hacker inside our country but we had no control over them. this allows us to say what are you going to do about that? are you going to provide us the information we need to prosecute this person or are you trying to take care of it on your own? i believe this confidence building measure in this way to discuss these things, the proof will be in the pudding. how the chinese react to this. >> secretary, i think you mentioned that this agreement allows contemplated meetings at least twice a year. is there anything that allows for more frequent dialogue between our countries? >> senator i believe there was a significant cyber event that we suspected the chinese of doing or they suspected us, that we would be able to meet. this will be a high-level joint
5:48 am
dialogue. our u.s. sec. of homeland security and u.s. attorney general will lead on our part. we will have the first meeting of this group by the end of this calendar year. i believe we all have some healthy skepticism about this but i believe it's a good confidence building measure and a good first step, and we will see if it leads to better behavior on the part of the chinese. >> thank you. >> i can't help but comment that we have identified the building please don't see this committee as if we don't see who is responsible for it. that's just very disingenuous. there have been public reports that we have identified the pla building in which these attacks come from. >> thank you mr. chair, thank you for joining us today.
5:49 am
mr. rogers, i'll start with you today. two of the president's nine lines of effort in defeating isil our first exposing isis's true nature and disrupting the foreign fighter flow. over the weekend, the new new york times reported that 30,000 recruits joined isis over the past year and that is double the previous recruitment year. earlier this month, the ambassador at large said that isys's recruiting trend is still upward and the information was no surprise to her. she also said the upward trend was primarily due to internet and social media. so, do you believe their effort has succeeded on these two lines of effort in cyberspace and social media? just please a simple yes or no.
5:50 am
>> no. >> okay, and why is that? with the record recruiting numbers for isis, how would you then assess the effectiveness of the u.s. governments counter effort in cyberspace? what specifically is your assessment of the state department think again, turn away program and supportive efforts to counter isis recruiting efforts. >> i am not knowledgeable enough to comment on this. i will say, i have always believed that we must contest isil on the data as much as we
5:51 am
do on the battlefield. we have got to be willing to attempt to fight them in that domain just like we are on the battlefield and we clearly are not there yet. >> i agree. i think we are failing in this effort and some of the programs that we have seen obviously are not working. so, are there areas where you could recommend how the u.s. better partner with various ngos or private entities to more effectively counter the isis propaganda? again,. >> i will say from a technical perspective we are looking at, within our authority in capability, what's in the realm of possibilities, in other words what can we do in this domain. >> we have a larger problem coming forward in regards to isis and isil in the middle east.
5:52 am
we seem to see the emergence of a a trifecta between syria, iran and russia. now it seems that iraq has begun information sharing. can you speak to that and the broader implications of russia emerging as a leader in the middle east while we seem to be losing our opportunity with isil questioning. >> i think they have several objectives here. one is that they want to protect their base, their presence in syria. their buildup in the northwest part of syria is clearly one and they want to prop up ashad. i think a belated motivation is fighting isil.
5:53 am
as far as the joint intelligence arrangement is concerned, i can't go into detail in this forum but i will say, each of the parties entering into this are a little bit suspicious of what is entailed here :
5:54 am
what we are trying to do is the conflict, and that is the primary purpose of the discussion. if you're going to act on this battlefield, we have to de- conflict. they would like to do a military 1st followed by a political transition. we believe those two things have to go in parallel. this is early days. we are still in the midst of discussing what exactly this means. i don't have a definitive answer. >> i am concerned we advocated our role in the middle east and in so many other areas, as has been
5:55 am
pointed out earlier. grave concern to all of us. thank you, mr. chairman. >> thank you, mr. chairman. >> gentlemen, thank you for your public service. admiral, i am concerned about all of these private telecoms that are going to encrypt. if you have encryption of everything, how, in your opinion, does that affect section 702 and 215 collection programs? >> it certainly makes it more difficult. >> says the administration have a policy position on this? >> no, we are the 1st to analyze an incredibly complicated issue. we still are trying to collectively work our way through what is the right way ahead recognizing there is a lot
5:56 am
of valid perspective, but from the perspective that i look at the issue, there is a huge challenge challenge that we must deal with. >> a huge challenge, and i have a policy position. and that is that the telecom better cooperate with the united states government, or else it just magnifies the ability for the bad guys to utilize the internet to achieve their purposes. speaking of that, we have a fantastic us military. we are able to protect ourselves. it is the best military in the world, but we have a vulnerability now. and it is a cyber attack.
5:57 am
do you want to see if you can make me feel any better. >> i would tell you that correct to say the capability of the department department if i were to say where we were 18 months to two years ago is significantly improved. we currently defeat 99 points some odd percent of attempts to penetrate dod systems on a daily basis. the capability in terms of the amount of teams and there capability continues to improve. speed, agility. the challenge is trying to overcome decades of a thought process in which we see defensibility and reliability that were never core design characteristics where we assume that external interfaces, if you will call with the outside world were not something to
5:58 am
be overly concerned with. remotely generating data as to how paragraphs were doing in different states around the world. all positive if you're trying to are trying to develop the next generation of cruiser destroyer for the navy, but a world in which those public interfaces, if you are coming increasingly represent potential points of vulnerability. you get this clash of strategies which is where we find ourselves now. one of the things i try to remind people is, it took us decades to get here. we will not fix this in a few years. the six dedicated prioritization, resources command we must do it in a smart way, prioritize and figure out the greatest vulnerability and concern. >> can i jump in for a 2nd >> i want to add to that end
5:59 am
for us to let our potential enemies understand that we have the capability of doing to them what they did do to us. however, that gets more complicated when you are dealing with a rogue group of a dozen people stuck in a room somewhere that are not being part of the nation state. >> yes sir, mr. sec. >> i i was just going to echo what was said. he said, look, we are absolutely not where we need to the inmate job number one defense of the networks. going from 1500 on place less than 500. going from 1,000 defendable firewalls to less than 200, somewhere between 50 and 200 you are absolutely right. we recognize this is a terrible vulnerability, working to defend our networks, looking our systems, and trying to change the culture.culture.
6:00 am
right now if you discharge of what you are held accountable for that. negligent discharges one of the worst things you can do. do. we need to inculcate culture whereas cyber discharges considered just as bad and make sure it is inculcated throughout the force. >> i agree, but the abnormal is assaulted by the telecoms who want to tie his hands behind his back by doing all of the encryption. >> thank you, mr. chairman. in our state naval warfare center has taken the lead on much of our efforts to protect against the threat of counterfeit electronics. and so secretary working director clapper, the global supply chain for microelectronics prevents -- presents a growing challenge for cyber security. one of the things we saw recently

18 Views

info Stream Only

Uploaded by TV Archive on