Skip to main content

tv   Key Capitol Hill Hearings  CSPAN  October 7, 2016 4:00am-6:01am EDT

4:00 am
problems. in the old kind of war they should've asked that and we should back at them. that sort of makes and fits into a strategic moral framework that makes sense to all of us. i guess i would ask, let let me start with you richard, are we ever going to know who is shooting us well enough that we feel comfortable shooting back, i'm not talking about private companies but it nationstate level. >> absolutely. we know all of the time. >> how do you know? >> are 2013 mandate report, there were indictments levied based on that. so there are certain levels of a community that they would not even believe if they were a camera on a person typing at a keyboard hacking into an american bank, they would say that this effect that the cia created as a plot. >> after they landed on the moon. >> because they didn't land on the moon apparently. >> let's remember it astounds me
4:01 am
that people doubt the u.s. government to do revelations after the snow and revolutions. if the u.s. comes out says that the u.s. was behind an attack on sony you have to believe that. the app he i would not the best vehicle to explain it but for example, just strategically at the present level president obama's not looking for fights. he does not want to fight with north korean soda, and say it was the north koreans, that introduces a level of complexity that he doesn't want to address. >> is it worth acknowledging that president obama's only present for the next few months. depending on your point of view whether it's hillary clinton or donald trump, it may be your comfort in the assertions of the u.s. government may go up or down. as a journalist who lives on the outside of these things let's talk about the golf attack, that
4:02 am
turned out to be basically not true. we all reported it it's true at the time in the press because we didn't know better. so even if the u.s. government can know, how know, how can the public be be assured to any extent that it's worth engaging and hostile action with another country that may involve other kinds of weaponry and death and destruction. if we we just have to believe the nsa or the president. >> that's a fascinating and important question. there has been attribution revolution. in the technology has really advanced in ways that are incredible in terms of cyber forensics. not to mention overall cyber intelligence assessment that the government can bring to bear. not just forensics on online but everything to have at their command.
4:03 am
the problem is all of this is cloaked. to your point there's a sense in the public and internationally of how do you prove it? i think part of the answers that much of this has migrated to the public sector. companies like fire i, some argue there too close to the government, but there are private sector entities that are serving as external validator's. you do have private company that is doing this work internally. so this is a space that is not being left to the u.s. government. but you are right the challenge u.s. government faces is to pull. how do you prove this in a way that doesn't demonstrate or reveal sources or methods that will make it more difficult in the future. that is the first barrier. that is a criticism in the sony hack. in fact one of my colleagues at harvard law priest questions as to whether not we could leave the fbi's assertion. the second problem as richard said, okay let's say we do attribute the attack as we did with north korea, what then? what is the right response? what is proportional? should be cyber, should be
4:04 am
sanctioned, should it be something else? we? we have not figured out those doctrines. but you are right a key element is how do you prove it. by the the way, our adversaries know that. so china and russia, the first question publicly and diplomatically will be, prove it. it. how can you prove that we have done this. not to mention the moral equivalency argument that says everyone does it. >> let me just raise another point. these fights are inevitably going to be asymmetrical. so we may have the best weapons of the world but i presume we are not going to be shutting down north korea's electricity grid because that means people in the hospital will die. so if we got into a real shooting war where we are sending cyber weapons across the internet and damage people who we believe have damaged us like how does that go when anybody with a computer can essentially
4:05 am
disable a water plant or maybe change the way the water is going to the nuclear plant. isn't this like, doesn't this get messy very quickly? >> absolutely it is complex. attributions improved exponentially in the past few years but by no means 100 percent. at the end of the day knowing precisely who is behind the keyboard and finding the smoking keyboard is not easy to do. especially because most of the actors that are very capable are going to use proxies or surrogates so they're going to try to send the money footprints anywhere. that said, there is a difference between having this cyber equivalent of a drive-by shooting capability where you can have loan actors cause disruption harm to a particular target and a sustained computer network attack capability.
4:06 am
so any kid, 400 pounds or less can actually sit in there and attack someone. but that that is not the same as a nationstate. ultimately here's the other thing, do not think that the only means that we have retribution is cyber means. cyber means. we have other intelligent capabilities. that's why we don't lean so far because we would be compromising other sources and methods. it is a complex set of issues. if your entire attribution is based on cyber forensics the best actors are going to run circles around you. but if you have other means in addition to that historical trend to see what their tpp czars then he can start putting the pitcher together. >> have an illuminating why this is a complex matter, what about the private sector?
4:07 am
if you get hacked by the north koreans and you know who it is or you think you know who it is, is it ever okay for a private company to be hacking back against a nationstate? >> i have written a paper in controversy arguing for a cyber private model. given keep in mind congress has the right. >> mark an appraisal. which was in the context of a maritime security domain which was not controlled by state actors that was involving private actors that had the ability to influence maritime security. i think we're in a similar context was cyber security. the internet of things is becoming more and more predominant. frankly, the capabilities to understand vulnerabilities in real-time sit with the private
4:08 am
sector. so we actually have to think very differently about what our model of defense looks like. we have to do all these things attribution, shape the natural landscape, create redundancy and resilience, take some systems off-line, but you also have to think creatively about how do we work public and private with each other to create cyber model that allows defense. it doesn't wait for the proof in concept, the prove to be indicted in court to be able to react in real-time. i think the private sector, in some corners at least they will tell me are looking for that kind of sanction, looking for a bit of a safe harbor to work closely with government, not all the time and not in a wild west wild west format, but to go after cyber actors. in some cases to retrieve data that has been stolen. >> so richard used to work for the air force right, so you are now in the private sector,
4:09 am
you're you been on both sides of that divide it is run right? >> the question i have for the hack back advocates. >> i gotta get in there to. >> what are you trying to accomplish? what's the goal? if you're trying to get better at your fusion or know who is hacking you there's no better way than to break into the adversary computer, find his list of targets see that you're on the list and they have an active operation against you, it's the same as a counterintelligence model. that's the best way to do it. does it. does that involve the private sector, probably not. they tried to do any long-term suppression? if if you trying to do long-term suppression of an adversary and trying to use cyber means i don't think it will work. you have to go to the other tools, diplomatic, financial and legal type tools if you want to have long-term suppression. if you're trying to use it to the legal case there might be questions about how you gather that evidence.
4:10 am
those are the problems i have what i hear about private sector trying to break into other people's. >> call me goldilocks, too hot, too cold, i'm in between. >> in all sincerity i really had an unspoken thought. we are releasing a major study on active defense at the end of this month on the 31st back to order for. i think there is much more to the active defense set of issues that right now are great areas short of hack back to build higher walls and motes. we are not going to fire our way out of this problem. we cannot simply defend, build higher walls, deeper boats walls, deeper boats and protect it, that would be every time are home is rob we call the blacksmith. that is doomed for failure.
4:11 am
that is the only crime we know that we still blame the victim not the perpetrator. we have to get to the point where we have a deterrent, and impact on the actor, and that includes taking more proactive steps. short of malicious hack back that is intended to be retribution. there are things technically that perimeter is totally blurred. if it's your perimeter outside your perimeter today. there are things you can do in terms of beacons and honeypots. all sorts of things that are technically capable but legally questionable. our laws are circa 1986, literally before the world wide web was what it is today. we have to start questioning this. >> we are when dining out of time. we will do a lightning
4:12 am
round. we'll start with you on the end. what would you tell hillary clinton and donald trump about cyber war. one piece of advice as they prepared to potentially become commander-in-chief. >> they better get comfortable with the issues. they better get comfortable with the fact that you are not going to get the smoking keyboards all of the time. there's going to be ambiguity just like there is an counterterrorism. secondly, rules of engagement. we need to clearly defined what the rules of engagement are for computer network attack. thirdly we need to articulate and demonstrate a cyber deterrent capability we start putting pain on the bad guys. >> it is a myth that an individual can have a strategic effect on cyberspace. stuff that really matters will take place over days, weeks, months, possibly years. it will require teams of individuals working against teams who are trying to defend. we need to have a longer-term campaign model.
4:13 am
the ultimate answers generally lie outside of cyberspace and the tools we can bring to the arena. >> you are going to have to think differently and come up with slightly different models with how we deal with the issue. models for how we shape with that environment. i agree with frank in the area of the field of deterrence is not well defined. we are going to have to define doctrines response the capabilities and deterrence. we are going to have to find a new model for public, private engagement. one that rebuilds that rebuilds trust in the post- snowden area. make come up with creative elements of active defense. we will have to think about new forms of resilience and that may mean pulling key systems off-line. running against the market trend of putting everything on the internet and connecting it. >> excellent. thank you for being here today. [applause]
4:14 am
>> that was pretty good. the next panel is going to be run by my colleague at the washington post, brian and i think they are headed in here in just a minute. thank you for being here. thank you again. >> the morning -- you have been a very patient to audience and stuck with us all morning. thank you for coming. a quick quick reminder that you can tweet your questions which will show up on my ipad at wp cyber.
4:15 am
joining me this morning we have three awesome guests. to to my left is brett was the assistant section chief of the cyber operational section of the fbi. he previously served as a supervisor and special agent over national security measures. we have michelle, the senior managing tractor and career consulting group where she leads a geopolitical geopolitical advisor practice and finally we have michael, the senior director of information security at johnson & johnson. he specializes in digital asset risk management. i thought i would start with a personal bit. one of my jobs is explaining to people what critical infrastructure is and why it matters and how we are vulnerable. it occurs to me that critical infrastructure is not a very accessible term.
4:16 am
a lot of the companies that are in the space you're trying to to convince to get on board defending themselves, we're just talking about how hard it is to get buy-in from companies when it is a low priority for them. it is 2016, why have we not come up with a better term for critical infrastructure? >> from the government standpoint there is pp d21 which defines critical infrastructure. we have 16 structures for helping private sector in that regard. hopefully prevent, detect, and mitigate threats to critical infrastructure within those 16. we are looking at those corporations that contribute to this stability economically from a national security standpoint as well as health, life, and safety to the american people. from the government standpoint we have defined critical infrastructure through ppd 21. the fbi and department of justice and the department of
4:17 am
homeland security work closely with those sectors. i know you serve on the health -- who are bringing together those public, private partnerships to help defend networks. >> first off, thank you for having us and it is a pleasure to be here. >> . . we are johnson & johnson, we are the largest, most comprehensive healthcare company in the world. we have significant resources and we realized that we need to give back, we need to help the little guys out with providing services. he has spoken at a few of our summits recently and it's a great organization where we are
4:18 am
able to protect and defend the national health portion of a critical infrastructure. >> i think in the commercial sector, we are getting better, but part of the reason why we haven't defined what could've critical infrastructure is, it's a work in progress. where where building the bridge as we walk on it. firms that provide enterprise risk management consulting services sort of have to help their clients understand what their critical risks are. i think the more that we do that and the longer we identify those risks and what the critical infrastructure consists of, the better the definition will become and the firmer it will be. how does the need, our need to understand critical infrastructure and the way we define it need to change as we learn better what the landscape of capabilities is and the risks
4:19 am
that are out there. >> i think generally speaking, if you take critical infrastructure and boil it down to a corporate perspective, we look at it through three phases of business. we have the commercial part of the business and the supply chain part of the business and the research and development. each of those, threats and risks are different in each of those and the protections therefore it need to be different. supply chain is really about availability. you are dealing with risks and lifecycle management issues where the business is trying to squeeze every penny out of that technology platform if you can make that pillar make that medical device and build that drug so there are certain risks there. r&d is very collaborative. we are dealing with multi- national, educational institutions and protecting the
4:20 am
infrastructure that research and development rides on is a much different, more agile, more flexible approach. it's similar to commercial sales and the financial data, making sure that we are in line with serving oxley. these are critical areas of our business that we make sure were looking at. >> can i just follow up on that, can you tell us how those three areas of the business coordinate their cyber defenses? is there much coronation there or is it, comes from the top and is spread out. >> great question. we have a very centralized viewpoint from a security strategy and design where we have a baseline of working with different types of frameworks such as security controls that we apply.
4:21 am
there's also it's done through the different business groups we are trying to have the technology to secure the enterprise. >> what is fascinating to me, you guys probably have very robust interaction between your various teams but what we see in our incident response is many companies don't have that interaction. they're responsible for network defense but they don't engage thought prevention teams. they don't engage the general counsel office. one case we responded to what turned out to be a large cyber compromise and they started working with the chief
4:22 am
compromise officer to engage the threat and mitigate what was happening while also allowing us to pursue the threat. a few hours into that, the general counsel learned this was happening and came down and rightfully so and said let's stop what were doing, we have a government agency in here, worse sharing information and we haven't determined what information we want to share with the government. they sent the fbi team home and they continue to work in their environment to try to determine what they could share. over five days later they invited the fbi team back. by that team they had communicated uncompromised infrastructure that the fbi teams are here whether we want to share and unfortunately, i think a lot of organizations don't bring general councils. physical security folks, they all lined the business together
4:23 am
and what that information sharing plan might be like with the federal government. >> when you are working on stuff like this, is there something they can do, organizationally, structurally speaking to help ease those lines of communication. >> absolutely. what we like to do when we work with firms, all tell tell you, i've seen these plans very widely. even some of the larger firms that we work with don't have very good plans in place and they kind of wait until it's almost too late before they have a plan. what we try to do is help them identify where they might be vulnerable, what things could be a threat or at risk and then we, after they identify those things we help them prioritize. this is a problem because not all companies are at the same stage in their life cycle. companies that are smaller but more technical, they have high-risk but they have lower revenue stream. sometimes they're hesitant to
4:24 am
put resources toward this eventual event because it is an eventual event. it is going to happen at some point, it's just when. hopefully it will be at a time in their life cycle where they have been able to plan. we do try to get them to incorporate as many parts of the organization as possible, but some of them don't even have their own general counsel. some of them will contract that out when they need it or, it depends on how mature they are in their business cycle. >> we have a really great question from twitter. it ties directly into a question that i wanted to ask. i'm just going to ask the twitter question. considering how much nationstates depend on satellite for critical infrastructure, has any international ponzi and put in place west mark what are the necessary steps to take in order to protect satellites and other space assets from being involved in the hijacking attack? >> i'm not aware, i'm not not part of the policy teams out there in the u.s. government.
4:25 am
certainly, satellites and any kind of infrastructure utilized for communication in the it environment are susceptible to various cyber activity. satellites are an asset that we have to look at and like any form of risk we have to build response around that. i know it is being addressed by some of our partner agencies to build controls around that risk that's associated with those communications. >> to what extent should be thinking about things like election systems as critical infrastructure or e-mail systems is critical infrastructure? we've had a number of reports about russia potentially having hacked our political election and people are clearly worried about the impact that other nationstates may take in
4:26 am
cyberspace to affect the way we live here. >> in terms of e-mail, i think it's just part of our daily lives. i was reading the article coming down on the train that half of our time, over a thousand hours a year is spent reading and doing email. of course it's part of our infrastructure. there are several established and great technology in place to secure communications around e-mail with encryption. there are a lot of different messaging that goes back and forth with infrastructure to secure that. i think there's a lot of options out there to secure and as we've said, depending on the resources, what technology is
4:27 am
right for you largely depends on how many resources you have available. >> from an intelligence perspective, i think it goes back to something that i learned in the army which is no yourself and know your enemy. when it comes to e-mail, no what information you are sharing and know who might want to exploit that information. once you have a good understanding, i think it helps you be safer with e-mail or any communication or any means that could be hacked or anything that's vulnerable. that goes for any type of company, corporation, industry, sector. >> e-mail remains one of the top compromiser's anywhere. i know it's been mentioned many times. i would like to say there's a thursday night football game on tonight and i will use authentication. if i can do it, i hope businesses can start to do it. on the issue of should we
4:28 am
consider the election critical infrastructure and others, it goes back to our original question of what is critical in the structure. the lines. we have these defined sectors but what we have to look at is day-to-day operations. it's a cloud -based environment or a mom-and-pop shop who has to connect to billing networks and some might spend millions of dollars on cyber network, if there's a small mom-and-pop shop that has trusted access to their critical data, they've shown the propensity to use the path of least resistance and why force yourself into a robust network when you can go off some small business that has access. we've seen that in several
4:29 am
sectors. what's convenient for us, many times is a third party or connecting internet device to our trusted networks, what's convenient for us is convenient for the adversaries. >> this may be a question for law-enforcement, would you say, are critical infrastructures compromised when we learned of the back door that even yahoo's chief information security officer did not know about. >> i will do for my comments to these folks. i'm happy to talk about that a little bit. so, i can't comment on that yahoo event, but what we strive to do an fbi cyber division is recognized that private sector
4:30 am
companies are equal in the plain environment. in counterterrorism, if if you see something, say something, that was kind of the extent of what we did with private-sector and we met with witnesses and victims and under the u.s. law we work with private-sector companies that see this on a regular basis. we have to be agile and get the information quickly. likewise we have a look in to it that they don't have. notwithstanding recent media reporting, we do have robust abilities but it will always suffer by legal frameworks.
4:31 am
i think it's important to detect quickly and prevent. i think if we help companies and firms to put in place detection mechanisms and know what to look for, i think that brings that response time cycle much smaller
4:32 am
4:33 am
4:34 am
and attack techniques and vulnerabilities with these partners and it is simple to say you just need to communicate, but the what is one thing and how you go about doing it is a completely different dynamic. there is great organization such as the critical infrastructure and other programs. there are several great organizations where their mission is to increase the resilience of these companies and bringing together that
4:35 am
public partnership that is essential for making sure we are secure. >> i think the u.s. is actually much better primarily because of the better resource to do that and it goes back to that same problem that we have. when we have countries that are struggling to feed their populations and keep social unrest at bay but they don't put resources toward securing critical infrastructure, we advise a lot of our companies at arm multinational and global companies this is a problem. if you're looking to expand your operations overseas it something you need to take into consideration in your risk management plans. i do feel the united states is ahead of our. competitors, but only for so long. i think some of our. competitors will catch up to us soon and we can only hope that will proliferate to some of the other places we have critical infrastructure or businesses that rely on the critical
4:36 am
infrastructure of those countries. >> can you give a concrete example? and to what extent does the lack of readiness among other countries provide an opportunity for american warriors? >> i think some examples would be where we rely on electric and data grids, and countries, there so many of them, africa, we have companies that do mining and extraction in several african countries and they don't have the resources to put towards supply or protect their electrical grids or critical infrastructure, their water supply or anything these companies need. some of them, if you shut them down for a day, they will lose millions of dollars to bring
4:37 am
things back online. some other examples would be, we were talking to investors that were looking at opportunities in cuba and cuba is another country that has excellent cyber capabilities that they don't feel they are a target so they don't spend a lot of resources on protecting their infrastructure. if countries or in businesses wanted to invest, they could say it was a risk. >> i wonder if we can talk a little bit about your work in partnerships and tell us a little bit about a buzzword that often describes the ideal and aspiration. what does it actually look like and what does that look like to make it work. >> in cyber it's a willingness to step out early and often on the part of private sector and
4:38 am
the u.s. government. what we have learned is that sharing threat indicators two weeks after we see them is no longer acceptable. if you look at the advanced persistent threat environment where adversaries are able to gain, that is significant and can happen in two weeks. the fbi in partnership with the nsa are now rapidly the classifying indicators and getting them out to the private sector but we also have to get the information from cyber. being able to see the malware and analyze it quickly is key to protecting infrastructure. fortune 100 companies and small businesses, we have developed and our job is operationalizing our relationship with private sector.
4:39 am
i would encourage you if you're small to medium business and you're not getting information from the government, check out their website. it's an fbi partnership with private sector across the board to be able to share information and rapidly. criminals are partnering all the time. if we don't partner together, we will continue to lose that battle as opposed to gaining on the adversary. >> you manage a database. tell me how that works and how many notifications do you get a day? >> i would have to get back to on the numbers. we get a lot we get that information rapidly but we don't get enough. cyber reporting is underreporting.
4:40 am
we some of those other plans. >> it seems like a great place to wrap up. i will now be joined by my colleague on stage. [applause] [inaudible] good morning, thank you for being here. with me on stage is lisa monico, assistant to the president for homeland security and counter terrorism. good morning.
4:41 am
she is responsible for policy coordination and management on issues ranging from terrorist attack and cyber security and national disasters like hurricane matthew that's heading our way now. the president likes to call her doctor do. prior to going to the white house she spent years at the department of justice in the fbi where she helped shift the fbi focus after 911 to prevent terrorist attack and that the department of justice she started the cyber justice program. thank you for being here. >> thank you so much. >> reminder to the audience to tweet your question at # wp cyber. i will get to your questions at the end of our discussion. lisa, you briefed president president obama every morning on national security threats. how have they evolved over the
4:42 am
past three and a half years? are you seeing more threats in the cyber domain now than terrorism? >> i certainly am seeing a lot more cyber information threats that are appearing prominently in that briefing. every morning he received something called the president's daily brief which is a briefing delivered to him from the director of national intelligence, giving an overdue view of what has happened in the world overnight, what are the strategic issues and what are the biggest threats and concerns to our security that we are facing. i participate in that meeting along with other advisors and we meet with the president every morning and we go through this set of concerns and we also have an opportunity, in that meeting, to raise the things that are on
4:43 am
our own mine and things that i think they need to know and be concerned about. what i have found in the three and half years since i've been in this position is that cyber threats have consumed a greater and greater portion and the issues that i am raising with the president, absolutely absolutely are always going to be terrorist attacks here at home and issues like ebola and pandemic concerns but increasingly, over time and over the years, i find myself on a daily basis talking to him about a cyber threat issue. i've also noticed that i've been struck by the breath of the problems that we are facing. against the government, against the private sector. the range of actors that we are concerned about from nationstates like russia, iran,
4:44 am
china, north korea and nonstate actors and activists and your garden variety criminal activity another has been the range of tactics that we are seeing. gone are the days, not completely gone, but added two issues like service attacks and the actors in the siebel realm like we saw with the north korean actors to something that is of great concern to me and others which is how can we be certain of the integrity of the data that we hold and are responsible for. increasingly, i think that will be a midterm and lawn term concern.
4:45 am
>> the data for instance that's flowing through our election machines, is that high on your list right now. >> certainly. we are obviously focused on, and you've heard myself and others talk about this in the past several weeks. we are always going to concern about fibrous threat to our system and our critical infrastructure and we have seen efforts at probing state election systems and the state election infrastructure. what people need to know about this is that our voting infrastructure, our election infrastructure is really quite resilient. what do do i mean by that? it is owned, operated and managed by states, localities down to the meniscal level. it is diversified.
4:46 am
that's a good thing from a security perspective because there is no single point of failure. the checks and balances in the oversight from the officials from the media as for when it comes time for the media, there's a great deal of resilience in our election system and people should be quite confident in it. that said, we exist in a wired world world and we know there are actors out there trying to breach our defenses across the board. while we have been doing is, along with the department of homeland security and others in the government has been trying to make available to state officials and election officials expertise, resources to bolster their defenses for their voting machines and their voting rolls
4:47 am
and last week we had a bipartisan letter from congressional leadership in congress from the majority and minority leaders in both chambers who wrote a letter to the governors and officials indicating that we need to be vigilant and they can provide assistance. >> to be clear, have you seen any efforts by any actor in nationstates such as russia to manipulate data going through the voter registration or other systems. >> i think director, he has spoken to this in the fbi is very focused and assisting with investigation when they do experience breaches or other intrusions. director, he has said we've seen a lot of probing to get that information but have not seen
4:48 am
indications of manipulation. >> do you see, are you looking at, do you think there has been an effort by another nationstate such as russia to cast out on the legitimacy of our election. >> whether it's a power grid or election systems, they indicted some iranian actors for assault on our bridge and our private sectors. we need to be concerned about them trying to breach our critical systems, whether to generate insight and whether to
4:49 am
use it in the future or have confidence in our system and my messages, frankly our democracy in the form of its systems and systems that we have in place and in our greater democratic system is stronger than any one of these actors. >> your background is in counterterrorism. let's talk about how you have tried to take lessons learned from that and apply them to the cyberspace which you have done the past few years. >> it's a great question. this is an area that i have been very focused on. i've spent my career, largely as a prosecutor in the justice department and then the fbi focused on national security issues. what we learned is that a country and the government after 911 is we needed to shift our
4:50 am
focus and our imagination and our privatization of the threat and i think we did that quite effectively. we needed to reorganize ourselves and integrate our information and our unity of effort around making sure our law enforcement and intelligence services had the same information and a greater picture of the threat that we had an ability to respond quickly and agile he and effectively to terrorist threats and i would argue to the great work of some professionals across to administrations, we have done that quite effectively. we are applying those lessons in the cyber round. how are we doing that? by prioritizing and recognizing the threat that malicious cyber activity poses. at the beginning of the president's administration, he labeled the cyber threat one of
4:51 am
the biggest national security and economic threats that we face. naming it and pry prioritizing it for the administration. in terms of integrating our information, we did something two years ago in applying the great lessons we learned in the counterterrorism realm to cyber. we created, after 911, the counterterrorism center. one place where terrorism professionals and analysts and intelligence personnel came together under one roof to share their information so we as policymakers all have the same picture, the same.that everyone refers to pre-911 to connect one of the greatest threats we face. so that briefing that i mentioned just a a few minutes ago, everyone who is critical is seeing that same information
4:52 am
every morning about terrorism threats. how is that helping you? is it helping you make faster decisions on who's responsible and what to do with it? up until about two years ago, we didn't have one place in the government that did the same thing for cyber threats. we created something called the cyber threat innovation center and we brought together all the analysts and experts into one place that could fuse the information we had about cyber threats so policymakers like myself and others have one critical picture. what that does is it says, what do we understand to be the greatest threat, how should we understand it, what are the options for policymakers to act to disrupt those threats and then the other lesson we have applied in the terrorism realm, we apply all tools. what's the best will we can use
4:53 am
at our disposal to disrupt a threat. is it up prosecution or military action or diplomatic overture, we are doing the same thing in the cyber realm. you have seen that play out. >> i like to talk about that because it's almost the end of the administration and clearly this administration has dealt with incredible evolution of the cyber threat coming at you every day but there are credit critics who say the obama administration just doesn't have a coherent framework for all of these threats coming at us. we've seen russian hacking of the dnc, how do you respond to them when they say there's no framework. in fact, do you think maybe you're doing it more on a case-by-case basis where there's an event such as espionage and
4:54 am
you respond with indictment or sanctions, are you building a de facto. >> to your audience, i disagree with the critics that we don't have a strategy or defense policy. we believe very strongly that there needs to be a set of norms around cyber behavior. what you have seen is the president working very hard and very carefully over the past several years to build a set of norms and international support. things like countries should not attack another countries cyber infrastructure. another country should not engage in economic espionage for
4:55 am
property and theft in commercial game. what are the country that should not engage in cyber off engine activities, that's a set of norms we have worked very hard to put in place. when countries violate those norms, there's an isolation and an agreement they can impose sanctions or maybe there is act of aggression if those norms are violated. there's a framework there. in terms of specific responses and specific activity, you talked about a few cases. i would argue we are putting in place a framework and you have seen it in some of the cases you mentioned. we take a whole government approach to particular malicious cyber incident. you see it in the case of north korean attacks on sony pictures. what we did there is we gathered
4:56 am
all the information we could, whether it's from law-enforcement or the community and combine that and understood it and were reached a level of confidence that it was the north korean government that did this and then determined
4:57 am
4:58 am
code to disrupt their system so they know it's you but other countries don't know where the public deterrence is, what's the strategic impact? how are you upholding that norm. >> these are the discussions that you can imagine policy makers having around the situation on the table. what is in our interest, is it in our interest to attribute that activity to name and shame, if you will, to isolate that actor the actor on the world stage, to garner international support to say sanction or
4:59 am
impose diplomatic costs. is that our interest to publicly indict and use our criminal justice problem as we did with the chinese case? we began that against the five members of the pla. when i was the head of the national security division at the justice department, you referenced the program that started. it was the national security cyber specialist program. a set of prosecutors around the country focused on bringing cyber prosecutions for national security cases. we built on a set of terrorism prosecutors that we established throughout the country post 9/11 working with the joint terrorism task forces that the fbi has. so it's the same idea in cyber rome and we brought this case against the members of the pla. the point is you're calling out that activity. you are identifying it, your naming it, you're showing that
5:00 am
you can attribute that, identify those actors, pictures of these chinese military members at the keyboard and even if you don't physically get your hands on those actors and bring them to court, they can't travel, that warrant will be out for them and you've identified and called out this activity and i would argue it strengthens our hand in the diplomatic realm. you saw a diplomatic agreement with president she almost a year ago when he visited washington and signing up to a set of agreements that we are monitoring quite vigorously so these things feed into each other. in fact, they slapped the indictments on the five chinese pla members and then you are about to impose economic sanctions, i believe somebody reported and it would've been
5:01 am
the first of this new tool created by president obama last year which you still haven't used. are you going to use it by the way? >> i'm eager to have all the tools at our disposal which is one of the reason we set up that sanctions regime. that was another tool we used. >> you're going to do the sanctions and as you noted, she came to the table. how effective have these been? are you seeing any change in behavior? >> i would characterize it that we have seen a diminishment however, i think this is something we have to be continuously vigilant on and be very clear, as we have been, with the chinese that we expect adherence to this commitment and we will continue to be watching for adherence and that we reserve the right to impose
5:02 am
costs if we see that commitment is not being honored. >> you seem to have had some success with china. what about russia? russia has been in the news lately, maybe some 400-pound person, but any case, there is strong evidence, the intelligence community is looking into how intense they are undoing influence operation in the united states. why haven't you taken any public action so far against russia? >> i'll go back to the framework as you noted that investigation and understanding that activity is ongoing between the fbi, the
5:03 am
intelligence community, we are employing the same framework as i explained a minute ago. gathering that information and the professionals have to do that and it won't surprise you to know that i'm not point get ahead of that on the stage, gather the information, understand it, reach a it, reach a level of confidence. importantly, look at it and decide, and the intelligence has to do that, what can be said about that activity and our ultimate ability to use those tools in the future, and then decide is it in our interest to describe that activity. again, this is the broader framework that we apply as we did in china and with iran and in other cases, and then, response tools on the table and some may be public. >> what are some of the considerations going through your mind with diplomatic issues
5:04 am
with russia and syria, political concerns, how much much of a concern is it that as we get closer to the election, taking any action and it could be seen as politicizing. >> what i would say is the set of concerns i laid out as we apply this framework are going to be the same in terms of general categories. is it in our interest to act response billy, proportionately and do so in a time and place of our choosing. questions about, i think what you have seen in the cases that we did with iran, china, those and with north korea and the primary guiding an overarching focus in those discussions is about what is in the national
5:05 am
security interest of the united states. that is the northstar for those missions. >> i think last week you mentioned that no actor gets a free pass. they say it will only embolden them. what's your response? >> i absolutely understand that. what i would say and what i think we've been discussing is there is a whole range of tools at our disposal to apply to hold malicious actors to account. you have seen us demonstrate that using economic sanctions and other and those are on the table and they all get considered when were talking about malicious actors. >> as time is winding down, i
5:06 am
would be remiss of i didn't ask the? the minds of many reporters here now comes the news of another risk of this contractor and this comes after the obama administration has taken steps to take tighten control to prevent the occurrence of such episodes. what happened here and do you need to do more. if so what more can you do to tighten these controls? >> you are referencing the criminal complaint that was unveiled yesterday with regard to a contractor. i'm not going to comment on the specific case, but criminal charges are in the public domain and your readers in the audience
5:07 am
can look at those in that process will go on and i'm sure we will be learning more about that. this is the type of activity we take exceptionally seriously. the protection of national security and classified information, i would also say because, as you mentioned, these cases have involved government employees but the vast majority of the professionals serving the intelligence communities are patriots who have forgone lucrative salaries in other areas to work very hard to protect this country. that said, you can't complete lee guarantee a determined, the threat of a determined insider who is determined to steal information.
5:08 am
that's a very hard challenge, but as you noted, with the with the president has been crystal clear about is the need to constantly review and learn from some of these instances. that's why you saw the establishment of an insider threat actor after the case. that's why you've seen, just last week, the establishment of something called the national background investigation bureau setting up a stead of standards and strengthening of our background checks. we've got to constantly apply lessons learned, vigorous appeared security measures. we are in a wired world. it's going to get harder and harder. we have to constantly be reviewing and understanding the new technology that we can apply. are there new steps we can take. the president and the other leaders of his administration take it very seriously and are constantly looking into what we
5:09 am
can do. >> this contractor is suspected of also having stolen hacking tools used by the nsa to gather intelligence. this is a very potentially significant action. how concerned are you about the potential damage to national security rising from this case. >> without getting into the specifics of the case, as a person who is responsible, as you said, starting out this discussion to talk to the president every day about the threats facing our country, i am exceptionally concerned about anything and anyone who would do something to jeopardize critical tools that we have and the tools that we use to keep this safe. that's why i think we have to constantly be reviewing what we are doing and applying new tools and technologies.
5:10 am
>> we are running short on time, but i have to ask you, about four and half weeks out from the election and they have promise there will be a massive leak on wikileaks. what might we expect from an october surprise? >> for several reasons, i am not going to speculate on that. one of which is, one of of the things that i do want to have to find my windowless office in the easement of the west wing is not getting into politics. i think i will continue this in this relatively windowless room as well. with that, i have to wrap it up or. thank you so much. thank you for being here. thank you for being here. we will have clips from the program posted later. thank you.
5:11 am
5:12 am
5:13 am
5:14 am
5:15 am
5:16 am
5:17 am
i would like to welcome you to brookings to let everybody in the audience know that our colleagues are here we will try to be appear from the podium as well. and we're very pleased to be here and this is a very special event to mark the
5:18 am
anniversary of the reykjavik summit in iceland. it is my pleasure to be here today to be with three extremely distinguished men who have their own connections. fans and and to the younger people in the audience. we are using this occasion to get ahead which is the 25th anniversary of the collapse of the soviet union. the net includes the russian federation.
5:19 am
but we felt t11 was part of the university and you wanted to welcome down here in front of the audience but t11 was a key event. it was between the nine estates in the soviet union one that preceded with the fall of the berlin wall. the first part will focus on the summit itself of those that were there to walk back that confrontation but the second panel with arms reduction and control with the new relationship and is
5:20 am
a bill amends over the last couple of days with that disposition we didn't know that what happened. want into hold the event. i know a few knew that something else would have been. that puts felt whole agenda back at the top of the agenda. a want to begin the panel if the audience will remember but it is worth reminding the years of high end cold war confrontation with the few quick points and then for a discussion of this.
5:21 am
we'll end in the 1960's and '70's the soviet union was condensed with a clear and present danger. with the u.s. defense budget and the soviet borders that sounds like some of the problems. with the white house and pentagon officials to increase operations by the cia and elsewhere. by 1981 was of a nuclear threat. just after ronald reagan started the anti-ballistic missile defense system from the soviet nuclear strike.
5:22 am
and then meeting uh kgb rather briefly in 1982 it was showing reagan and of a nuclear holocaust. one and during the british war game with that soviet nuclear strike that queen elizabeth the second actually drafted a world war iii speech that was filed away in the archives. hawaiian that you might expect to be reunited. but this is drafted at the same time of the evil empire speech one about the dangers posed to the united states. meetings were pretty bad
5:23 am
that the soviet plan to this south korean airlines it was u.s. spy plane. one with the impending nuclear war but 1984 just to run up to monitor these events to have those international affairs. and have to tell you today we signed legislation that would begin bombing in five minutes. pdf also looking in the archives nobody got the joke so when gorbachev came into power with the general secretary and ronald reagan
5:24 am
the first meeting in seven years. and then start to put those in early 1980. that was the key part of the process into the nuclear forces treaty and laying the ground for the start treaty. and his table here in the panelist and one of those cold war scenarios one of the u.s. embassy in moscow actually from the u.s. embassy spend most of his
5:25 am
time having to fill an it to be expelled to drive the truck and if course the u.s. journalist who later became a professor was arrested and imprisoned in a soviet jail. but that is all that was going on but behind-the-scenes of reykjavik things were quite different. first of all, to kick this off we have brookings president who was covering the meeting as say washington appear chief with time magazine and we never good colleague who is a veteran cbs and nbc news correspondent. one and then distinguished candidate who had just published a new book on sale
5:26 am
outside you sought at the beginning probably. and he was there with president ronald reagan behind the scenes and with gorbachev and after we get those observations and we will find what went on behind closed doors. we do have such a great panel that can talk about the offense and we want to hear what you have to say. >> that is a terrific set up for a quite important story and pose of us who were there including marvin and kent knew there were possibilities if that i don't think any of us had an inkling of how far these two leaders would actually go.
5:27 am
ken is the only person probably in the room or on the podium that was behind closed doors. martin and i were listening through keyholes of we could find any. but just to fill out what fiona just said just with some of blossoming of the personal relationship of the president of united states before the attorney general of the communist party of the soviet union. there were signs that they might warm-up. the geneva meeting that happened one year before, the atmosphere was
5:28 am
pretty good. they certainly were better than the relationship between president reagan from previously. but we had no idea as we headed to reykjavik of all places. [laughter] by the way will whole site was thick because it was more or less halfway between moscow and washington. so neither leader had to go to far in the direction of the other which was the idea . it was october obviously. it was blustery. though boathouse. can we see that?
5:29 am
i checked with the ambassador before who confirmed it and that it was reputed to be haunted by laugh -- [laughter] that is where everything went on. so we began to get briefings , and they think secretary shultz came out on one occasion and is surrounded as though there would be not just a place holder for a more substantive meeting later in the year but things were going on in the house. and we at "time" magazine on friday night and to have a
5:30 am
number of photographs one in one of which one and was already to go? and uh koppers story as the end my editor walter isaacson was helping me putting the finishing touches on it four-o'clock in the afternoon on sunday. but when that but the next morning george shultz k. mount and you could tell from his face that tears were in his size -- is that
5:31 am
the whole thing had collapsed. this led to one of the more exciting moments in my journalistic career to get on the telephone immediately to call new york that was the equivalent of navy get me rewrite. from what we were hearing about why the talks had collapsed and the word laboratory kept coming up and i will save that for you. from so we managed to flip back story into the unhappy story with the unhappy picture of laugh of the two leaders and "time" magazine got into your hands the next morning.
5:32 am
but that really isn't anything more than background. what i think is really important of what we will be talking about is that while it was a busted summit, it shows the degree to which these two men by the way are getting a lot of push back from their military and their political divisors committees to men were determined, rather than have united states and soviet union causally be at the brink of nuclear war, they were serious not just arms control but massive reductions of the arsenals of the two countries. and even though the reykjavik summit did not
5:33 am
achieve mostly with sdi it was a launching pad for the arms control agreements that were reached the decades that followed. that will braying us to the melancholy president where there's so much about progress that has been stalled or will be very hard to pick up. with that vial will turn back to my traveling companion i just put on my tie for all of you. certainly didn't have one on one of is rewriting the story.
5:34 am
>> it is of pleasure to be with you. i have covered many soviet-american summits. it is my great pleasure to do so. there were great stories for someone who's spent much of his life in russia or studying russia russia, assassinated by what was going on most especially with the arrival of gorbachev on the scene. and reykjavik was an enormous disappointment. some said the almost should not have happened i appreciate what he was saying that it did set things up, but to men were that close to something that was truly historic and could not pilaf. if you look at the secretary
5:35 am
shultz face that if his wife and children were killed in an automobile accident. so then you look at that because then you realize that gorbachev was trying to reach out to the west and was aware that three of his leaders had died. he was a young man and thought he could do something different with russia. for so very quickly initiated a program called class noticed perestroika batf to reform russia with the thinking you can hold on to communism and you could reform the system that was broken. the truth is it was so broken you could not continue but he did not know that.
5:36 am
and he started january of that year floating the idea of eliminating all nuclear weapons but the number of people in the city there was a lot of propaganda in a lot of nonsense. >> that is what he said and put that out there than the following month with the soviet foreign office came word that the zero linkage that was the soviet requirement but it was all or nothing they would pull back to say maybe you could get one. behind it all was the awareness of afghanistan which was a monstrous headache and obvious defeat and how does the soviet leader acknowledged that to his people of 15,000 soldiers killed? were the mothers and the
5:37 am
fathers? one when he first came in he said it is a bleeding wound bomb. he was aware and under incredible pressure trying to do something different. the stage was ready. and for a reporter there you could realize it was a big deal although we were being told by others that this was just a set up for gorbachev's visit to the united states following year following a reagan visit to moscow. one but yet yet, behind-the-scenes they were discussing things that are unbelievably important to the world and the two countries. gorbachev was there with the idea of eliminating nuclear
5:38 am
weapons. all nuclear weapons by the year 2000. the president was fascinated by the idea and reagan despite the image of the conservative he wanted to get along with russia. but on his terms. and and he had a romantic attachment to what we call star wars and the romantic attachment was if you had a choice that a certain point in negotiations to save maybe we can both agree on eliminating by the year 2000 and abut gorbachev wanted first elimination of the adn the end of possibility that
5:39 am
reagan wanted the ability to test not only in the laboratory but gorbachev was prepared to accept the area of testing in the laboratory. but the president would not accept that. so at the end of the day as was explained to us by secretary shultz was that yes, it was possible the president could not get sdi and was not responsible. and as someone who was given of journalism long ago, i think that is now absorber writing about this experience and ourselves and our feelings with russia.
5:40 am
to think back to that time my god there has been nothing like it since then or before how fantastic that would have been with the final brink of the advisers who kept saying no. easy does it. and the president really wanted to do it. everything that moved and to make a statement felt was a love with sdi and could not pull that off so that is a sad story for. >> and while you have tears in your eyes as well we should mention of course, there was chernobyl and then to deal with the secretary general's earlier in the term with that
5:41 am
biggest accident ever that has a very large effect in iceland and in northern europe. so low he was also thinking about this in a different way. so now to be portrayed with those ideas what was a like behind-the-scenes? ticket was a sad event but i thought it was a very happy event for an amazing. but on monday when we got back to citi magazine the picture on the cover and i was thinking this is the printed distribution of the first quarter. that was floating out there. >> there were some grammatical errors. [laughter]
5:42 am
>> i thought it was you. [laughter] those i overlooked. with lassie's said but gorbachev on the scene was an amazing change. but 1983 there was staff that was replaced them for two months later one died then another one was there then he died and both carol and i were very good friends with the eighth italian and passenger in we would go to his funeral in say why? he said i bought tickets for the entire series with so he was used to going back and forth. so to give a happy story and to cheer you up.
5:43 am
one of my objectives in life [laughter] >> i just want to show that three things. field you were great to give us the background. number-one to tell you what actually happened, and number two coming to tell you the significance of what happened, and number three tel you how my views differ of those that we heard in some respect from the moderator and key participants. this house is amazingly isolated reported to be haunted even now is called the london house. and a very small and beautiful house on the outskirts of reykjavik very beautiful because we are
5:44 am
going there on friday because iceland is doing in the event for the 30th anniversary summit will be terrific to go back and see. my wife does not like me to say this but it was the greatest weekend of my life. [laughter] with the thrill when and the misery so this is "time" magazine that he wrote about 1983 as a collection of all men of the year on the wall. with reagan's signature can and he is looking right there. >> is seen as a year in the dual.
5:45 am
and they will go after each other with their thermonuclear evens. did it was of very scary time as fiona pointed out and that was written in the cover story man of the year looking very somber. pdf you can see the size of the house. i will give you a quick to worry the upper left was the american chamber where we were waiting with the president and now with the president and with the upper right bedroom was the of soviet parlor and in between was the demilitarized zone. and the window on the left on the need for that is where they met 10 and half-hour's. i don't know about you i never met anybody 10 and half-hour's without notes,
5:46 am
without talking points, the most genuine either man was in office i know when your president but general secretary you always have the scripted meetings and the talking points with memos. none of this. , is you are summit free-floating the likes of which will never be repeated. it was the smallest bubble ever made in a room. there were eight in the bubble jammed shoulder to shoulder in announcing the president of the united states so we'll stand up i thought if i am going to stay in the bubble and i will, a better give up
5:47 am
president my chair so i said sit here for the next 40 minutes i was leaning against a the presidential needs -- his knees. this is in this world. not miss universe. but she was just crowned the month before i thought would make a great cover for redbook. the summit of the publisher thought it was a little off. [laughter] like 50 shades of vice. -- iceberg of the prime minister of iceland bright they're talking to a young tom brokaw they wanted to do interviews but iceland was not equipped to handle the world's attention.
5:48 am
so the opening of the summit every 3,000 members in the press and the prime minister i don't know why they didn't give him a tall but he does the interview. you have a very small room george shultz he was still alive in '92 doing great he came to a book party in spoke 45 minutes about reykjavik it was just wonderful. the president and gorbachev then you see the two translators better simultaneous common not sequential in the note taker is important because george washington university took
5:49 am
notes on line american in the soviet notes from the summit. that is something i did not know what the time. with that garbled 10 minutes recap but until you see the notes you don't see the back and forth and it is very very interesting 10 and half-hour's. here is where we met saturday night for armistice appointed because there was a concert downtown and a street festival and i was talking forward to that but made off was in charge of the group and richard perle was in the audience. we met at 8:00 tonight. we took of break 315 in the morning we adjourned at 6:20 a.m.. i don't know about you but i
5:50 am
had never done an all-nighter before. not even college. by our estimation we accomplished more strategically in the one night they and seven and a half years of negotiations with the soviets. we did not do much on imf as he would go back and forth we didn't do much with sdi because natalie did like to talk about it they were above to talk about it that was the remarkable part one would jack up the other one and then promise from reagan they were just flights of fantasy of both sides but they did as well. this is made off of the left who later committed suicide actually when the soviet
5:51 am
union fell. i kept up with him over the years and it was quite a shock when that happened. sunday afternoon. correct me if i am wrong it is the only segment in the u.s. russia summit going into overtime it was to end all in new on sunday that they thought because they were back-and-forth it would go into overtime the president comes up at 3:00 in the afternoon on sunday and sits in the corner and says several go down one more time but that is then i promise to nancy i would be offered in a. we explained that she knows where you are. it is not like you would stop at the bar on your way home. there is one story in and the world and he said but i told her i would be home.
5:52 am
so we are going over that. we did the all later. -- all major and here is the circle of that good looking guy who shows his bedside -- best decided he had never looked better. that was before i died my hair white. i look for distinguished now. but trying to come up with words that would bridge the gap that was fundamental that gorbachev wanted to confine sdi to the laboratory and reagan did not. and wanted 10 more years but
5:53 am
not in the laboratory. and then they came up as marvin mentioned with the advisers all over the place place, that isn't exactly what happened because ronald reagan knew what he wanted. so i don't think there was one time of the weekend he knew what he thought. it did not work. they went back and forth. but the notes of the transcripts of the american and soviet note takers because what is wonderful wonderful, as a case study, the last half-hour they were trying to bridge the gap but they started to talk about seeing the situation in each other's shoes. regular talk about the problems gorbachev would have with the kremlin and he
5:54 am
started to talk about the problems of reagan that was beautiful and they were pleading with each other. you can do this. reagan we went back to the ambassador's house where he was staying because the ambassador was kicked out for the weekend he was just walking back and forth. but his handler that was with him senate handle where he goes by from the miller center that basically he is never seen a president so agitated except when nancy was going into surgery. and he was. there is the picture that you chose with no deal.
5:55 am
i did not think that was fair i thought that gorbachev with the end of the sun and would sink that the seven you were right that was at the center of the controversy and was one big failure. so that is basically what happened. details could be filled then you can buy many copies of the book and give them out for halloween as a great present your thanksgiving. the second part what came out of that? >> number one is signing the imf agreement from the white house in december 1987
5:56 am
basically it was the zero option for the negotiations back in '82 and it eliminated if the class of weapon system from the soviet side and the american side because by then there were 5500 warheads on the capitals of europe. that was the number-one issue when reagan came into office and that was eliminated. that was signed in the white house. number two fbi enough level with the strategic level it started on the basis of what we agreed with the negotiations was down to equal levels of real
5:57 am
reductions for the strategic nuclear weapons. this is important because every other arms control that was a bad idea to tell you the truth but limit the growth of nuclear weapons. '01 reason we would change start film but to go to the future strategic arms reductions talks. that was a very big move the right no in terms of their stockpiles. that was second on the strategic ground but then it came during george herbert
5:58 am
walker bush and then during those clinton years and then the obama latest. that is on the second panel. first did reykjavik really contribute to the end of the cold war? there is a lot of argument about this. the simple answer is you cannot say because causation in any case is always a mystery. i personally seem to believe that reykjavik is several things. it's legitimize the no nuclear clause. and before reykjavik that abolition would have
5:59 am
folksinger stews sing about white nikes people and the nobel laureates. it was not mainstream but with ronald reagan as the poster boy the number of key participants that brought on the movement to show them the centerpiece food new more about nuclear weapons would be chairman of the joint chiefs in a lot more it became a respectable movement and the main
6:00 am
argument i would make reykjavik contributed one because there was no way the only way that he could get sdi that was absolutely the most threatening weapons system into the role into an take it away at a proportion he took the first address as a soviet leader did after for a meeting on the night he got back from t11 but sdi is a threat to the very existence american tree and to mankind everywhere. but in the pentagon that may

51 Views

info Stream Only

Uploaded by TV Archive on