Skip to main content

tv   Senior Intelligence Officials More Resolute About Russian Role in...  CSPAN  January 8, 2017 10:33am-1:17pm EST

10:33 am
awarded in shared between 150 students and 53 teachers. for more information on our competition and rules, go to our website. >> national intelligence director james clapper called russia and existential threat to the u.s. this past week while testifying with other intelligence officials about rush's to influence the 2016 presidential election. this hearing occurred one day before the declassified report concluded russian president vladimir putin ordered a so-called influence campaign aide the mesh and get the u.s. election. a half just over two and hours. before we begin, i want to welcome all of our members back to the committee and extend a
10:34 am
special welcome to the new members joining us. .n the republican side on the democratic side we're , joining by senator warren and peters. it's a special privilege to serve on this committee. most of all because it affords spend soportunity to much time in the company of heroes the men and women who , serve and sacrifice on our behalf every day. i hope you will come to cherish your service on this committee as much as i have over the years and i look forward to working with each of you. the committee meets this morning for the first in a series of hearings on cyber security to receive the testimony on foreign cyberthreats to the united states. i'd like to welcome our witnesses this morning, james clapper, director of national intelligence, marcel la trey under secretary of defense for , intelligence and admiral mike , rodgers commander of u.s. cyber command and chief of the central security service. this hearing is about the range of cyber security challenges
10:35 am
confronting our nation. threats from countries like russia, china as well as actors from terrorist groups to transnational criminal organizations. in recent years, we've seen a growing series of cyber attacks by multiple actors that have targeted our citizens, businesses, military and government. but there's no escaping the fact that this committee meets today for the first time in this new congress in the aftermath of an unprecedented attack on our democracy. at the president's direction, director clapper is leading a comprehensive review with the -- of russian interference in therecent election with goal of informing the american people as much as possible about what happened. i am confident that director clapper will conduct this review with the same integrity and professionalism that has characterized his nearly half a century of government and military service. i'm equally confident in the dedicated members of our intelligence community.
10:36 am
the goal of this review, as i understand it, is not to question the outcome of the presidential election nor should it be. as both president obama and president-elect trump has said , our nation must move forward but we must do so with full knowledge of the fact. i trust director clapper will brief the congress on his review when it is completed. this is not the time or place to preview its findings. that said, we know a lot already. in october, our intelligence agencies concluded unanimously that quote the raugs government directed compromises of e-mails from u.s. persons and institutions including from u.s. political organizations.
10:37 am
they also assess that, quote, disclosures of alleged hacked e-mails were consistent with the methods and motivations of russian directed efforts and that these thefts and disclosures were intended to interfere with the u.s. election process. since then our intelligence community has released additional information concerning these russian activities, including a joint analysis report that provided technical details regarding the tools and infrastructure used by the russian civilian and military intelligence services to attack the united states. every american should be alarmed by russia's attacks on our nation. there is no national security interest more vital to the united states of america than the ability to hold free and fair elections without foreign interference. that's why congress must set par -- partisanship aside, follow the facts, and work together to devise comprehensive solutions to defend against and respond to foreign cyber attacks. as we do, we must recognize that the recent russian attacks are one part of a much bigger cyber problem. russian cyber attacks have targeted the white house, the
10:38 am
joint staff, the state department, our critical infrastructure, chinese cyber attacks have recordedly target nsa, the department of state and commerce, congressional offices, military labs, the naval war college and u.s. businesses including major defense contractors. most recently, china compromised over 20 million background investigations at the office of personnel management. iran has used cyber tools in recent years to attack the u.s. navy. u.s. partners in the middle east, major final institutions and a dam just 25 miles north of new york city. and of course, north korea was responsible for the massive cyber attack on sony pictures in 2014. what seems clear is that our adversaries have reached ail -- reached a common conclusion that the reward for attacking , america in cyber space outweighs the risk.
10:39 am
for years, cyber attacks on our nation have been met with indecision and inaction. our nation has no policy and thus no strategy for cyber deterrence. this appearance of weakness has been provocative to our adversaries who have attacked us again and again with growing severity. unless we demonstrate the cost of attacking the united states outweigh the perceived benefits, these cyber attacks will only grow. this is also true beyond the cyber domain. it should not surprise us that vladimir putin would think he could launch increasingly severe cyber attacks against our nation when he had paid little price for invading ukraine and crimea. subverting democratic values and institutions across europe. and of course helping assad , slaughter civilians in syria for more than a year with in punitive. the same is true for china, iran, north korea and any other adversary that is reasonableably
10:40 am
felt emboldened to challenge the world order. put simply, we cannot achieve cyber deterrence without destroying the credibility of u.s. deterrence more broadly. to do so we must first have a policy which means finally resolving the long list of basic cyber questions that we as a nation have yet to answer. what constitutes an act of war or aggression in cyber space that would merit a military response, be it cyber or other means. what is our theory of cyber deterrence and what is our strategy to implement it. is our government organized to handle this threat? who is accountable for this problem and do they have sufficient authority to deliver results? are we in the congress just a s stove piped such as our oversight reinforces problems rather than helping to resolve
10:41 am
them? do we need to change how we are organized? this committee intends to hold a series of meetings in the months ahead to explore these and other questions. we look forward to hearing the candid views of our distinguished witnesses today who have thought about these as much as anyone in our nation. senator reid. senator reid thank you very : much, mr. chairman. i want to commend you for our leadership in promptly scheduling this meeting on foreign cyber threats. i'd like to welcome our witnesses director clapper and admiral rodgers thank you gentlemen for your service and dedication. while i understand that our witnesses will be discussing the cyber threats that many countries including china and india posts to our nation, i would like to focus on the widely reported instances of russian hacking and disinformation that raised concerns regarding the election of 2016. in addition to stealing
10:42 am
information from the democratic national committee and the clinton campaign and cherry picking what information it leaked to the media the russian government also created and spread fake news and conspiracies across the vast social media landscape. at the very least, the effect of russia's actions was to erode the faith of the american people in our democratic institutions. these and other cyber tools remain highly active and engage in misinforming our political dialog even today. there is still much we do not know but russia's involvement in these intrusions is not appear -- does not appear to be in any doubt. russia's best cyber operators are judged to be as elusive and hard to identify as any in the world. however, detection and attribution were not so difficult the implication putin may have wanted us to know what he have done to support an official rejection of culpability. these russian cyber attacks should be judged within the larger context of russia's rejection of the post cold war
10:43 am
international order and aggressive actions against its neighbors. russian's current leaders and president putin in particular, perceive the west general support the human rights, the rule of law and democracy as well as nato and e.u. enlargement as a threat to what they believe is russia's sphere of influence. russia makes no secret it is determined to aggressively halt and counter what it characterizes as western encroachment on its vital interest. invasion of georgia, the annexization of crimea, ukraine, the continuing military build-up despite declining economy, saber rattling, the authoritarian attitude toward the press, the unwavering campaign over the internet and the creation of an iron information curtain and
10:44 am
it's aggressive interference with western political processes all are one piece. russia's efforts to undermine democracy at home and abroad cannot be ignored or traded away . what russia did the to the united states in 2016 it is already does has done rather and continues to do in europe. this challenges the progress of democratic values since the end of the cold war must not be tolerated. despite the indifference of some to this matter our nation needs , to know in detail what the anelligence community was attack on the electoral process. the electoral process is the bedrock of our system of government. effort to manipulate it by a regime with values so opposite our own is a challenge to the nation's security which must be met with bipartisan and universal condemnation, consequences and correction. i believe the most appropriate
10:45 am
means in conducting inquiry is the creation of a special elect them -- special select committee in the senate. the problems spill across the .divides failing that, our committee must take on as much as of this task as we can. again, i commend the chairman for his commitment to do so. therefore i am pleased and grateful that his efforts will be expended, the energy will be invested on the matters that are so critical to the american people. i also want to applaud president obama's initial steps to respond to russia's hostile actions. we appreciate your urgent efforts to discover what happened and why and to make these facts known to the president, the president-elect , congress, and the american people.
10:46 am
although your investigation report to president obama not yet public, we hope you'll be able to convey and explain what's been accomplished so far, including the steps already announced by the president. in addition i am sure we'll have , many questions about how we are organized in the cyber domain and what changes you have recommended going forward. subjects that president obama referenced in his signing statement of the national defense authorization act for fiscal year 2017. these are difficult issues but they are of vital importance to our nation, our security and our democracy. mr. chairman, i look forward to working with you in a bipartisan manner to conduct a thorough and thoughtful inquiry and do more to address the cyberthreats more broadly by state and nonstate actors. thank you very much. senator mccain. mccain: i welcome the witnesses and we'll begin with you for any opening statements or comments you might have. >> thank you chairman. ranking member reid. i appreciate the opportunity to
10:47 am
be here today. i will shortly turn the microphone over to director clapper for some comments followed by admiral rodgers. as this is my last appearance before this committee before stepping down after eight years of pentagon service in a few weeks -- senator mccain i'm sure you'll : regret not having that opportunity again. >> it will be nice to be skiing a little bit in february, that's for sure. but having said that, since i am just a few weeks from stepping down i do want to thank its this committee for it's partnership and thank director clapper and admiral rodgers for the privilege of being able to serve together with them in the leadership of the u.s. intelligence community. and to the men and women of the u.s. intelligence community, civilian and military, thousands of whom are deployed today around the world advancing u.s. interest and protecting america. i do admire your integrity, your service. it has been an honor to serve with you over the last many years.
10:48 am
in the interest of time, i'll briefly note the department of defense's views on cyber in three core themes. first the threats we must address, second what we are doing to address them now and third the difficult but urgent work we know still lies ahead. first, the threats. as you know, the department of defense's leadership believes we confront no fewer than five immediate but also distinct and evolving challenges across all operating domains. we are countering the prospect of russian aggression and coercion especially in europe. something we unfortunately have had to energetically renew our focus on in the last several years. we are also managing historic change in perhaps the most consequential region for
10:49 am
america's future, the asia-pacific. and watching the risks of china's destabilizing actions in the region. we are checking iranian aggression across the middle east. we are strengthening our deterrent and defense forces in the face of north korea's continued nuclear provocations. and we are countering terrorism with the aim of accelerating the lasting defeat of isil and al qaeda. these are what many in the department of defense have termed the four plus one, four state based challenges and an ongoing condition of battling terrorism. as our joint written statement for the record has detailed each of these security challenges, china, russia, iran, north korea and global terrorist groups such as isil. it presents a significant cyberthreat dimension to the u.s. military. cyber is an operating domain that is real, complex, dynamic, contested. and it must be addressed.
10:50 am
second, what we are doing about it? the department of defense has for several years pursued a comprehensive strategy for maintaining the necessary change it -- strategic dominance in this domain. secretary of defense ash carter has pressed for d.o.d. to change and adapt and innovate not only to meet today's challenges but also to ensure that we effectively defend against cyber threats well into an uncertain future. we have built and continue to build the means and methods that will strengthen our relative position against each of these dimensions of the cyber threat. the government cyber policies reflected in presidential policy directives and executive orders provide guidance on the absolute necessity of a whole of government approach critical to protecting our nation. the department has developed , refined and published it cyber , strategy which clearly lays out three d.o.d. cyber missions.
10:51 am
defending d.o.d. networks, providing cyber options for our military commanders and when called upon , by our nation's leaders, defending the nation against cyber attacks of significant consequence. as the director and admiral rodgers will note since 2009, the department has matured cyber command to ensure a clear command response biltd and --we sought spill any command responsibility and authority and growing capabilities essential to our unity of effort for cyber operations. we also continue to mature our cyber mission forces, which this fall achieved initial operating capability or ioc status. this force is providing military capability to execute our three missions in cyber space. we're building new capabilities and new tools for the cyber mission force to use. third, what remains to be done. as much as we have done we recognize there is much more to do. let me mention just a couple of those most important tasks here. first, we need to continue to develop and refine our national cyber policy framework which
10:52 am
includes the evolution of all dimensions of our deterrence posture, the ability to deny the adversary its objectives, to impose costs and to ensure we , have a resilient infrastructure to execute a multi-domain mission. this refinement and evolution in our deterrent thinking and capability will further empower decision-making at net speed. second, within the department , cyber command has matured and is doing more to protect the nation and support global operations than ever before and we need to continue, in fact, accelerate this maturation. accordingly, the secretary of defense supports the elevation of cyber command to a unified combatant command and supports ending the duel hat arrangement for the leadership of n.s.a. and cyber command and doing so through a deliberate conditions based approach while continuing
10:53 am
to leverage the shared capabilities and synergies. and finally, we must redouble our efforts to deepen partnerships between government and the private sector and between the u.s. government and our allies. we must continue to seek help from american industry, the source of much of the world's greatest technology talent in innovating to find cyber defense solutions, build resiliency into our critical infrastructure systems, and strengthen our deterrence. with our allies and partners we , must work together to promote stability in cyber space. universal recognition that existing international law applies in cyber space and the adoption of voluntary peacetime. norms of responsible state behavior. thanks. i look forward to your questions. i will now pass the baton to general clapper. >> senator mccain, and distinguished members of the committee, first, thanks very
10:54 am
much for your opening statements. obviously we're here today to talk about cyber threats that face our nation and i will offer some brief recommendations and a few parting observations. i certainly want to take note of and thank the members of the committee, who are engaged on this issue and have spoken to it publicly. i know there is great interest in the issue of russian interference in our electoral process based on the many classified briefings the intelligence community has already provided on this topic to the congress. secretary of homeland security jeh johnson and i have issued statements about it. the joint analysis report that you alluded to publicly issued by the department of homeland security and the federal bureau of investigation provided details on the tools and infrastructure used by the russian intelligence services to compromise infrastructure associated with the election as well as a range of u.s.
10:55 am
government political and private sector entities as you described. as you also noted, the president tasked the intelligence community to prepare a comprehensive report on russian interference in our election. we plan to brief the congress and release an unclassified version of this report to the public early next week, with due deference to the protection of highly sensitive and fragile sources and methods. but until then, we're really not prepared to discuss this beyond standing by our earlier statements. we are prepared to talk about other aspects of the russian cyber threat. we also see cyber threats challenging public trust and confidence in information services and institutions. russia has clearly assumed an even more aggressive cyber posture by increasing cyber espionage operations, leaking data stolen from these
10:56 am
operations, and targeting critical infrastructure systems. china continues to succeed in conducting cyber espionage against the u.s. government, our allies, and u.s. companies. intelligence community and the security experts, however, have observed some reduction in cyber activity from china against the u.s. companies since the bilateral september 2015 commitment to refrain from espionage for commercial gain. iran and north korea continue to improve their capabilities to launch a disruptive or destructive cyber attacks to support their political objective. nonstate actors, notably terrorist groups, most especially including isil also continue to use the internet to organize, recruit, spread propaganda, raise funds, collect intelligence, inspire action by disciples and coordinate operations. so in this regard, i want to footstomp a few points i've made
10:57 am
here before. rapidly advancing commercial encryption capabilities have had profound effects on our ability to detect terrorists and their activities. we need to strengthen the partnership between government and industry and find the right balance to enable the intelligence community and law enforcement to operate as well as continue to respect the rights to privacy. cyber operations can also be a means to change, manipulate or falsify electronic data or information to compromise its integrity. cyber space can be an echo chamber in which information, ideas, or beliefs, true or false, get amplified or reinforced through constant repetition. all of these types of cyber operations have the power to chip away at public trust and confidence in our information services and institutions. by way of some observations or
10:58 am
recommendations, both the government and the private sector have done a lot to improve cyber security in our the and -- and our collective security is better, but is still not good enough. our federal partners are stepping up their efforts with the private sector but sharing what they have remains uneven. i think the private sector needs to up its game on cyber security and not just wait for the government to provide perfect warning or a magic solution. we need to influence international behavior in cyber space. this means pursuing more global diplomatic efforts to promulgate norms of behavior in peace time and to explore setting limits on cyber operations against certain targets. when something major happens in cyberspace, our automatic default policy position should not be exclusively to counter cyber with cyber. we should consider all instruments of national power. in most cases to date, noncyber tools have been more effective
10:59 am
at changing our adversary's cyber behavior. when we do choose to act we need to model the rules we want others to follow, since our actions set precedence. we also need to be prepared for adversary retaliation, which may not be as surgical either due to the adversary's skill or the inherent difficulty in calibrating effect and impact of cyber tools. that's why using cyber to counter cyber attacks risks unintended consequences. we currently cannot put a lot of stock, at least in my mind, in cyber deterrence, unlike nuclear weapons, cyber capabilities are difficult to see and evaluate and are ephemeral. accordingly it's hard to create the substance and psychology of deterrence in my view. we also have to take some steps now to invest in the future. we need to rebuild a trusted working relationships with industry and the private sector. on specific issues like
11:00 am
encryption and the roles and responsibilities for government , users, and industry. i believe we need to separate nsa and cybercom. we should discontinue the temporary dual hat arrangement which i helped design when i was under secretary of defense for intelligence seven years ago. this isn't purely a military issue. i don't believe it is an nsa or i.c.'s long-term best interest to continue the dual hat setup. third, we must hire, train and retain enough cyber talent and appropriately fuse cyber as a whole of i.c. work force. clearly cyber will be a challenge for the u.s., the intelligence community and our national security for the foreseeable future. and we need to be prepared for that. adversaries are pushing the envelope. since this is a tool that doesn't cost much, and sometimes is hard to attribute.
11:01 am
i certainly appreciate, as we all do, the committee's interest in this difficult and important challenge. i'll wrap up by saying after 53 years in the intelligence business in one capacity or another, happily i just got 15 days left. i'll miss being involved in the intelligence mission and i'll most certainly miss the talented and dedicated patriots who are in the united states intelligence community. i'm very proud of the community professionals i've represented here for the last 6 1/2 years, who don't get much public recognition and who like it that way. they've all supported me and i'm confident they will do no less for my successor, whoever that turns out to be. let me, with that, stop and pass to admiral rogers. >> thank you, general. admiral rogers? admiral rogers: chairman mccain, ranking member reed, members of the committee good morning and thank you for the opportunity to appear before the committee today on behalf of the united states cyber command and the
11:02 am
national security agency. i'm honored to appear besides director clapper and undersecretary lettre and i applaud them both for their many years of public service. it's been a true honor, gentlemen. when we last met in september i discussed the changing cyber threat environment and today i look forward to further discussing this complex issue. of course some aspects of what we do must remain classified to protect our nation's security so today i will limit my discussion to those in the public domain. we have seen over the course of the last year how this cyber threat environment is constantly evolving. we have all come to take for granted the interconnectivity that is being built into every facet of our lives. it creates opportunities and vulnerabilities. those who would seek to harm our fellow americans and our nation utilize the same internet, the
11:03 am
same communication devices and same social media platforms that we, our families, and our friends here and around the world use. we must keep pace with such changes to provide policymakers and our operational commanders the intelligence and cyber capabilities they need to keep us safe. that means understanding our adversaries to the best of our ability and understanding what they mean to do and why. we're watching sophisticated adversaries involved in criminal behavior, terrorism planning, malicious cyber activities and even outright cyber attacks. while this is a global problem, we have also recently witnessed the use of these tactics here at home. a statement for the record that we have provided jointly to this committee covers the threat picture worldwide but i know this hearing today will inevitably focus on reports of interference in our recent elections. i echo director clapper in saying that we will await the finds of the just completed intelligence review ordered by the president and defer our comments on its specifics until after that review is shared with our leaders and congressional overseers. i do want to add, however, that over this last year, nsa and
11:04 am
cyber command have worked extensively with our broader government partners to detect and monitor russian cyber activity. the hacking of organizations and systems belonging to our election process is of great concern and we'll continue to focus strongly on this activity. for nsa's part we focus on the foreign threat in foreign spaces but we share our information as readily as possible with the rest of our partners in the department of defense, the intelligence community, and federal law enforcement as well as others within the u.s. government and the private sector. as you know, russian cyber groups have a history of aggressively hacking into other country's government, infrastructure and even election systems. this will remain a top priority for nsa and u.s. cyber command. in the changing threat environment i would like to take this opportunity to emphasize the importance of improving cyber security and working
11:05 am
related issues across public and private sectors. we continue to engage with our partners around the world, on what is acceptable and unacceptable behaver in cyber space and we clearly not where we want to be or need to be in this regard. we make investments to improve detection of malicious cyber activities and make it more difficult for malicious cyber actors to do us harm. they make more than technology. it takes talented motivated people. we are investing more than ever in the recruitment and retention of a skilled work force that is knowledgeable, passionate and dedicated to protecting a nation from the safety of our -- for the safety of our citizens and friends and allies around the world. innovation is one of the key tenets of the cyber workforce command. and we make investments to improve detection of malicious cyber activities and make it -- and we need to invigorate the work force that think creatively about challenges that do not
11:06 am
ascribe to traditional understandings of borders and boundaries. this remains a key driver and a key challenge as we look to the future. cyber command is well along in building our cyber mission force, deploying teams to defend the vital networks to support d.o.d. operations, to support operation commanders in their missions worldwide and bolster d.o.d.'s capacity and capability to defend the nation against cyber attacks of significance consequence. the organizations i lead, u.s. cyber command and the national security agency have provided intelligence, expert advice and tailored options to the decision makers in response to recent events. much of their activities can only be discussed in classified channels but i'm proud of what both organizations have accomplished, and will accomplish, even as we acknowledge we have to do more. i look forward to your questions and finally one personal note i apologize to all of you i have an ongoing back issue and if i have to stand up in the course of this time period, please don't take that as a sign of disrespect in any way. i guess i'm just getting older. that's all i have for you, sir. >> i know how you feel. [laughter] >> director, i just have to, general clapper, i have to
11:07 am
mention, the name mr. assange has popped up and i believe that he is one who is responsible for publishing names of individuals that work for us that put their lives in direct danger, is that correct? >> yes. he has. senator mccain: and do you think that there's any credibility we should attach to this individual, given his record of -- >> not in my view. senator mccain: not in your view. admiral rogers? >> i second those comments. senator mccain: thank you. for the record, october 7th, the homeland security office of director of the national intelligence, their assessment was that u.s. intelligence community is confident that the russian government directed the recent compromise of e-mails from u.s. persons and institutions, including from the u.s. political organizations, it goes
11:08 am
on to say these thefts and disclosures are intended to interfere with the u.s. election process, quote, "such activity is not new to moscow, russians have used similar tactics and techniques across europe and eurasia. based on the scope and sensitivity of these efforts that only russia's senior most officials could have authorized these activities." general clapper, those are still operable and correct statements? >> yes. chairman mccain, they are. as i indicated in my statement, we stand actually more resolutely on the strength of that statement that we made on the 7th of october. senator mccain: i thank you. and so really, what we are talking about is, if they
11:09 am
succeeded in changing the results of an election, which none of us believe they were, that would have to constitute an attack on the united states of america because of the effects, if they had succeeded, would you agree with that? >> first, we cannot say, they did not change any vote tallies or anything of that sort. senator mccain: yeah, i'm just talking about -- >> we had no way of gauging the impact that certainly the intelligence community can't gauge the impact it had on the choices the electorate made. there's no way for us to gauge that. whether or not that constitutes an act of war, i think is a very heavy policy call that i don't believe the intelligence community should make, but it's certainly, it would carry in my view great gravity. senator mccain: thank you. admiral rogers, have you seen this problem in your position getting worse or better?
11:10 am
in other words, it's my information that their techniques have improved, their capabilities have improved, the degree of success has improved. is that your assessment? admiral rogers: so, i have publicly said before that the russians appear a competitor in cyber. if you look broadly beyond the russians to cyber writ large the level of capability of nationstates and actors around the world continues to increase. i can't think of a single actor out there who is either decreasing their level of investment, getting worse in their trade craft or capability , or in any way backing away from significant investments in cyber. senator mccain: and with all due respect, do you, mr. secretary, i have not seen a policy, in other words, i don't think any of our intelligence people know what to do if there is an attack , besides report it. i don't think that any of our people know if they see an attack coming, what action should be taken.
11:11 am
maybe i'm missing something, but i have asked time after time, what do you do in the case of an attack? there is not been an answer. -- there has not been an answer. there has not been an answer. i believe that unless there are specific instructions to these wonderful men and women who are doing all this work, then we are going to be bystanders and observers. i'm glad to hear you respond to that. >> mr. chairman, you are right that we have a lot more work to do to put the right deterrents and response framework in place on cyber. this is somewhat of a new domain of operations, and in some cases, warfare, and in my personal opinion, the next administration would be well served to focus very early on those questions of continuing to develop our overarching policy, comprehensive approach and an increasingly robust and refined
11:12 am
deterrence framework. >> thank you. finally, director and admiral, would it make your job easier if you didn't have to report to seven different committees? >> um, senator mccain, my hands have been slapped before when i ventured into the delicate area of congressional jurisdiction, so -- [laughter] mccain: even in the last -- >> remaining 15 days i'm in office, i don't think i'm going to speak to that. afterwards that might be different. senator mccain: we look forward to calling you back. [laughter] admiral rogers? >> can i second the comments of the director of national intelligence? mccain but it does make : it difficult, doesn't it, with the -- it's not exactly stove piping but overlapping jurisdictions i think makes your
11:13 am
job harder in all candor, admiral? >> the way i would phrase it, i think clearly, an integrated approach is a key component of our ability to move ahead here. i would say that in the government, in the private sector, there's no particular one slice where that's not applicable. senator mccain thank you. : senator reed? reid: thank you very much, mr. chairman. general, you responded to the chairman in october you and the director of homeland security concluded that the russian government intervened in the election and admiral rogers also seconded that view. that is also today the view, for the record, of the fbi and the central intelligence agency, in fact all of the intelligence community, is that correct? >> yes. the forthcoming report is done essentially by those three agencies, cia, fbi, and nsa. >> and the same conclusion with the respect to the involvement of high-level russian authorities is shared by all these agencies? >> yes.
11:14 am
ed: chairman, just notice the legislative compartmentalization, is that reflected also in terms of operations, in terms of, for example, admiral rogers, if you through nsa or your sources detect something that is obviously a disruption, something that is patently wrong, you can communicate to the fbi or law enforcement, but there's no mechanism to make things happen administratively, is that fair? >> there is certainly a process, and in fact, there have been several instances i can think of in the last 18 months we have run through that same scenario, intelligence as it does in many other areas, other domains, will detect incoming activity of concern. we, nsa, will partner with fbi, the department of homeland security, u.s. cyber command, to ensure the broader government
11:15 am
that the department of defense and fbi in its relationship with the private sector, that the biggest frustration to me is speed, speed, speed. we have got to get faster. we've got to be more agile. and so for me at least, within my span and control, i'm constantly asking the team, what can we do to be faster and more agile? how do we organize ourselves, what's the construct that makes the most sense? we can't be bound by history and tradition here, so to speak. we have to be willing to look at alternatives. >> thank you. general clapper, one of the aspects of this russian hacking was not just disseminating information that they had exploited from computers, but also, the allegations of fake news sites, fake news stories,
11:16 am
that were propagated. is that an accurate -- or is that one aspect of this problem? >> yes. without getting too far in front of the headlights of our rollout next week to the congress, that was, this was a multifaceted campaign, so the hacking was only one part of it. and it also entailed classical propaganda, disinformation, fake news. >> does that continue? >> yes. reed: the russians particularly are very astute at covering up their tracks. it appears that they weren't quite as diligent, or, let me ask the question -- do you believe that they made little attempts to cover up what they were doing as a way to make a point politically? >> well, again, without
11:17 am
preempting the report, that's a classical trade craft that the russians have long used to, particularly when they are promulgating so-called disinformation, they will often try to hide the source of that or mask it to deliberately mask the source. : let me just ask one more time, in this situation, though, was there attempts to mask their involvement, very elaborate and very, very sophisticated, or was it just enough to have plausible deniability? >> sir, i would rather not get into that. that kind of hedges into the sources and methods and i would rather not speak to that publicly. : fair enough.
11:18 am
these activities are ongoing now in europe as europe prepares for elections, is that a fair assumption? >> it is. senator reed: thank you. yesterday "the wall street journal" indicated that the president-elect is considering changes to the intelligence community. have you at all, as the experts in this field, been engaged in any of these discussions, deliberation, advice? >> no, we have not. eed: thank you, mr. chairman. >> thank you, mr. chairman. i heard this morning that a lot of the news media was characterizing this as a hearing on russian hacking and actually it's on foreign cyber threats to the united states. i would like to cover a couple of the other ones. i received something this morning, director clapper, that i was very glad to read. i've often said that the threats we're facing today are greater. i look wistfully back at the
11:19 am
days of the cold war. your statement that was in print this morning said, sometimes all this makes me long for the cold war when the world essentially had two large mutually exclusive , and so forth. i think it is important we talk about this. the general public is not aware of the nature of the threats out there that have not been out there before. admiral, on -- no, director clapper, we've had a lot of most damaging cyber attacks perpetrated against american people. when the chairman gave his opening statement, he singled out three or four of them, one of them was the opm incident, in 2014 and 2015. office of personnel management, it was a breach and threat to personal information, birth dates, home addresses, social security numbers of over 22 million individuals. i would like to ask you, what action was taken after that and what kind of effect that might have had on the behavior of the chinese?
11:20 am
>> well, the major action that we took, of course, was remediation in terms of advising people of what the potential risks were and, of course, there was a lot of work done, nsa was deeply involved in this, in enhancing or improving the cyber security posture of opm and admiral rogers might speak to that. i would say that this was espionage. it was not an attack per se. and, of course, i always a bit reticent about people that live in glass houses shouldn't throw, publicly, too many rocks. so there is i think a difference between, you know, an act of
11:21 am
espionage, which we conduct, as well, and other nations do, versus an attack. mike, you want to comment? >> just as a broader point, i think the opm issue highlights that massive data concentration increasingly have value all of their own. what do i mean by that? i can remember ten years ago in my time in cyber, thinking to myself, large data bases like opium are so large the ability , of an intruder and external actor to actually access fully extract and bore their way through millions upon millions of records would be difficult. but with the power of big data analytics, large data concentrations now become increasingly attractive targets because the ability to mind that e that dataity to min for insights, which is what we think drove this action in the first place, becomes more and more easily done.
11:22 am
>> ok. i appreciate that very much. in your joint statement, by the way i like the idea of joint statements. it makes our questioning a lot easier. you talk about the -- you end up stating through one of your paragraphs, in short, cyber threat cannot be eliminated, rather cyber threat must be managed. it's interesting that in the edison electric institute, it's a publication that came in this morning, they say the same thing. seems to be one of the rare cases where we have government and industry working together. their statement was the electric power industry recognizes it cannot protect all assets from all threats and instead must manage risk. now, they go on to describe the, working together with government, and they see the
11:23 am
industry's security strategies constantly evolve and are closely coordinated with the federal government through a partnership called the electricity subsector coordinating council. is that something you can comment? are we looking at getting some success out of that? >> i think it's emblematic of a lot of work that the intelligence community has done, department of homeland security, in engaging with each of the, i think 16 key infrastructure sectors in this country. and providing what we have embarked on as providing them tailored to each one of those sectors, intelligence estimates of what the threats and vulnerabilities are in order to help them take measures to enhance cyber security. the major point here, if there is any connection whatsoever with the internet, there is an inherent security vulnerability. we have to manage that risk, that is generated accordingly,
11:24 am
with full knowledge of that fact if there is an internet connection, there is always going to be a vulnerability. >> i would echoes that. part of our challenge, our defensive strategy must be two-pronged. we have to make it difficult for people to gain access, but we must ignore knowledge that despite our best efforts, there is a probability that they are still going to get in. what do you do? as a guy who defends networks, i will tell you it is a different thought process, methodology, prioritization, and risk approach in dealing with somebody already in your network rather than keeping them out in the first place. >> my time has expired. i have one last question. for the record, you cannot not answer at this time, but a year ago, was it a year and two months ago? you made the statement before this committee, that we, quote, peer competitors in
11:25 am
cyber space and some of them already hinted they hold the power to crimp our infrastructure and set back the standard of living if they choose." i would like for the record to kind of outline which of our peer competitors might be the closest to choosing to use their power. >> as i have publicly said before, the russians are the peer competitor to us, but i look at other nations -- you look at china, for example, and the level of capability and investment they're making on watching their abilities rise significantly, iran, north korea, currently at a moderate level, but at a level of investment and capability we're seeing and their willingness to employ cyber in some very aggressive ways that would be way beyond our normal calculated risk. >> thank you. >> i think it is the general assumption that you all have said our system can be invaded. that has the american people --
11:26 am
we as policymakers concerned, but the average american concerned there is no privacy anymore. general, do you think in the report next week that you all will ascribe a motivation to putin for the election attempt? >> yes, we will ascribe a motivation. i would rather not, again, preempt the report. >> understood. well, then, will you discuss after the report, what is sufficient in the future to impose enough cost to make them stop this kind of activity? >> no, we won't. if we're going to speak to that,
11:27 am
that would be separate from the report. what the report will include, per the president's tasking, was a section contributed by the department of homeland security and nist on best practices for defending, but it does not speak to that which is really out of our lane. that's a policy call. >> so, we're now talking about deterrence. and as one of you said in your testimony, it's not like a nuclear standoff of mutually assured destruction, because we don't have a particular deterrence now. would you discuss that? >> the point i was trying to make was that in the case of nuclear deterrence, there are
11:28 am
instruments you can see, feel, touch, measure, weaponry. we've had demonstration, long time ago, of the impact of nuclear weaponry, and that is what creates both the physical substance of deterrence as well as the psychology and the problem with the cyber domain, it's not, it doesn't have those physical dimensions that you can measure, see, feel, and touch as we do with nuclear deterrence. >> so, let me give you an example. help us understand, had the supposed invasion into the vermont utility been, in fact, an invasion by a foreign power, and ascribed to that was
11:29 am
shutting it down, if that had been the case, what would be some of the options that we would do? >> well, again, this would be, as i understand it, by the way, it was not, but had it then from, say, malware planted by a foreign power, i think that is something that would be very situation-dependent, what to do about it. as i indicated in my remarks, perhaps a cyber reaction to a cyber act, it may not be the best course of action. some other form of national power, sanctions is what we have traditionally used. and as i also indicated the problem, at least for me, is -- and i'll ask others to speak if >> not knowing what counter
11:30 am
retaliation you'll get back. ofgo through all kinds thought processes on deciding how to react. we try to be very precise. we try not to guess what the unintended consequences might he. i don't think others are disposed to consider such exactnessand such when they respond. there is always the issue of counter retaliation, my brief mention that it's best to consider all instruments of national power. that's what's concerning this. do we have the ability that we can make it so tough on north korea with a cyber attack that from some ofr them
11:31 am
their strange behavior? >> not the cyber behavior given the difficulty of gaining access to their cyber networks. >> thank you director clapper. >> you are pretty far along on the report. what do you lack? how will this be released? in a classified format? will you be willing to testify in an open hearing like this? will we need to go down to the skiff to hear this? >> what's planned is a series of readings in the congress. i have four more hearings to do. first with the oversight
11:32 am
committees which will be closed hearings. there will be all house, all senate hearings next week as we roll out a version of the report. >> the public will not hear sources and methods. think it will be fairly convincing without going beyond? >> i intend to push the envelope as much as i can on the unclassified version. i think the public should know as much about this as possible. this is why i felt very strongly about the statement we made in october. and so we'll be as forthcoming as we can, but there are some sensitive and fragile sources and methods here which is one reason why we're reticent to
11:33 am
talk about it in this setting. >> you've said that and i expect you will be challenged with some very talented questioners up and down here today on that. i would have to support what senator nelson has said, as regrettable and reprehensible as the hacking of political parties is, i do think senator nelson has touched on, really, the larger issue which really is the subject matter of this hearing and that's what the real threats are. and it concerns me that we really don't know what the deterrents ought to be. i wonder, at what level our -- our conversations taking place within the administration, or within the intelligence community, about what is
11:34 am
appropriate in terms of a response? you mentioned countering cyber with cyber is not necessarily the number one solution. secretary lettre mentioned that we should impose costs and perhaps after you answer i can ask him to expound on that also. >> well, we have had many discussions in the white house situation room. we have talked about what to do when we have these attacks. i think the sony attack by the north koreans is a case in point. there you get into the amplexities of if you launch
11:35 am
, you haveber attack to use some other nations infrastructure in order to mount that attack area -- attack. legalets into a complex issue involving international law. someudgment was to impose other cost other than a direct cyber retaliation. >> to do recommend that the president's sanctions were his actions in response to the russian hacking part of your recommendation? clapper: without going into internal decision-making, i think that was a considerate -- consensus.
11:36 am
>> what about imposing costs? toas part of an approach deterrents that takes each case as it comes up case-by-case, we need to look at ways to respond and respond to attacks at a time and place of our choosing. we look to deny objectives and the -- impose costs. things likefrom a what were announced last week with the sanctions that were applied to the hacking situation. they can go more broadly than that. we are concerned not just about alsoa's cyber hacking, but a range of aggressive actions by russia across multiple regions of the globe. we look to impose costs on
11:37 am
measures a range of across multiple regions in partnership with our allies through nato where we can to push back on it russian actions and deter future aggressive actions. that's a bit of what we mean by up imposing costs. iswe want to see that every handled on a case like case basis, that is not a strategy. senator mccaskill: this will probably confuse you. review how long you been working in intelligence. in 1963.i started i enlisted in the marine corps in 1961 and transferred to the air force. senator mccaskill: you flew combat support in vietnam?
11:38 am
clapper: i was stationed in thailand flying a reconnaissance mission over lalas and cambodia -- laos and cambodia. mccaskill: does your experience for the government, has it been for either political party and apolitical in terms of your mission and your job? clapper: absolutely. i have served in the trenches and intelligence for every president since kennedy. i have served as a political appointee in both republican and democratic administrations. i am apolitical. mccaskill: there are thousands of men and women who are working in the intelligence community right now, correct? clapper: absolutely. say their which you
11:39 am
experience frequently mirrors yours in terms of military experience, being active military or retired military? clapper: a large part of the intelligence community workforce our military. military,former either those that completed full careers or those that served in lisman's or came to the intelligence community as civilians. mccaskill: would it be less important if we maintain the intelligence community as an apolitical lock in terms of our protection? feeler: i could not stronger about that. it is hugely important that the intelligence community conduct itself and be seen as independent, providing unvarnished, untainted objective accurate and relevant
11:40 am
intelligence support to all policymakers, commanders, diplomats. mccaskill: do the members of the intelligence committee engage in life-threatening missions every day, as a relates to the war on terror? clapper: you only need to walk into the lobby of the cia and see the stars on the wall for -- or the nsa. they have paid the ultimate price in the service of their country. whoskill: let's talk about benefits's from the -- from the president-elect trash in the intelligence community? does the american people benefit? who is the benefactor of someone who is about to become commander in chief trashing the intelligence community? clapper: i think there is an important distinction here
11:41 am
whichn healthy skepticism policymakers should always have for intelligence. i think there's a difference andeen skepticism disparagement. i assume the biggest benefactors of the american people having less confidence in the intelligence community are the actors you have name today, iran, north korea, china, russia , isis. clapper: the intelligence community is not perfect. we are an organization of human beings. we are prone sometimes to make errors. the intelligence community gets the and credit -- the credit for what it does to keep this nation safe and secure.
11:42 am
terroristxample, plots of been thwarted. they were focused on this country and other countries. mccaskill: i want to thank the chairman and senator graham and who have stood up in a nonpolitical way to defend the intelligence community of the last few weeks, the notion that the elected leader of this country would put julie massage on a pedestal compared to the men and women of the community of intelligence, it should bring about a human cry no matter if you are a debt pub -- democrat or republican. mark my word, if the roles were reversed, there would be howls from the republican side of the aisle. you, mr. chairman.
11:43 am
mccain: thank you for that nonpartisan comment. [applause] you describe mr. assange? clapper: he is in the ecuadorian under indictment i believe by the swedish government for a sexual crime. of openness and transparency exposed in his prior exposures put people at risk by his doing that. those of us in the intelligence community don't have a lot of respect for them.
11:44 am
mccain: senator fischer. know,r fischer: as you congress passed the cyber security information sharing act. could you comment on what steps of been taken to implement the act, in particular to provide cyber threat information to nongovernment entities? clapper: there has been a lot of work done. both the fbi and the department of homeland with theto share more private sector. impact of this act, this is been a theme that we have all worked on.
11:45 am
one of the reasons for the creation of the office of the director of national intelligence was a domestic role to promote sharing as much as we can. a lot of improvement has been made. as i look act over the last 15 years, there is more work to do. we have done a lot of work with , there are 76 fusion centers throughout the country to convey more information. domesticnetwork of 12 which are fbi special agents in charge and we work through them. convey more information on cyber local officials as
11:46 am
well as the private sector. fischer: what is your assessment of the information sharing between the government and private sector regarding cyber security threats and more importantly what is the appropriate level of expectation to have with respect to that information sharing? : it is uneven. are verytionships mature and information flows wrigley. other sectors are not quite as mature. i think the positive side is with the legislation we have developed a framework for how we do it. i am concerned on the government side. side, i'm notent entirely comfortable that the products i am generating are optimized to achieve outcomes
11:47 am
for our private counterpart. our success needs to be defined by the customer, not what we think is the right thing to share. senator fischer: is there any legislation that will be required? what do you need? are there proper authorities in place? do we need new legislation? do you need to improve on your execution? rogers: all of the above. one of the changes we are going to need collectively to create the workforce of the future. i work in the dod in an intelligence framework. this is universal. it does not matter where you work. what is the recruitment and the benefit process that we need to retain and attract the workforce? with a new administration coming
11:48 am
in, their broad view of roles and responsibilities, are they comfortable with the structure? will we fundamentally look at something different? as i said this morning, we've got to get faster. we have got to get faster. senator fischer: you talk about case-by-case and the nature of our policies when it comes to cyberspace. that's been an issue that this committee and the subcommittee in particular have tried to address by requiring strategies so that we can to turn these hostile actors and delegations of authority about what an act of war and cyberspace is. we can go on and on. the chairman just mentioned that we don't have a strategy. we don't feel there is a strategy laid out there. speed andalk about dealing with cyber attacks, i
11:49 am
assume you are referring to our agencies in responding to attacks that are directly upon us. do you think there needs to be any kind of consensus holding on the international stage with our allies in order to increase speed? would that delay it even more trying to run this through channels and trying to respond quickly? do we reach out to allies? do we perform our first duty of protecting this country? rogers: we routinely do that now. the point from my perspective, cyber does not recognize boundaries. when you are trying to deal with an incident, is it domestic or has it originated from somewhere
11:50 am
external? what infrastructure did it pass through? there is a lot of complexity to this. it's not a simple binary choice. there are trade-offs. senator fischer: thank you, mr. chair. >> i want to join senator mccaskill in expressing my appreciation for the service of our intelligence community and to you mr. chairman for your courageous statements in support of the work of this committee to give credit and credibility to and intelligence community your statements about the importance of cyber warfare. it's not the first time we have been here on this topic and you have been resolute and steadfast in elevating public consciousness about the importance of cyber attacks on
11:51 am
this country. i want to explore a little bit why these dismissive comments about our intelligence are so dangerous to our nation. that not true mr. clapper public support for robust responses to cyber attacks on our nation depend on the credibility of our intelligence community and dismissing the about the russian attack undermines public support for the actions of the president to punish these kinds of actors? think public trust and confidence in the
11:52 am
intelligence community is crucial. both in this country and the dependence and other nations have on the u.s. intelligence community. i have received many expressions of concern from foreign theterparts about disparagement of the u.s. intelligence community, or what has been interpreted as disparagement of the intelligence community. >> there's no question about the disparagement. there's no question about the dismissing and demeaning of the intelligence community entirely unmerited. would you agree that you are even more resolute now in your conclusion about russian involvement in this hacking that comparing it to the judgment made about weapons of mass
11:53 am
destruction in the iraq situation is a red herring and wrong? clapper: yes. i agree with that. my fingerprints were on that estimate. i was in the community then. that was 13 years ago. tohave done many things improve our process, especially national intelligence estimates to keep it from happening again. whatever else you want to say about the intelligence community , it's a learning organization. we do try to learn lessons. it's a difficult business. it's getting harder all the time. there will be mistakes. what we try to do as we did after the weapons of mass
11:54 am
destruction, we want to learn from that and make change. it was the apex of our product line. it's the difference of night and day. humility ofate the that statement, especially in light of the excellence and expertise that your organization and you personally have brought endeavorery difficult to provide unvarnished, information toly the most important decisions this country makes. i want to express my appreciation for it. i think some of the disparagement has been a terrible disservice to our nation and to the brave and courageous men and women who put
11:55 am
their lives at risk so that this nation can be better informed in using our military and other force. i hope that we will see a change. i joined the chairman in saying that we need better policy on what constitutes a cyber attack on this nation and provide a more robust response against the russians and him pose stronger sanctions on their oil exports, their use of foreign exchange, the response need not the one in the cyber domain. effectivee even more if it hits their economy and their pocketbook and their livelihoods. i appreciate your comments in that regard. out of know if you want to comment in response. i am out of time.
11:56 am
maybe we can get that in writing. i want to thank you on behalf of the women and men of the intelligence community. i want to thank you for that. >> thank you for appearing before us. ,his is your final appearance thank you very much for your years of service. i will add my voice to the senators for my admiration and our intelligence agencies. i got to meet them here in hearings and around the world. they don't get the credit they deserve. the troops we provide for usually do because they wear uniforms. intelligence officers are frequently undercover. we've heard a lot of imprecise language here today. it's been in the media as well. theses like hacked
11:57 am
election, undermined democracy. i want to be more precise. let's go to the october 7 statement. the recent compromises of emails from u.s. persons and institutions including from organizations. are we talking specifically about the hack of the dnc and the hack of john podesta? are we talking about anything else? clapper: that is what we were talking about at the time. cotton: they are consistent with the methods and motivations of russian efforts. in july. leaked clapper: i believe so. : mr. podesta's emails were not yet leaked.
11:58 am
clapper: i would have to --earch the exact enology exact chronology of when his emails were compromised. i think that bears on my our assessment is even more resolute than it was with that statement in october. senator cotton: you stated this was a conscious effort to attempt to achieve a specific effect. did you also refer to the hack of the dnc and john podesta's email? rogers: yes. i don't remember the specifics of that engagement. as i said, that was part of my thought process. cotton: it would be
11:59 am
extremely difficult for someone including a nation state actor by cyberballot counts attack or intrusion. you stated that earlier today as well. of vote no evidence tallies being manipulated. let's discuss why. report willhat the discuss the motive. clapper: i'd rather not. there is more than one motive. that will be described in the report. senator cotton: in your years of are these the hardest tasks? there is a widespread assumption that this vitamin putting favored donald trump in the selection.
12:00 pm
donald trump has proposed to increase our defense budget and accelerate nuclear modernization. hillary clinton opposed or was not as enthusiastic about those measures. would those put the united states in eight stronger strategic position? clapper: anything we do to enhance our military capabilities, absolutely. some contraryis information that donald trump is not the best candidate for russia. that is why it happened. impact. move on to the you said to senator mccain earlier that the intelligence committee cannot gauge the impact on the election. is that because that analysis is not a task in the traditional
12:01 pm
responsibilities? clapper: that is correct. it certainly isn't the purview of the intelligence community. >> since this will likely the last hearing some of you will attend in front of this committee, i want to thank you for your service and thank the men and women who work for you. i want to say a note of gratitude to director clapper for 50 beers of incredible service to this country. greatk what makes america has been our ability to elect -- to a transparent process. without fear of rigging or interference in elections. in this past election, we know that interference occurred. when i say interference, i want to be specific.
12:02 pm
it's not about somebody stuffing ballot boxes or someone hacking the electronic voting machines to give one candidate more votes than the other. it's about deliberately releasing damaging information in hopes of furthering a strategic objective. in this case, russia's strategic objective. toelieve this is going happen again unless there is a price to be paid. this interference impacts the foundation of our democracy. againste the sanctions russia. this is why i believe we need to be evaluating additional sanctions. it's simply too important for the future of the country. need for deterrence in this atmosphere, it is not always achieved by a cyber response, how important are tools like sanctions to imposing the kind of costs you
12:03 pm
articulated? very useful tool. in the case of current situation we find ourselves, it would be prudent to look at other options. >> i would agree with that estimate. i hope people on both sides of the aisle will be looking at these additional tools. for any of you who want to answer this, i want to know how 's the president-elect dismissive attitude toward the intelligence committee impacting around in your agencies? clapper: i haven't done a climate survey. it.rdly think it helps >> anyone want to add to that?
12:04 pm
don't want to lose motivated people because they --l they are not evaluating generating value. there is room for a large range of opinion. every intelligence professional knows that. when i have presented my intelligence analysis, the commanders and policymakers looked at me and said thanks, but that's not the way i see it. that doesn't alter any of us. what we do is relevant and we realize that what we do is in no small part driven in part by the confidence of our leaders. without that confidence, i don't want a situation where our workers decide to walk. that is not a good place for us to be. >> many of us could not agree more. arehe underlying facts
12:05 pm
incorrect, we should call that out. i have not seen any evidence indicating that in this case. we come to different policy points of view based on that information. that is an entirely different thing. director clapper, i want to go to a little bit more, not just the classified information, but the relevance of publicly available information of the whole picture of russia's activities within the context of the selection. aboutu talk a little bit the activities of the russian governments english-language topic and outlets as well as the fake news activity we saw in social media and how those paint a complete picture that is supplemental to what we saw with the hacking in this case.
12:06 pm
clapper: i appreciate you raising that. there has been a lot of focus on the hacking. this was part of a multifaceted campaign that the russians mounted. is heavily supported by an funded by the russian government. promotingy active in a particular point of view. system, ourour alleged hypocrisy about human rights. could findack they tapestry, they would exploit it. modes whetherther it was rt, social media, fake
12:07 pm
news, they exercised all of those capabilities in addition to the hacking. course, i think the totality of that regardless of the not only is it a grave concern. >> thank you, mr. chair. >> gentlemen, thank you very much. i want to thank you and the men and women who were diligently in the intelligence community for the work they do. admiral rodgers, you stated that and stress this point you must be faster and more agile. our discussion this morning will go back to a discussion we had in september last year in front
12:08 pm
of this body. i believe it is important that you understand the capabilities are exist out there and available to the united states cyber command. in september i asked you about accountability that stated the department of defense does not have visibility of all national guard because it has not maintained a database that identifies the national guard units. i was alarmed when you stated that you haven't seen the report. it was a report that took about a year to compile and was presented to this committee and the house armed services committee. i still have not received an answer from you. my question is for the record. all of the gao recommendations are still open from this report.
12:09 pm
it's been four months. i would like an update on that, if you have been able to read the report and where is the department at and return to -- in returns to that. we did not get your question until december. you have formally asked it. operational commander. theme in my role, i tracked operational readiness levels. orient them the way i do the active side. in terms of how is the department tracking skills, it's the same challenge in the active component. how do you take advantage of the capabilities? the first to acknowledge after talking to my teammates, i
12:10 pm
don't think we have a good answer. i will have something for you in writing in the next week or so. >> how long has united states been experiencing attacks from entities outside of the united states? rogers: four a decade. it's gotten worse. >> we have developed cyber command and the capability that exists in our reserves and active component. faster -- or more faster and agile, we need to know what those capabilities are. if you have a solution to that, we need to figure that out. many of these units have the capability of defending the network. we are not using those capabilities. believe it's
12:11 pm
important. ,f you look the last 12 months we got to separate protection teams from the guard that has been mobilized. we have gone online for the first time in the last year. it's great to see how the guard and reserve are developing more capability. that is a real strength for us. >> we will continue to see those developed. we need to be able to utilize those capabilities. you know that many of our best soldiers come from the private sector. i know this from some of my own guardsmen that work full time in technology. september, you are trying to figure out how to better leverage the national guard. do you have a response to that? have you thought of ways we might be able to use those guard
12:12 pm
units more readily? rogers: i was just talking to the general a few weeks ago. this is something in 2017 i want to sit down with her in there are some issues where the capabilities of the garden the reserve are really well optimized. i would be the first to admit the answer can't be every time. see this play out for us in 2017. what is the right way to do this? do we put it within the defensive heart? -- thatframework that is one thing you will see some specific changes. we are working through that right now on the policy side.
12:13 pm
>> my time is expiring. i look forward to working with you on that. you, mr. chairman. i want to thank you for your efforts. mr. chairman, thank you for holding this hearing. i think it's critically important to our nation. the purpose of the hearing is not to debate the validity of the election. it's too discussed attempts to you cyber attacks to attack our country. including the russian actions. i appreciate the bipartisan effort to get our people the answers they deserve. i am grateful for the amazing efforts that our intelligence agencies the fourth every single day. lives are on the line.
12:14 pm
your people are on the front lines all around the world. i can tell you on behalf of all hoosiers, when it comes down to we are on your team every time. that there isning even a discussion in our country about the credibility of our intelligence agencies versus mr. assange. that wetounding to me would even make that comparison when you see the stars in the cia headquarters of the people who have lost their lives and all that lost lives in our agencies to keep safe. how would you describe your
12:15 pm
confidence in attribute these attacks to the russian government as opposed to someone in their basement? clapper: it's very high. >> the government has named those responsible. are all of the actors targeted by these two entities? , theer: i'm sorry question? >> all the actors targeted by these two entities, do we know everybody? have you told us who was involved? are there more you can't discuss? clapper: i don't think i can discuss that in this forum. chain doesup the
12:16 pm
this go in regard to the russians? at what level were the instructions to take these actions given? clapper: i can't speak to that in this setting. >> thank you. you think we are communicating clearly to our adversaries in a language they will understand, that the cost will outweigh any gains they get? you, but the others, how do we send that message? clapper: the sanctions that have been opposed and the expulsion operativeslligence and the closing of the two facilities use for intelligence purposes and the other sanctions levied does convey a message.
12:17 pm
whether moredebate should be done. i'm a big fan of sanctions against the russians. that's just me. rogers: i would agree. the challenge is we don't want -- it's not in the best interest to be in this confrontational approach. we have to figure out how to we articulate what is acceptable and not acceptable in a way that moves us forward in a productive relationship. us and achallenge for bunch of actors out there. poster child for this challenge of late area -- late. >> it would be a good thing if we could find areas where our interests converge. we have done that in the past.
12:18 pm
i think there is a threshold of behavior that is unacceptable. somehow that has to be conveyed herein i am out of time. we want to thank you. your lives toated keep in a safe. we are incredibly thankful for it. >> thank you for holding this hearing. i want to thank you general clapper and mr. secretary for your service. you described in your testimony the increasing attacks from china and other actors. the chairman's opening statement pretty much stated that it's his
12:19 pm
view and i share the view that we are being hit repeatedly because the benefits outweigh the costs for those who are taking these actions against us. do you agree with that? clapper: i do. i think we all do. i will just name north korea and iran. it's low cost and it can cause havoc you -- havoc. what we have seen over time is they keep pushing the envelope as their capabilities improve and they are willing to exercise those capabilities. --i think there is can some some consensus here. you are talking about yet -- retaliating. you mentioned
12:20 pm
retaliating at a time of our choosing. it doesn't seem to be happening. it doesn't seem to be happening. let me give an example. at's say i ran conducted cyber attack the red if we did something without announcing it like the president announced the russian counter actions. let's say we did something like collapsed there financial system or something pretty dramatic, we let them know we did it, but we don't have to publicize it. you think that's the kind of action that would say don't do this? how can we haven't done that yet? that deterhat, with them?
12:21 pm
clapper: i think you are getting at the question of what do we mean by a proportional response. >> you are talking about asymmetric responses. lettre: four instances that are grave, whether a more than proportional response is required to set that framework in place. >> isn't the key question which came from the chairman, nobody seems to be intimidated by us right now. let me give another example. senator inhofe asked the question about china. allegedly 22 million files.
12:22 pm
they have mine, i was informed there in its very sensitive information they could use against intelligence operatives. did we retaliate? what did we do? the answer that i heard from all of you was we try to protect information and back and information was compromised. i didn't hear any claim of a retaliation on a huge hack. american workers got hacked by the chinese. the president signed this statement with china. from your testimony,
12:23 pm
the chinese of not abided by that. clapper: they have. >> i thought you said in your testimony today that they continue to conduct cyber. curtailed as have best we can tell. there has been a reduction. the private sector would agree with this. there has then a reduction in their cyber act to be. the agreement called for stopping such exfiltration for commercial gain. >> did we retaliate? clapper: we did not retaliate against an active espionage any more than other countries retaliate against us for one week conduct espionage. >> is it answer part of the problem?
12:24 pm
we are showing that were not going to make it costly for them to steal the file of 22 million americans? say, people who live in glass houses need to think about throwing rocks. this was an active espionage. we and other nations conduct similar acts of espionage. if we are going to punish each other for acts of espionage, that's a different policy issue. thank you mr. chairman, your opening statements were particularly erudite and thoughtful. you touched on all of the important points. i want to thank you for that. to put it's important some context around some of these discussions. one of the most important things
12:25 pm
to me is your public statement and not over along with jeh johnson was prior to the election. you were simply telling facts that you had observed. readingperience of communications, it's one of the more unequivocal i have seen. you stated you have high confidence in those conclusions that the russians were behind it and it was intended to interfere with our elections and approval went to the highest levels of the russian government. have you learned anything subsequently that you can tell us here today contradicts those findings you stated in october? clapper no. fact, >> you word simply reporting facts. your history is one of the
12:26 pm
nonpolitical. clapper: absolutely. i felt strongly as did a secretary johnson that we know owed it to the american electorate. in maine are skeptical and they want to have evidence and proof. i hear from people prove it. the problem as i understand it is the desire to provide evidence that is convincing versus the danger of compromising national security on sources and methods. can you articulate that? i think that's an important point. >> we have invested billion's and we put people's lives at risk to glean such information. explodes -- expose it, we can kiss that off. we will lose it.
12:27 pm
and imperildanger our ability to provide such intelligence in the future. that's all the dilemma that we have. we want to be as forthcoming and transparent as possible. we feel very strongly as we do in this case about protecting sensitive sources and methods. let's turn to a question of context. and goingw this fall ank almost a year was example of a russian strategy that has played out in europe for some time. it includes not just hacking as you said, but propaganda and disinformation. i heard from a senior commander in europe that russia is buying commercial tv stations in
12:28 pm
western europe at this point. this is a comprehensive strategy that we have seen played out in eastern europe. they are funding one of the candidates for the presidency of france in the election this may. clapper: they have a long history of interfering in elections. the difference, there's a long history of this country of disinformation. this goes back to the heyday of the cold war. -- wouldhat they did provide to candidates they supported, the use of disinformation. i don't think we've ever encountered a more aggressive or campaign to interfere with our election process than we've seen in this case.
12:29 pm
>> there are so many more channels of disinformation today. key pointhat's a very about the cyber dimension and social media and all of these other modes of communication that did not exist in the cold war. >> one final point, we had a meeting with the committee and a group of representatives from the baltic states. i asked them, they are deluged with this. they have been warning us about this for years. what do you do? how you defend yourself? they said it we are trying to defend ourselves in various ways, but the best way is for our public to know what's going on so they can take it with a grain of salt. i think that's a very interesting observation. their people now say that's just the russians. that's why i think public discussion of this issue is so
12:30 pm
important. we're not going to be able to prevent this altogether. we need to have our >> absolutely. that is why i felt so strongly about the state in october . >> just a follow-up, jennifer general klapper, we had the radio free europe, voice of america. senator graham, who will be speaking next, they don't have a strategy. it don't have a counter propaganda. we have got to develop that strategy, even if it encompasses the internet and social media. they are doing pretty significant stuff, particularly in the baltics and eastern europe. would you agree, senator graham?
12:31 pm
senator graham: yes. yes, i would. would you agree that radio free europe is outdated? up--am frankly not a lot of people don't listen to the radio like they used to. klapper: not so big in my world coul. senator graham: tomorrow you're going to be challenged by the present elect. clapper: i think so. graham: is the
12:32 pm
difference between espionage and interfering in the election? >> espionage is much more passive. when it comes to interfering in our election, we better be ready to throw rocks, do you agree with that? >> i think that's a good metaphor. senator graham: would i be justified by taking your information and what russia is doing throughout the world and be more aggressive than president obama if i chose to? lapper: that is your choice, senator. senator graham: if you want to throw rocks, we get a chance to sanfor. is this going to stop before
12:33 pm
the cost gets higher? >> we are on the wrong end of the cost curve. graham: is this on republicans? .rump and the election coul it trump goes after the iranians, are they capable of doing this? >> they are willing to go offensively. 's trump takes on china, are they capable of doing this? >> yes. marker graham: we have a for all would be adversaries. we should take that opportunity before it's too late. do you agree with me that the foundation of democracy is
12:34 pm
political parties and when one wants political party is compromise, all are compromised? >> yes sir. you said this: was approved at the highest level in russia, is that right? director clapper: that's what we id the highest is. president vladimir putin. senator graham: as we go forward to try to deter this behavior, we are going to need your support, now and in the future. i'm going to let the president elect know that it is ok to challenge the intel and you are right to do so. not want you to do is undermine those serving our nation in this arena until you're absolutely sure they need to be undermined and
12:35 pm
i think they need to be uplifted and not undermined. north korea -- let me give you a real work example of what he is going to have to deal with. do you think they're going to make something that will hit the united states? director clapper: they could , yes.esterday senator graham senator graham: you agree with that, admiral rogers? admiral rogers: yes. senator graham: is the president does not believe it will happen, he has to figure out how far along they are. is that right? director clapper: i hope we would be the source. senator graham: i hope you would talk to you, too. if yes to take action against north korea, which he may have to do, i intend to support him, but he needs to expire to the american people live. one of the excavations he will give is based on what i was told
12:36 pm
, by the people who were in the fight. let me tell you this. you don't wear uniforms, but you are in the fight. we are in a fight for our lives. i just got back from the baltics , ukraine, and georgia. if you think it is bad here, you want to go there. ladies and gentlemen, it is time now not to throw pebbles but to throw rocks. i wish we were not here. if it were up to me, we would all live in peace, but putin is up to no good and he better be stopped. the president-elect when he listens to these people, he can be skeptical, but understand they are the best among us an extra to protect us. thank you all. do you have any response to that diatribe? [laughter] >> microphone. hadctor clapper: we have
12:37 pm
meetings before, but i find myself in agreement and i appreciated. thank you.ain: director clapper: if i might pick up on a comment of yours and that has to do with the information site and this is and not personal company policy, but i do think aat we could do with having usia on steroids. the united states information agency to fight this information a lot more aggressively than i think we are doing right now. senator mccain: i agree, general. lackinghe areas we are and lagging more than other areas is social media. we know these young people in the baltics are the same as young people here. they get their information on the internet and we have really
12:38 pm
lacked behind. senator? forhank you, mr. chairman hosting this very important hearing. i want to follow on the questioning that center ernst started. dod to use theng guard for years and i appreciate this is happening. members of the guard bring unique skills and capabilities and we should be leveraging them. admiral rogers, i look forward to working with you on how best to do this. can you tell me whether there has been movement on the army guard cyber protection teams being included? admiral rogers: yes. we have brought to online and 17 is the first of which just came online. >> how much more is left to be done? admiral rogers: the guard and reserve are bring on an additional 21 teams and those will not be directly affiliated
12:39 pm
with the mission for us. that we willings find over time is the only way to generate more capacity and a and a resource constrained world is to view this as an entire pie. we will have to look at this is a much more integrated whole. >> i do too. they have their day jobs and they bp working at google and microsoft and facebook in all these technology companies and have extraordinary skills. as a way to tap into the best of the best, we need to look into people who already have these skills and are committed and serving our nation the best we can. admiral rogers: one area that i be interested in having your help and -- i say this as a son of a guardsman. they often sometimes tend to view that service is something you do overseas. i will let you go because you're
12:40 pm
going to afghanistan or iraq. in the world of cyber, we are operating globally from a garrison. senator gillibrand: any location in the world. admiral rogers: this just came up. we were just talking about this affected as a matter affecte w of fact. we need to educate employers on this. senator gillibrand: on a separate topic, but related, i've long been advocating for aggressive development of the manpower we need to support our cyber security mission. in particular, i believe we have to not only develop the capability in our military and interest in cyber among young americans, but that the military must be creative when thinking about recruitment and retention of cyber warriors. how would you assess our current ofruitment and attention cyber warriors and what
12:41 pm
challenges do you first see in the future and what recommendations do you have to address them? we are competing with some of the most animate and anna it -- dynamic and innovative companies in the world. we need them to be our cyber warriors. admiral rogers: we are exceeding both are recruiting and retention expectations. i worry about how long we can sustain that over time and in the current model. if money was my concern, i find it more challenging that we are able to recruit well. i'm really money into this on the nsa side as well. , very you retain high-end exquisite civilian talent for periods of time? senator gillibrand: i would be delighted to work with you over the next year on that.
12:42 pm
i was veryapper, interested in your opening remarks and the initial conversation you are having about the russian hack on the dnc and various personnel email. and the question of whether it was a declaration of war. given that is such a serious statement, i want to ask you -- do you think we should take things like the democratic republican party infrastructure and consider them to be critical infrastructure? ourld we be looking at infrastructure differently since -- because of this recent event? director clapper: that has been the subject of discussion about whether there are political infrastructures that should be considered critical infrastructure. johnson has had discussion with state officials about that. there is some pushback on doing
12:43 pm
that. it is a policy called. to whatever additional protections such declarations would afford, i think that would be a good thing. whether or not we should do that or not is really not a call for the intelligence community to make. senator gillibrand: i hope it is one that the members in this committee will discuss. if it doesn't result in such a grave intrusion, maybe it should be critical infrastructure. certainly politics and put the parties are not set up that way. it would be quite a significant change. thank you. director clapper has to leave in about 20 minutes , so we will enforce the time. senator tillis. tillis: thank you all for
12:44 pm
your service. i have high confidence in the community that you represent and you recognize that i speak for most of the senators that share the same view. director clapper, i'm going to spend most of my time probably reflecting on some of the comments that you made. the glass house is something that is very important. there is research done by professor up at carnegie mellon that estimated the united states has been involved in one way or another and 81 different elections since world war ii. regimeesn't include changes. tangible evidence where we have tried to affect an outcome to our purpose. russia has done it some 36 times. when russia was trying to influence our election, we had the a rea israelis accusing us of trying to influence their election. i'm not here to talk about that, but i'm here to say that we live in a glass house and there are a lot of rocks to throw. i think that is consistent with
12:45 pm
what you said on other matters. . i want to get back to the purpose of the meeting. admiral rogers and director clapper, you all have this very difficult thing to communicate to policy people who have subject matter expertise in the space. for example, director clapper, you are saying one of the problems with a counterattack -- i think it was you or could've been admiral rogers. you may have to use the asset that is actually a presence on some other nation where that nation may or may not know we have a presence. we have presences across cyberspace that are not known that as a part of a counterattack, that counterattack could be nothing more than exposing our presence is because our adversaries may or may not be aware. is that correct? director clapper: yes, and i think you answered simply
12:46 pm
illustrated the complexities that you have run into. senator tillis: that is why as somebody who has written the precursors to fishing before and stolen passwords as part of ,esting and paid to do this that underscores the need for us to be educated about the nature of this battle space and how more often than not is more probably prudent to seek a response that isn't a cyber response given the fluid nature. we are in an environment now where if we see a threat, we build a weapons system. then we counter that threaten come up with war plans to use that capability. in cyberspace, major weapons systems get created and 24-hour cycles. you have no earthly idea of whether or not you have a defensive capability against them. think let's go declare
12:47 pm
war in cyberspace, be careful what you ask for. collectively there are 30 nations right now that have some level of cyber capability. there are four of five of them that are near peer to the united states. there are two or three that are threatening and have superior capabilities to us and terms of presences to maybe not as sophisticated, but more lethal. there are a lot of questions. one of the beauties of being a freshman or at the end of the diocese that all the good questions have been asked. one of the things that i suggest we do is that we as members really get educated on the nature of this threat and the manner in which we go about thatng it an understanding the iterative nature of weapons creations on the internet are unlike anything we have seen and recorded human history for warfare and we need to understand that. we also need to understand that
12:48 pm
the rules of engagement are going to be and actually include a specific treatment for behaviors that are considered acts of war and whole litany of things we should do for appropriate responses so that we can begin to make more tangible the consequences of inappropriate behavior in cyberspace. that's not so much a diatribe, but it is a speech, mr. chafee\ the last tir. the last thing, admiral rogers, i would like to get right people retained and recruited for these threats could they are the secret to toate these weapons systems counter these attacks that other nations are trying to develop against this. thank you. senator?ccain: >> thank you gentlemen and thank you for your service.
12:49 pm
think it is clear that we have tremendous concerns about the russian hacking in our elections. that were than ironic have a president who talks about our elections being rate, which i would consider to be a part of a rigged part of an election. at the same time, he denied russia's activity in this regard. some of this is already touched on regarding the president-elect's attitude toward the intelligence that --y and the morale the impact on morale. going forward, as we are challenged by the need to have more cyber aware or skilled cyber workforce, is this attitude toward the intelligence community doesn't change on part of the decision-makers, would you agree that would make it much harder, director clapper
12:50 pm
and admiral rogers, to attract the kind of cyber experienced workforce we need to protect our country? director clapper: it could. i don't know if we could say that some of these statements have had any impact on recruiting. it could. toretention, i just think maybe embellish what admiral rogers was saying. i do think that consideration needs to be given to have a more flexibility and latitude on compensation for our high and cyber specialists who are lured away by industry. they are being paid huge salaries. that is not why you are in the intelligence community. it's not obviously for money, but i do think that in those
12:51 pm
highly technical and high and high and skill sets that we would have more on compensation. admiral rogers: i would agree. both of these individuals know and using my authorities as the director of an essay that i will authorize the following increased compensations for the high end side of our workforce. senator hirono: it is not just compensation that attracts people to what we are doing in our intelligence community because service to our country is very important. i think morality be very much attendant to that. there was some discussion about what would constitute in the cyber arena an act of war. in your klapper, i know testimony that i think this is one of the reasons we want to develop international norms in this arena. who should be the key players and developing and agreeing to
12:52 pm
these international norms in the cyber arena? u.s., big players are the china, russia, if we don't have those players at the table to come up with these international norms, how realistic is it to develop? director clapper: that's exactly the challenge. those are the key nationstates that would need to engage. there has been work done under the auspices of the united nations to attempt to come up with cyber norms, but i think we having anway from impact. senator hirono: would you agree, admiral rogers? admiral rogers: yes, ma'am. senator hirono: turning to the awareness of the public as to the extent of this threat, a 2016 opinion piece by two members of the 9/11 commission basically said that the most
12:53 pm
important thing government and leaders in the private sector can do is to clearly explain how severe this threat is and what the stakes are for the country. clapper, do you think the general public understands the severity of the cyber threat and the stakes for the country? what should americans keep in mind with regard to this threat? what can ordinary americans do to contend with this threat? director clapper: i think there is always room for more education. certainly we have a role to play in the intelligence community in sharing as much information as we can on threats posed by both nationstates as well as non-nationstates. there are simple things that americans can do to protect .hemselves be aware of the threats posed by spearfishing for example, which is a very common tactic that is used today.
12:54 pm
we have a challenge in the government getting our people to respond appropriately to cyber threats. case where communicate, communicate is the watchword. senator mccain: senator cruz? thank you for being here and your service to our nation. , cyberic of this hearing security and cyber attacks is a growing threat to this country and one that i think that will only become greater in the years ahead. we have seen in recent years serious attacks from among others, russia, china, north korea. is with some irony that i spent a number of years in the private sector. the best of my knowledge, i never had my information hac ked. i had to do was get elected to the senate and the office of personnel management was hacked and everyone had their information stolen by a foreign assault. you,estion, starting with
12:55 pm
what do you see is the greatest cyber security threats facing our country? what specifically should we be doing about it to protect ourselves? admiral rogers: no small question. [laughter] when i look at the challenges and the threats, it is in no particular order significant extraction of information and insight that is generated economic advantage for others, that is eroding operational advantage at times for us as a nation. that is as you have seen in this russian peace, where not just the extraction in the use of this information, it adds a whole another dimension. what concerns me beyond all that is what happens as we start to move into an environment in which not only is information , but whatonize happens when now we start and we see people suddenly manipulate our networks, so we cannot
12:56 pm
believe the data we are looking at. that would be a real fundamental game changer. it is only a question of when and not if this is going to happen. what happens when the nonstate actor decides that cyber offers advantage to and managed i them? their willingness to destroy the status quo is different than your typical nationstates/ . as we talked about more broadly today, we have to get better on the defensive side. a defensive strategy alone is not going to work. it is a resource intensive approach to doing business and it puts us on the wrong end of the equation. it's a losing strategy for us, but it's a component of the strategy. we have to ask ourselves how we change this broader dynamic. go to the point we heard repeatedly today. had we convinced nations and other actors out there that there is a price to pay for this behavior and that's not your best interest?
12:57 pm
senator cruz: what should that price be? admiral rogers: it's a wide range of things. there's no silver bullet. if we are looking for a perfect solution, there isn't one. this will be a variety of solutions and efforts planned overtime. there is no one single approach . senator cruz: about a month ago, i chaired a different hearing on artificial halogens and are our growing economy's reliance on artificial intelligence. theof the concerns was on cyber security side that would modify the big data being relied on for artificial intelligence to change the decision-making in a way that no one is aware has been changed. that is a threat that i hope you all are examining closely and it is the sort of threat that can have significant repercussions without anyone being aware it is happening. let me shift to a different topic. director clapper, you testified before this committee that cuba
12:58 pm
is an intelligence threat on par with iran and listed below only russia and china. there are reports that the russian operated signal intelligence base in cuba will be reopened. ,dditionally this past summer russia and a caracas struck a deal to increase military cooperation, resulting in an influx of tanks to managua. the agreement to build an intelligence base which may be discussed as a satellite tracking station. to the best of your knowledge, what is russia's strategy in the western hemisphere and how concerned are you about the russians expanding their influence in cuba and nicaragua? director clapper: the russians are bent on establishing both a presence in the western hemisphere. they are looking for opportunities to expand military
12:59 pm
cooperation, sell equipment, airbases, as well as intelligence gathering facilities. extension ofother their aggressiveness in pursuing these interests. with respect to cuba, cuba has always had a long-standing, very capable intelligence capabilities and i don't see a and of thosethat capabilities. senator cruz: thank you. >> thank you mr. chairman and to the witnesses today. i appreciate you calling this hearing. i think this hearing is a test of this body, the article one branch congress.
1:00 pm
i was chairman of the democratic national committee for years and we had a final cabinet in the basement that had a plaque over it. it was a file cabinet that was rifled by burglars and invasion of the democratic national committee in 1972. it was a bungled effort to take some files and plant some listening devices. that small event led to one of the most searching and momentous congressional inquiries in the history of this country. it was not partisan. one of the leaders of the congressional investigation was a great virginian called will butler, who is my father-in-law's law partner in virginia. it was not an investigation driven because something affected the election, the 1972 election was the most one-sided in the modern era. it was a hype moment for congress because congress in a bipartisan wasted for the principle that you cannot undertake efforts to influence
1:01 pm
an american potential election and have their you know consequence. the item that we will discuss, and discuss more when the hearing comes out, is different. that was a burglary of a party headquarters that was directed to some degree from the office of the president. but this is very serious. the combined intelligence of this country has concluded that efforts were undertaken to influence an election by an andrsary, an adversary that the head of the joint chiefs of staff said was in his youth the principal -- view the principal adversary of the united states at this point. in addition the attack was not just on a party headquarters. the october 7 letter talked about attacks on individuals, current and former public officials with significant positions, and also attacks on state boards of elections. the letter of october 7 traced those attacks to russian entities, russian companies.
1:02 pm
they did not ascribe in that letter to the russian government, but i'm curious about what the full report will show. it is my hope that this congress is willing to stand in a bipartisan way for the integrity of the american electoral process and will show the same backbone and determination to get all the facts as the congress did in 1974. there was another congressional inquiry that was directed after the attacks on 9/11, and there was a powerful phrase in that report that i just want to read. "the commission concluded, the most important failure was one of imagination. we do not believe leaders understood the gravity of the threat." and that is something i think we will all have to grapple with. did we have sufficient warning signs? i think we did, and having had sufficient warning signs, why did we not take it more seriously? that question is every bit as important as a question of what a foreign government adversary
1:03 pm
did and how we can stop it from happening. three quick points. one, is the report that will be issued next week not solely confined to issues of hacking, but also into the dimension of this dissemination of fake news, will that be one of the subject matters covered? director clapper: without preempting the report, we will describe the full range of activities that the russians undertook. senator kaine: i think that is incredibly important. i had a little role in this election. i was along for the ride for 105 days and was the subject of a couple of fake news stories. it was interesting. there were at least three that the mainstream media did not cover because they were so incredible, like, why would they? but i looked at one of the stories that had been shared 800,000 times. and when i see an administration who has put in place as proposed national security advisor somebody who traffics in these
1:04 pm
fake news stories and retweets them and shares them, who betrays a sense of either gullibility or malice that would kind of be -- these are stories that most fourth-graders would find incredible. that a national security advisor would find them believable enough to share them causes me great concern. second, go back to joe dunford. he talked about russia as a potential adversary before the hacking. they had capacity and they have intent. with respect to our cyber, i think we have capacity. but i think what we have shown, we have not yet developed and intent about how, when, why, whether we will use the capacity that we have. so if we're going to shore up our cyber defense, do you think what we really need to shore up is our capacity, or do we need to shore up our intent? director clapper: well, as we look at foreign adversaries,
1:05 pm
that is always the issue, is capability and intent. certainly in the case of the russians, they do pose an existential threat to the united states, and i agree with chairman dunford on that. it is probably not our place, at least my place in the intelligence community, to do an assessment of our intent. that is somebody else's place, not mine. senator mccain: senator shane. senator shane: thank you, mr. chairman, and senator reid, for holding this hearing, and thank you for testifying this morning and for your service to the country. dr. robert kagan testified before this committee last with respect to russia. december -- last december with respect to russia. and at that time, there was less information known to the public about what had happened in their interference in the elections.
1:06 pm
but one of the things he pointed out was that russia is looking at interference in elections, whether that be cyber or otherwise, the whole messaging piece that you discussed with senator heinrich. as another strategy, along with their military action and economic and other diplomatic methods, to undermine western values, our euro-atlantic alliance, and the very democracies that make up that alliance. is that something you agree with, director clapper? director clapper: yes, that is clearly a theme. certainly something that the russians are pushing with messaging in europe. they would very much like to drive wedges between us and western europe. the alliances there, between and among the countries in europe. senator shaheen: and i assume there is agreement on the panel.
1:07 pm
does anybody disagree with that? so one of the things that i think has emerged as i have listened to this discussion is that we don't have a strategy to respond to that kind of an effort. we don't have a strategy that has been testified with respect to cyber, but a broader strategy around messaging, around how to respond to that kind of activity. do you agree with that? director clapper: i think we, i am speaking personally. senator shaheen: sure. director clapper: this is the institutional response. as i commented earlier to senator mccain, i do think we need a u.s. information agency on steroids that deals with the totality of the information realm, and to mount a, in all forums, including social media. senator shaheen: sorry to
1:08 pm
interrupt. can i ask, why do you believe that has not happened? director clapper, admiral rogers? director clapper: for my part, i don't know why it hasn't. i can't answer that. senator shaheen: admiral admiral rogers: from my perspective, in part because i don't think we have come yet to a full recognition of the idea that we have to try to do something fundamentally different. i think we still continue to try to do some of the same traditional things we have done, and expecting the same thing over and over again, yet achieving a different result? senator shaheen: that is the definition of crazy i think we have determined that. secretary? >> i would just add, in this area i think the capability and intent framework is useful to think about. i think it is only in the last few years that we have seen adversaries with true intent to
1:09 pm
use propaganda and the ability to reach out as terrorists are doing, trying to incite, and match that up with the tremendous power social media tools allow to make that easy and simple and effective and broadly applicable. senator shaheen: so given that this is a strategy, given that it is aimed not just at the united states particularly with respect to interference in our election, but at western europe and eastern europe, for that matter, is there an effort underway to work with our allies through nato or otherwise? i have not been to the cyber security center in estonia, but there did not seem to be a native agreement that this was something we should be working on together. is this an effort that is underway? admiral rogers: speaking from my lens on things, there is a lot
1:10 pm
of interest on doing that more effectively and comprehensively, but we have not cracked the code on doing it effectively at, so we need to keep the pressure on ourselves and our nato allies who are like-minded in this regard, to keep improving our approach. can i just ask you, do you think the director of national intelligence needs reform? director clapper: there is always room for improvement. i would never say -- it would be useful, if we're going to reform or change the dni or change the ia, that some attention be given
1:11 pm
to in our case the legislative underpinnings that established the dni in the first place and have added additional functions and abilities over the years that the congress has added, to our bag of duties. so, to say that we can't, that there's not room for improvement, i would never suggest that. senator shaheen: i appreciate that and i certainly agree with you. if there is going to be major reform, legislators or others who would be in the intelligence community would be part of that effort. director clapper: i certainly agree that congress no pun intended gets a vote here. senator shaheen: thank you. that ourccain: i know time has expired and i apologize to our new members who will not have time because we have to go, but director clapper, since this may be
1:12 pm
hopefully your last appearance, do you have any reflections you would like to provide us with, particularly the role of congress or the lack of role of congress in your years of experience? director clapper: added be careful here. -- i have to be careful here. senator mccain: i don't think you have to. director clapper: i was around in the intelligence community when the oversight committees were first established, and watched them and experienced them ever since. congress does have, clearly, an extremely important role to play when it comes to oversight of intelligence activities, and unlike many other endeavors of government, much of what we do, virtually all of what we do, is
1:13 pm
done in secrecy. so the congress has a very important, crucial responsibility on behalf of the american people for overseeing what we do, particularly in terms of legality and the protection of privacy. at risk of delving into a sensitive area, though, i do think there is a difference between oversight and micromanagement. senator mccain: well, we thank you, we thank the witnesses. this has been very helpful. director clapper, we will be calling you again. director clapper: really? [laughter] senator mccain: this hearing is adjourned. [captions copyright national cable satellite corp. 2016] 7] [captioning performed by the national captioning institute, which is responsible for its caption content and accuracy. visit]
1:14 pm
>> national intelligence director james clapper and nsa director michael rodgers joining other intelligence officials for a classified briefing with president-elect trump one day after this hearing to talk about the extent of russia's influence any 2016 presidential election. sunday, reincews priebus was asked about the president-elect's reaction to that meeting. >> does he accept that the russians are behind this hacking campaign? >> sure. he is not denying that entities and russia were behind this particular hacking campaign.
1:15 pm
let me just respond to your point though. never have we had such a massive .- here's what we have we have the dnc as a sitting duck. wait a second, chris, because it matters to your point. it matters because if the dnc allows any foreign entity into their systems and says, here, here is 50,000 u mills, you can have them. ila. you have the biggest dissemination of emails we have seen in the history of america. >> who do you blame more for this? putin and the kremlin or the dnc? who is the primary actor? >> the primary actor is the foreign entity perpetrating the crime. >> which was? >> i'm not denying it. i'm not denying it. that is russia. >> present electron has called
1:16 pm
his meeting with intelligence officials "constructive" and he went on to say in a statement that "while russia, china, other countries, outside groups and people are consistently trying to break through the cyber infrastructure of our governmental institutions, there was absolutely no effect on the outcome of the election, including the fact that there was no tampering whatsoever with voting machines." he intends to create a team that would provide a plan within the first 90 days of his presidency to combat future cyber threats. there was more said about the russian role on the morning talk shows today. on "meet the press," senator lindsey graham spoke about potential consequences for russia and how the president elect and others have responded to the findings of the intelligence community. [video clip] senator graham: i think he is worried that inquiry into what russia did and into the election will undermine his credibility and his legitimacy.


info Stream Only

Uploaded by TV Archive on