Skip to main content

tv   Key Capitol Hill Hearings  CSPAN  August 6, 2015 11:00pm-12:01am EDT

11:00 pm
interdict a ton of cocaine. and his voice went something like this. well, admiral, i had watch. i went out and we stopped the boat. i said there's more to the story. come on. highlights. i said, tell me a little bit more about the "stratton." then his voice picks up. these are the best people i have ever served with. i am honored to be on this ship. this is the best ship in the coast guard. i said, what are you going to do next year? he said, my tour is up, and he's going to be serving on the "stratton" and they're deployed for 230 days out of the year. he goes, i'm going to ask my detailer if i can get a one-year extension because i'm going to be a qualified under way ood, which is usually reserved for officers. i have 88,000 bm-2 russos in the coast guard. so with that when people talk about budget, i said really the bedrock strength of this service, our backbone as it was going back to 1790 is our people. we just got a little bit more complex mission sets than we did in 1790, but alexander
11:01 pm
hamilton's vision is alive and well because his letter to those commanders resonates with each and every person in the coast guard. i'll now read my notes -- no, actually i'm done with that. and what i'd like to do is open it up to question and answer. [ applause ] >> and now the fun part. some of the questions have been quite interesting, admiral. let's see. senate armed services committee members are concerned that russia has 40 arctic icebreaker ships and america has one. is that going to change and when? i know you addressed that a bit earlier. >> yeah. so as i stand before you today, i have one of my vice admirals is with the national security staff up in the arctic to see firsthand what some of the
11:02 pm
challenges are up there. when you're up in barrow, alaska, you now see berms being built because you used to have a natural berm, a barrier, if you will, by all of the ice. so you're seeing a lot of coastal erosion. you're seeing a nearly threefold increase in human activity up there, but you look at the inventory of the united states, and the united states has one heavy icebreaker. we have a medium icebreaker and the coast guard cutter "healy," it can break ice up to eight feet thick which is operating up there. but "the polar star" is nearly 40 years old, and so this past winter when "the polar star" was coming back from antarctica, it is the most powerful non-nuclear powered icebreaker in the world. it is an awesome ship, but it's 40 years old. and so on the way back, there was a new zealand trawler that was beset in ice 150 miles into an ice field.
11:03 pm
some of that ice in excess of 15 feet thick. so the only ship anywhere in that hemisphere that could rescue them was "the polar star," and they did. they did a great job, but when they got 150 miles in, and i'm thinking this is a 40-year-old ship, god forbid they have a casualty, who is going to come to their rescue? we do not have a u.s. rescuer for the rescued, if you will. no buddy system. so we really do need to build out our capacity in the arctic. this is drawing a lot of attention. i have been working very close with the national security staff, with both house and senate, authorizers and appropriators. as i said earlier, how do you fund it? that is really the billion-dollar question right now. but this is really generating a lot of interest, and i am optimistic that on my watch we will see, no fooling, forward progress as we look at building a national fleet of icebreakers. we had seven when i came into the coast guard as an ensign.
11:04 pm
we are down to two right now. so we've moved in the wrong direction over the last nearly 40 years. >> you talked about the phishing attack. when was it? did it just target the coast guard? can you say anything else? >> this happened in the third week in july. we were not directly targeted, but the coast guard is on the dotmil domain. as are all the armed services. the coast guard hides behind if you will, the lead curtain for all of dod when it comes to information protection. there are a number of other higher level officials than -- well, i wasn't on the list, but you can imagine. there were some pretty high targets on that, and some of those attacks were successful, which means those individuals, their files had to be taken down completely, and it takes awhile to build those back up again. so it does cause a disruption. good news is we were not disrupted, but we were not the primary target.
11:05 pm
>> continuing along on the cyber questions, some critics are saying that the coast guard cybersecurity strategy lacks potency, personnel, cyberhygiene, originality, and funding. >> is that a question or a statement? >> do you agree or disagree? >> actually, i disagree. yeah, we have a company, if you will, of 70 cyberexperts. i call them experts and i don't call them warriors because their first job is to defend our cyberdomain. just as we did with the spear phishing attack, and we've seen a number of others, and quite honestly, you know, there are attempts to infiltrate our data systems on a daily basis. at the same time they're the ones that keep an eye out -- i mean, near realtime if someone says i need to charge my iphone, i'm going to plug it into the domain, alarms go off and when it comes to cyberhygiene, the next step is accountability.
11:06 pm
now, i have to be careful how i word that because then it's considered undue command influence, but we need to look at accountability standards if we have training and the like when it comes to not plugging unauthorized devices into our network, but it still happens. so right now our biggest threat is in the cyber -- is cyberhygiene. it's not just us. there was a mobile offshore drilling unit that drove off the site it was drilling on because the control systems that operates on a network, somebody on that drilling unit had plugged in a device that had malware and all of a sudden that dgps signal couldn't communicate with the thrusters and now that mobile offshore drilling unit drove off the site. fortunately, the blowout preventer kicked in, didn't have a spill. this was over off the coast of nigeria, but it cost that drilling company millions of dollars to get back on the site and then re-establish it.
11:07 pm
so cyberhygiene is a big piece. we're part of u.s. cybercommand. we have a coast guard flag officer in there. he's in the j-3 directorate. it's where the coast guard belongs because we operate in the dotmil, dotgov and dotcom domain. we're the only service that does that. we're a unique instrument when it comes to cyber security. it's an opinion but let me counter it, point, counterpoint, but that's my retort to that particular question. >> thank you. what -- given veto threats over the homeland security, what figure, dollar figure, given veto threats over the homeland security budget does the coast guard actually need to tackle its mission going forward and why? >> our total budget is actually about $10 billion, and last year for the second consecutive year the coast guard had a clean financial audit opinion. i talked about our acquisition program. less than 2% growth across our
11:08 pm
entire acquisition portfolio, and then when we buy stuff, we keep it. we maintain it very well. the fact that we have ships 50 years old, i was on one up in grand haven this weekend that's over 55 years old. still doing coast guard business. so, one, we mind our checkbook. two, we drive a hard bargain when we buy stuff, and when we buy it, we take very good care of it. what we haven't had over the last several years is a reliable and a repeatable acquisition budget. we've seen swings as wide as nearly 40%, and so when i'm challenged that my program of record is not affordable, it's like saying your mortgage is not affordable either when someone just took 50% of your disposable income away from you. yeah, you're going to have to foreclosure, but if you didn't cut me 40%, this is a very sustainable program of record. but as we've seen wide swings, and right now we're seeing a shift in direction where the value proposition of the coast guard, some examples that i gave
11:09 pm
you when i talked to you earlier, is fully being appreciated and a number of members, both sides of the aisle, both chambers, are saying we need to invest in the coast guard. so on that note, people aside, i am very optimistic with the markups we've seen so far, i can't share those with you, but it may very well bring the largest acquisition budget to the coast guard in coast guard history. so i'm pretty excited about that. >> one quick semi follow-up to that. in fact, one of your recent hearings some members criticized the coast guard for a lack of timely delivery of your capitalization plan. how would you respond to that in terms of your acquisitions? >> there's a two-part story to that. one is a five-year plan and the other is a 20-year plan. and it's very difficult to chart out to 20 years, and if that is going to be, you know, a bold statement that you're going to make 20 years from now, we know that 15 years ago we didn't predict 9/11. when the qdr was released a year
11:10 pm
and a half ago, we did not predict the rise of isil, we did not predict ukraine, we did not predict ebola, and we live in a very dynamic world today where if you walk your way across from east to west and around the world, i challenge you to find a region of tranquility, if you will. so it's a very complex operating environment so it's very difficult to predict out 20 years what the world is going to look like 20 years from now. but if you look at the systems that we've acquired, when you look at the hamilton class cutters that were brought online in the mid '60s, we modernized those as we went along. we make sure that whatever you buy is -- has space, weight, and power availability to accommodate new systems for new threats that are somewhere over the horizon. and so when you look at the national security cutter, that is an optimal cutter to work in what is a very probably opaque
11:11 pm
world if you start to look 10, 15 years, but those ships are going to be operating well after i cross the bar. so i think we've made smart decisions on what we've acquired within our program of record recognizing they will be around 20 years from now as well. >> facebook is building drones that are man-free and solar powered. they can fly for three months consecutively. could that technology help the coast guard in the future with constant coverage, and i want to add one little thing to that question. when you're engaged in drone technology, there's always the debate between civil liberties and actual deployment and personnel and force use. how do you deal with, a, the technology of lengthy usage of drones and, b, the ongoing debate over usage of drones in terms of civil liberties? >> fortunately, out on the high seas it gets pretty lonely out there. in that we're the only entity
11:12 pm
that has really a unique compendium of authority outside the 12 miles of u.s. waters, which is the high seas. we have over 60 bilateral agreements that deal with counter drug, that deal with proliferation security, that deal with fishery regulations. as i stand before you today, we're using drone technology on the coast guard cutter "healy" flying outlook where there's leads in the ice, has thermal imaging, look to see where there might be mammal activity so we don't disturb it. it's easier to use drone technology in sometimes marginal weather you would otherwise put human beings at risk that can do the exact same thing and can do it persistently. so drone technology, we've only seen, no pun intended, but the tip of the iceberg, and we've used it in counter drug operations as well. in fact, we used it in one intervention where normally the ship comes charging over the
11:13 pm
horizon, blue lights screaming. this case one of our national security cutters launched a drone, and they realized it was a refueling vessel waiting for that super panga loaded with cocaine to get refueled and continue on its way. so instead of charging over the horizon for the next 36 hours, kind of like sitting in a deer blind and you put a salt lick down there as well. so they stalked this thing for 36 hours, and then as soon as that go fast showed up, they bring the drone back and then launched the armed helicopter. shot out the outboards and we got several tons of cocaine out of that as well. more importantly, we got the bad guys, and they're now in a safehouse, if you will, providing us very valuable information. none of that would have been possible without drone technology. are we going to own the upper edge technologywise on that? probably not. commercial off the shelf, our adversaries, organized crime is a $750 billion industry, so i'm going after that with a $10 billion budget. so their biggest challenge is how do you launder $750 billion?
11:14 pm
there's no budget control act. there's no sequestration with these ill-gotten gains. so there's a little bit of a mismatch as we try to match technology against our adversaries. and i think when you look at drone technology, i see that as a challenge as we look 20 years out and probably less than that. probably in the next five years. >> you mentioned your coordinating role in the deepwater horizon spill and there have been a few spills in the news lately. given your experience as the on-site coordinator for five or seven months, how -- what are the lessons learned from deepwater horizon as permits are now opening up and more drilling is opening up ten years later that the coast guard can apply? >> tip o'neill probably said it right. he said as in politics, all things are local. and it's no different with the oil spills, and if you're not engaged first and foremost at
11:15 pm
the local level, so what we realized very early on during deepwater horizon as it impacted the gulf states, very hurricane-prone part of our country that is very accustomed to operating under the stafford act. you declare a national emergency, then under the stafford act, the governor reigns supreme. under the clean water act and with an oil spill, the federal government reigns supreme, and this impacted five states. not only did it impact five states, it impacted five republican states leading up to midterm elections. if you're looking at an oil spill, you need to kind of look at it like a rubik's cube and look at every angle behind it. one, it's a huge media event. it was my job to get it out of the national press, at least get it on the back fold of "the washington post." how do you work with the media to tell your story? i was never going to win the day over a tar ball on the beach. but what i could win the day when you looked at the daily
11:16 pm
release rate of all the offshore relief well drilling, just offshore alone was probably in the neighborhood of $50 million a day being expended by bp as we wrote out here is the incident action plan and what you need. we had 47,000 responders, bigger than our active duty coast guard, responding to this as well. but getting the media out to where the heavy artillery was, getting to the source of this oil and where we were the most effective was offshore, and then getting all of that out into social media. we worked with noaa and we created this application called erma, environmental response management application, and we pushed it out onto the web once we got it fully up and running. the first day we had 200,000 hits. on day two it was 2.2 million, and it just went viral after that. so rather than people waiting for the news cycle, they could go to this near realtime, look at jpeg encrypted photos, what was happening with the response. they could manipulate the data and draw their own conclusions.
11:17 pm
the final piece was we had 70 coast guard officers detailed to every parish president, every governor, so if they didn't like the way their county, their parish, their state was being allocated resources, you go to that coast guard person first. you don't go to cnn and try to, you know, steer the ship through national media, but let's work together on this and build unity of effort, but if you don't have unity of effort, this will become a media event. and at the end of the day the environment is going to suffer as a result. so a lot of good lessons learned for what proved to be probably one of the most complex responses the coast guard has had to deal with. >> a freedom of information act lawsuit was recently filed to require that shell make public details of the safety of their arctic drilling equipment. do you agree those should be made public given the coast guard's mission to make the arctic safe? >> certainly when it comes to safety, there's a need to know. there's clearly proprietary
11:18 pm
information when it comes to oil spill leases. the auctioning of these leases is actually one of the largest sources of revenue generation in our federal treasury. so without divulging, you know, the expanse of a given reservoir, but the safety standards that are in place, they're shared with us, they're shared with the department of interior, and clearly i believe there's a need for the public to be informed of what safeguards are in place to mitigate any impact to the environment. >> you spoke a lot about budget constraints and all the challenges. at some point some priorities are going to win, some are going to lose. you talked a lot about what's going to win, what's going to lose. >> what can't lose is force structure. all the service chiefs are grappling with the same dilemma. how do you modernize and maintain force structure at the same time? our active duty coast guard
11:19 pm
component, among the 88,000 is right around 40,000 people. of that 88,000, 31,000 of them are all volunteers, coast guard auxiliary. i can't even call them a force multiplier because i pay them nothing. whatever you multiply by zero, you get zero, but they provide millions, millions of free man hours supporting coast guard missions that don't involve putting themselves at risk. mostly our recreational boating community, but i can't cut force structure. maybe you make those very difficult decisions of what operations that you would have to cut. and we've also -- always defined ourselves by 11 statutory missions, and some may say, just get rid of one of those missions. well, each one of those missions has a funding line a program element assigned to it, so when you divest of a mission, you divest of the funding that goes with it and all you have at the
11:20 pm
end of the day is a smaller coast guard. 100 years ago is when the coast guard, the name coast guard first came into being. and the first commandant of the coast guard was under attack by the taft commission. they said we need to strip away all of this and move all your authorities into the navy. when they did the study they realized it was going to cost the navy over 40% more of what it cost the revenue cutter service to do what it did on a day-to-day basis. if you're looking for efficiencies, you're not going to find it because, quite honestly, many of our platforms are swiss army knives that can operate in a multiple of domains and mission sets including working side by side with our navy, with our department of defense service members as well. so people are the most critical asset but you may have to trim operations. you may have to slow down an acquisition. as painful as that is, you can recover from that, but there's a check valve. when you get rid of people, it's very difficult to bring them in absent a major contingency like a 9/11. so my approach to our human
11:21 pm
resource capital is to hold fast on the human resource capital that we have and look at where there's opportunities for further growth, especially in the cyberdomain. >> a few on climate change and alaska. since the president gave one of his commencement speeches at the coast guard academy, how is climate change going to change the coast guard's job in the next few decades? >> that's a tough one. i use the open water versus ice-covered water comparison. we're seeing large expansions of open water. it is widely agreed that the seawater temperature is rising and sea level is rising. i just go back to -- the phenomenon with that is you have more frequent and more severe typhoons. we're just clearing out a category 2 typhoon that just hit saipan.
11:22 pm
we have several assets up there today. two years ago a super typhoon haiyan hit the philippines with the highest ever recorded winds of nearly 200 miles an hour. if you can imagine a tornado 60 miles across. if one of those hit the united states, we might be convinced that what is going on with the world's climate today. but rising temperature, and as water expands it rises as it well. so we have low-lying islands in the pacific islands that are inundated with water at extreme high tides right now. those are some of the challenges that we need to look at. when we look at infrastructure that's being built today that's going to be around 100 years from now, did you factor in a rise of five or six feet of seawater? an area that doesn't get a lot of attention is greenland. so when you look at greenland, as those glaciers melt, it is freshwater and it sinks.
11:23 pm
as it sinks it displaces warmer saltwater that rises to the surface. now you have warm saltwater and you've got cold ice and you have this temperature gradient that usually causes more severe winds that accelerates erosion. more ice being released. you can't put this on a linear model. if you don't at least plan for that, we're very much a coastal nation but we need to take all of these factors into account as does the coast guard as we look at some of the challenges. but you can't plan this in two, four, or six-year windows of time. we need to be thinking 10, 15 years out. it's very easy to delay that decision and say it's not going to happen on my watch. on my watch i need to make sure three commandants from now says i'm glad they at least paid attention to this. so we're keeping an eye on this. >> how much of navigable waters
11:24 pm
increased in the arctic? >> i wouldn't say it's increased. there is a lot more activity up there. there is a cruise ship from the bering sea to -- to carry over 1,000 passengers next year through the northwest message. there's no aids to navigation up there. much of this area -- 5% is chartered to what we would call 21st century standards. the charting void that's up there is of great concern because if one of these ships does find a pinnacle -- we have a sea mount named after the coast guard cutter healy because they found one. it rises up over 10,000 feet from the sea floor. fortunately they found it with their side scan sonar and not their hull. we're also looking at a traffic
11:25 pm
separation scheme in the bering strait to assure that you don't have collisions at sea up there as well. >> couple of similar questions. should the navy take possession of the coast guard's icebreakers? what would you say to giving up that mission? how important is it to have more than just a few icebreakers and to modernize the military assets in the arctic region now? how is the arctic mission changing given russia's new build-up there? >> we made probably once a week i see the cno in the tank. i have a seat with the chairman and other service chiefs. each year we have staff war fighter talks. we've had lengthy discussions about the arctic. i am confident the admiral doesn't want to take on an icebreaking mission. when you look at what does an
11:26 pm
icebreaker need to do in the 21st century? clearly it needs to break ice and support a scientific mission. russia is militarizing the arctic. they turned the arctic into an area of access denial. if you look at an icebreaker as you look into the future, if you look at modular systems, make sure you reserve space, weight and power so you can put navy type systems in an ice environment to protect u.s. sovereignty up in the arctic domain. those are the discussions that we're really having. not to pass this off to one or the other but you look at future requirements of a heavy ice breaker, it has to be more than just break ice, support science. it has to do a multitude of things. >> moving to another part of the world -- the south china sea. some in the coast guard would call this a success story. you hear a lot in military
11:27 pm
parlance about the asia pivot. what specifically is the coast guard's role given its limited resources, given its shrinking budget, given its trying to shoot -- rob peter to pay paul. what's its roll in the diplomacy in the south china sea and anything else in that region? >> next month i'll be in the philippines. i'll be in vietnam, then i'll be in a six-way discussion with five other nations, including russia and china, japan, korea. canada will be at the table as well. china has created a china coast guard. they used to have five seagoing services called the five dragons. now four of those services come under the auspices of the china coast guard. there's been a lot of discussion that we should deploy coast guard cutters over to the east and south china sea. our u.s. policy is one of
11:28 pm
nonintervention. i liken it to a dog that chases a bus. what do you do with it? if i sent one ship over there, china can tend ten to my one and japan can send six to our one. if it is a numbers game, i'm never going to win. if you look at the one ship over there to me, i look at the real opportunity costs. this fall we wrote out a strategy for the western hemisphere. the last of the perry class frigates to be decommissioned. it was doing the lion's share of the drug interdiction activity, that we've seen in the western hemisphere with law enforcement coast guard teams. as the navy is rebalancing, there are some trade-offs being made there as well. if they're vacating one region, i need to make sure i'm doubling down on the void created by the navy. the opportunity costs significant if i send one ship
11:29 pm
to the east and south china sea. the dog that catches the bus, what is our policy going forward? then the void that i've left behind as well. we've written a cooperative strategy for the 21st century. navy coast guard marine corps. each service chief has signed that. i look at the coast guard as filling some of those vacuum spots created as the navy rebalances. where can the coast guard fill some of those requirements as a sea going service. >> speaking of coordination does the coast guard currently have a strong ability to share resources in realtime in multiple homeland security partners like customs and border patrol? if not, would this help improve the mission success of the coast guard? >> we've come great strides. for a department that's only been around over 12 years, it wasn't until 1986 that we came
11:30 pm
to realize we need jointness among our armed services. what we do have within the department of homeland security today, joint task force east, primarily maritime, west that deals with the southwest border, one for investigations, really the intel piece of this. each of these task forces you have coast guard, cvp immigrations and customs enforcement working side by side. we have a joint requirement council that looks at joint requirements in this case of navy and air forces of the department of homeland security. coast guard and cvp. our isr platform is a dod enterprise, but we're using it in the coast guard. as a military member of dhs saying this really works. this is a great system. cvp is putting that in their p-3
11:31 pm
and dash-8s. we're also looking at interoperability and commonality of systems. makes it more affordable, makes parts more reliable. you can also capitalize on the schoolhouses for some of these as well. we have come pretty far in a very short time within dhs building unity of effort across the various components. >> do you ever see a time coast guard returning to the department of defense and out of homeland security? >> probably not. one value we bring to dod is we can go title 10. we're title 10 service which means we are a military service, but we also do title 14. if you look at any campaign plan, there's probably some embargo provision written in into that that may require a law enforcement authority which the coast guard can bring to the table. then if we have to go to title 10 we can just as easily do that on the fly as well. our systems are interoperable. i think that's a key part so we don't come with systems that
11:32 pm
can't speak with dod systems so our new platforms have navy type, navy owned but fully interoperability with our allied brethren. >> when it comes to migration especially from the caribbean, do you support the feet dry policy? one fot dry policy? how have recent diplomatic efforts in cuba likely to affect that and other matters in that region? >> i'll let you draw your conclusions. we have brand-new fast response cutters. they are great platforms. there was an expectation that a migration policy was going to change around christmas. it didn't, but that was the perception back in cuba so we had a spike in migration. we were able to apprehend almost every one of those boats destined for the florida coastline. but then it takes about five days to go through a screening
11:33 pm
process before these folks are brought back to cuba. within the last two weeks, we had two migrants that shot themselves, then were medevac'd before we apprehended them so they were medevac'd back to the united states. we had another four that found bleach on one of our ships and drank it and so we had to medevac them. we have others that will self-mutilate to do whatever it takes to get their feet dry in the united states. meanwhile, our crews are trying to safeguard these folks for five days while they pick up more because of a feet dry policy. it puts our people at risk. it puts others at risk. when you look at our policy versus what's played out, off the north coast of africa, we're saving lives. yes, we're apprehending but many of these folks are in really
11:34 pm
unseaworthy. but they'll probably go back and try to cross again. the feet dry policy makes it challenge for those doing enforcement to a safeguard them. until we have a clear light to be able to repatriate them back to cuba. >> just a few seconds left before i ask the final question. i'll first present you with a national press club mug. >> thank you. >> noting that we are the leading organization for professional journalists and fight for a free press worldwide, i'm going to ask you one little question about the mets. are you going to -- are the mets going all the way this year? >> so 1969. so you had a late acquisition, the mvp of that world series.
11:35 pm
the names have changed a little bit. now there are names like aribe, cespedes. mets have already had the tom severs. they've got the pitching staff, the hitting. they've got the commandant of the coast guard, for crying out loud pulling for them. when i throw the opening pitch tomorrow, if i throw a warm burner and it hits matt scherzer in the shin and he's taken out for the next two weeks -- i wouldn't do that. as you know, the mets were caught up in the bernie madoff scheme, and they auctioned off a good part of the team. again, i go back to 1962 when they had no place to go but up. when you look at our coast guard sometimes you can relate to the mets. you've got no place to go but up. you got the mets destined for the world series and you got the coast guard doing the same thing.
11:36 pm
>> how about another round of applause for admiral? we'll see you back here hopefully on august 12th with reverend bishop. i'd like to thank the national press club staff and broadcast center for organizing today's event. if you'd like a copy of today's program or to learn more about the national press club please go to our website, www.press.org. thank you. we are adjoined. this weekend, politics books and american history. saturday at 8:00 eastern, congressional profiles with four
11:37 pm
freshmen members. brendan boyle, louisiana republican ralph abraham michigan democrat, brenda lawrence and new jersey republican tom mcarthur. sunday night at 9:00 with elections coming in october a debate among the four national party leaders in canada. saturday night at 10:00 on book tv's afterwards, charles murray argues through the use of technology we can rein in the power of the federal government. sunday at 7:00, susan souther talks about the city and people of nagasaki, japan from the morning it was bombed until today. this weekend on american history tv we commemorate the 70th anniversary of the bombings of hiroshima and nagasaki and the end of the war in the pacific. our programming starts with a conversation from harry truman's grandson. and later, we'll visit the american university hiroshima
11:38 pm
nagasaki atomic bomb institute with peter koznik. sunday morning at 10:00, our coverage continues with the 2000 documentary on the making of the atom icbomb and interviews with two bomb survivors. get our complete schedule at c-span.org. now a discussion about computer security and defending against cyberattacks with a panel at the hudson institute that includes mike rogers. this is two hours. all right. good afternoon. i'm samantha ravich, the principal investigator on this project. i want to thank everyone for attending. in particular, i really want to thank the hudson institute and the foundation for the defense of democracies for co-hosting
11:39 pm
this event. i also want to thank the co-authors of the monograph. some will be speaking today. juan zarate, mike dubowitz. but some may be in the audience, abe, andy and tiffany. i don't know if tiffany is here. if you haven't seen it tiffany was quoted extensively in a recent "washington post" series on the cyber vulnerabilities of the auto sector. a few housekeeping notes before we get started. the first panel will begin momentarily at about 1:00 and will roll into the second panel. finish around 2:00. there is a short survey, if you could, if you haven't taken it already, we would really appreciate it. it will give us -- it's anonymous and short. it will really give us a better idea about how people are
11:40 pm
thinking about cyberenabled economic warfare, and where resources should be put to it. we will be publishing both a synopsis of this seminar, and the results of the survey, so stay tuned. all right. so let me set the stage for a few minutes on how the project on cyberenabled economic warfare really got started. it really had its genesis back in the mid-1990s. in discussions with incredibly smart people like marge at the smith richardson foundation that sponsored this work about the intersection of economics and security. so in 1997, the asian financial crisis hit, if you remember. it began in thailand and then the contagion quickly spread to indonesia, south korea, malaysia, other countries throughout the region. foreign debt to gdp ratios rose over 180%. during the worst of the crisis, riots occurred, governments
11:41 pm
fell. the causes of the crisis were varied but most experts think it was the combination of crony capitalism, and economic bubble flooding the market with cheap money, and a simultaneous slump in semiconductor prices with the rise in the value of the u.s. dollar. but from westport, connecticut, we discussed how economic destabilization in southeast asia could potentially affect larger regional securities. what would it mean to relations in taiwan and china? what would it do to separatist groups like abu sayyaf. it was the malaysian prime minister at the time, what he was saying that really got us thinking. mr. mahatir initially penned the blame on financiers saying they had sabotaged the malaysian economy.
11:42 pm
he said the economic fires were no accident, but a western conspiracy to rule the world and tell other countries how to run their affairs. we discounted the malaysians' specific diatribe and rhetoric and thinly veiled semitism, if you remember that party. but we did think about the broader issue of how a country or countries could use economic means to undermine an adversary or change its policies. we thought back on america's use of economic warfare against the nazis, then again against the soviet union. and we began to think, if and how the u.s. would need to think differently about these threats and capabilities as the world financial markets became more automated and more integrated. over the next decade, the conversation kind of waxed and waned, but came roaring back as evidence began piling up on the scale and scope of cyberattacks against u.s. banks, u.s. defense contractors, u.s. intellectual property, our electric grid, our health care system, the most sensitive parts of our
11:43 pm
government. were we seeing something new? again, there's always been economic warfare. where one side in a conflict goes after the economy of another to affect and weaken its overall strength. but the rise of the global electronically networked economy, and the growing cross-border integration and interdependence of its constituent parts has produced sizeable opportunities for various actors to develop new methods and strategies of economic warfare. both state and nonstate actors increasingly can contemplate new possibilities for using pernicious cyberpenetration of critical economic assets and systems in order to cause harm to a target state security capabilities. so we label this new class of security threats cyberenabled economic warfare. the attempt at achieving political and security goals through cyberenabled economic aggression.
11:44 pm
and in this type of warfare, the united states is particularly vulnerable. as mike mcconnell said, if we were in a cyberwar today, the united states would lose. this is not because we do not have talented people or cutting-edge technology. it is because we are simply the most dependent and the most vulnerable. so we started this project with a few organizing questions. one, within the escalating cyberattacks on u.s. public and private organizations, is there lurking a new type of action. some form of concerted strategy to undermine the u.s. economically. two, are there adversaries whose strategies are specifically designed to cause economic harm that could weaken or significantly debilitate u.s. security capabilities? three, is the u.s. prepared to identify and address such strategies effectively? and four, if not, what can be done? we did not attempt to provide definitive answers in the monograph and through this seminar, rather, what we wanted
11:45 pm
to do is start a robust, much-needed debate on this topic. the chapter authors and those who are participating in some of the seminars we've held have also been willing to put novel and creative approaches on the table. some are workable, some might not yet be workable, but it is critical for new ways of thinking to be explored to address this problem. because to a person, we are certain that u.s. intelligence, defense, treasury and homeland security departments and agencies appear to be inadequately constructed or attuned at present to address the way these threats are evolving. the u.s. system for detecting, evaluating and addressing the cyberenabled threats is insufficiently focused on the matter. this raises concerns about america's preparedness for identifying and responding to existing economic threats. and the ability to match the rate of their evolution. and with that, i want to turn to our first panel that examines
11:46 pm
the evolving nature of this debate. we're honored to have three highly knowledgeable and well-regarded individuals. so our format is that each will speak for about ten minutes. and then we will open it up to q&a for another 20 or 30. so first up is the honorable juan zarate. he served as the first ever assistant secretary for the treasury. he also served as deputy national security adviser for combath terrorism. his phenomenal book explores the evolution and importance of this new era of economic warfare. juan serves as chairman and senior counsel for the center on sanctions and finance. >> thank you very much. thanks to all of you for coming. this is a wonderful turnout and a wonderful event. i want to thank the hudson institute, and mark dubowitz for
11:47 pm
hosting today. sam, thank you for your leadership, for shepherding the authors for this important piece of work. i would commend all of you in the room, and those watching online, to make sure to pick it up and read it. because the contribution at least from the other authors in this compendium are incredibly important. i'm honored to be here today, especially with steve and mike, to discuss these issues. i want to thank sam, too, because she gave me an opportunity to write a bit more about the issues that i began to explore at the tail end of my book that i think are critical as we look forward. what i want to do is discuss with you, and maybe open up the discussion for the panel to talk about the convergence of financial and cyberwarfare. because as sam has laid out, one of the interesting dynamics of the 21st century is how dynamic, how fluid, how interconnected both the global financial and cyberdomains have become, and
11:48 pm
how interdependent they are. the reality is, the more dependent that the u.s. and western economies become on those globalized interconnected cybersystems, the more vulnerable we also become to the potential asymmetric impact and effects of those who may try to attack, if not affect u.s. interests. and so what i would like to do is talk a little bit about what that convergence looks like, starting first with the discussion of the nature of the threats and then what this means strategically. because i think where we are now is we're facing a very dynamic and shifting threat landscape. but also a dynamic and shifting strategic landscape, where the threat of asymmetric capabilities is really upon the u.s. and has really been identified by the dni, and others in the u.s. intelligence community. so let me start first with the threat landscape itself. in particular, the actors involved in this space.
11:49 pm
it's clear that actors around the world, be they state or nonstate actors, have realized there's asymmetric advantage in using cybertools, using tools of financial or economic warfare to their advantage. that in many ways, it provides a low barrier to entry and asymmetric advantage to think about the use of these tools in a much more aggressive way, to attack u.s. interests. in many ways, it's laid out the 20th century, in the beginning of the 21st century, dominated not just by the american economic dominance, but really a dynamic where the u.s. found creative and innovative ways to use power and influence, and reach to isolate rogue actors from the financial system. we're seeing this play out obviously in the negotiations
11:50 pm
with iran. we're seeing this play out to a certain extent in the debate around russia. the ability to use financial and global tools to isolate rogue behavior has largely been the province of the u.s. government and u.s. policy. but u.s. competitors, and threatening actors realize that those very same tools, those very same mechanisms, some of the same strategies can actually be used against the u.s. for asymmetric advantage. so you see a full spectrum of actors playing out in this space realizing this dynamic. super empowered individuals, hackers, for political or other reasons, profit often using these tools to go after the financial system, in particular banks. sophisticated organized crime groups using deep expertise found easily on the internet, beginning to infiltrate banks and the financial system. intelligence services, figuring
11:51 pm
out how to use these tools for state and nonstate advantage. again, for profit and for political purposes. and then finally, nation states. some of them major powers like russia and china, others marginalized like iran, syria, north korea, figuring out ways to use these very same tools to influence. and we've seen plenty of examples of that. one of the advantages to these actors is the low barrier entries. as we often say, it's not very costly to get into this game, or to be on the offense. it's incredibly costly to be defending against these. but there's a supply of expertise available on the internet. often sold to the highest bidder. there is the dark web that provides access to those willing to play in those dark alleys of the internet, and to connect with those with expertise. there's open source protocols and programs that allow individuals and small groups to
11:52 pm
have global reach. and there's weak defenses globally, whether it's at opm, or in other systems around the world where small or relatively weak actors can gain access to prized information. and so you have a spectrum of actors with a spectrum of capabilities that provides a low barrier to entry. and begins to challenge the u.s. system and dependencies. now, the tools of disruption, and potentially even destruction are many fold. you have spear phishing techniques and attacks, which are common in the cybersecurity space. you've seen d-dos attacks, increase in sophistication and frequency. you've seen malware evolve into some pretty dramatic and important ways, in particular, attacking the financial sector. you've seen trojan horse
11:53 pm
attacks, which may portend potential destructive malware attacks. these aren't imagining or hypotheticals, we've begun to see them. the jpmorgan attack last summer. a good example of the potential for vulnerability as well as destruction. the dark seoul attack led by the north koreans affecting south korean banks and operations. the denial of service attacks led by the iranians and syrians against western banks which continue to this day. the attacks against the middle eastern banks in 2012. the nasdaq hack, which has not been fully determined, or figured out, in october of 2010. matched with significant infrastructure attacks, like ramco and others. portend the real series of
11:54 pm
adaptations and attacks on the financial system in a way that is strategic, systemic, and important. now, let me move just very quickly to discuss why the financial system, in particular banks have become such an interesting and important part of this landscape. as i've often said, in many ways, the international global banks are now the center of the cyberstorm. and that's for a few reasons. one, banks in the financial system, where the money is, right? so if you want to profit, if you're an organized criminal ring that just wants to make money, you want to engage in fraud, that's where you hack. that's where you attempt to get access to data and to money. it's also where intellectual property, sensitive information may exist, informational data important to data, also intellectual property important to deals and companies that are engaged in mergers and acquisitions, and attempts to enter new markets. so that information becomes valuable to a whole host of actors.
11:55 pm
banks over the last 15 years have also become protagonists, and many of the national security issues and debates that affect rogue actors and countries. so the very isolation of iran, for example, from the global financial system has been driven in part by what the western banks have decided to do, or not do, in terms of business with the revolutionary guard, or iranian companies and fronts. and also, actors in the space, the full spectrum that i described understand that banks and the financial system are part of the key vulnerability and a systemic risk for the west, and for the united states. and so some actors, no doubt the most destructive among that spectrum, would find it incredibly advantageous, if not helpful to try to bring down the system in some way, or to destroy the trust that is at the core of the international financial system. what hank paulson once called the magnificent glass house.
11:56 pm
and so the banks, the financial system find themselves in the middle of the cyberstorm at a time when the asymmetric environment is evolving. evolving in some interesting ways. as sam mentioned, and as the report lays out, the u.s.'s vulnerability is increasing over time. with hybrid warfare, and gray zones of warfare beginning to evolve as parts of national doctrines. we see this clearly with the russians, how they're thinking about the use of proxies in cybercapabilities. you see this as well in the environment where there's much more fluidity than in the past with rogue actors able to interact, and profit with and for each other. so the chinese government able to use nonstate actors to hack, and to claim deniability of those attacks. the syrians and iranians developing their own
11:57 pm
capabilities, perhaps relying on others. the north koreans clearly developing capabilities as seen in the sony hack and attack of last year. so there are enormous adaptations happening due to the technologies, due to the global connectivity of the system, but also strategically with these rogue actors, with these challenging states, thinking aggressively about how to use these tools. and i know the next panel is going to get into some of the defensive dimensions of this, sam, but i do think it's worth mentioning, at least some of the ideas that i put forth in my piece, and that i know we will discuss here, because there has to be a new way of thinking about the strategy. there has to be a new way of thinking about these tools, in ways that not only puts us on the defensive, but also on the offensive. and thinking about more aggressive public/private partnerships and paradigms that allow us to create not only defense in-depth, but also denial, strategies of deterrence, which we have yet to
11:58 pm
do using financial tools like the president's executive order from april 1st. perhaps some tailored hack back capabilities, in particular instances, perhaps with cyberwarrants. when the government gives license to the private sector to protect its systems, go and destroy data that's been stolen, or maybe even something more aggressive. and then finally, developing the redundancy of our systems, so it becomes less attractive as a strategic tool for our adversaries. so with that, i hope that's a helpful way of framing the issues. it's a much more dynamic environment not just in terms of the threats, and the technology, but also strategically as we look at the landscape. >> that's fantastic. i look forward both in the q&a from this panel and rolling into the next one, to discuss some of those things that juan laid out at the end, particularly the hack back, which is a very interesting topic. next up we have steve chabinsky,
11:59 pm
who's general counsel and chief risk officer for the cybersecurity technology firm crouch strike. mr. chabinsky served for over 15 years with the fbi, where he helped shape many of america's most significant cyber and infrastructure protection laws and strategies. as deputy of the fbi cyber division, mr. chabinsky helped oversee fbi strategies, intelligence analysis, budget and policy development and execution, and major outreach efforts that focused on protecting the united states from cyberattacks. so mr. chabinsky? steve? >> thank you. juan, those remarks were so good. all you've left me to do is actually pull some of the subjects you brought up. what a tour de force as an overview. where you really started, you know, where you ended is where i'm going to start, which has to do with strategy. where are we, where should we be. we actually have a failed strategy right now. the way we know this is we keep putting more resources, more
12:00 am
people, more effort, more policies in place, and the problem keeps getting worse, right? by no stretch of the imagination can someone say that's going well. even our best efforts, to the extent we say we're doing well over time, it doesn't compare to where the threat's going. captions copyright national cable satellite corp. 2008 captioning performed by vitac

25 Views

info Stream Only

Uploaded by TV Archive on