tv Russian Cyber Activities CSPAN March 19, 2018 12:00pm-1:34pm EDT
respond to russian cyber activity from the center for strategic and international studies, this is an hour and a half. good morning. welcome to csis. we're going to have exceptionally timely event which was largely for theuteus. let us introduce the panel. if i read the full bio it will take up the entire session so i will give an abbreviated version. to my right is tom carlin from the national security division at justice and chairs morrison and forester global risk and crisis management team. he did lead the investigation on the sony attack and one thing we all know which is the indictment of the five pla members for economic espionage.
prior to leading msd he was the chief of staff and senior counsel to the fbi director, some guy named mueller. >> at the time he was anonymous. >> yes. to his left is -- right is rick ledgett with experience in cybersecurity and cyber operations an including 29 years with the national security agency where he served as the deputy director until april of 2017. he also led entalk and was the i.c. first nim, national intelligence manager for cyber. so another experienced individual. and finally jim mill. >> president of adoptive strategies on the board of the atlantic counsel and we let him in anyhow. thank you for coming. and end game, he's a member of the task force on cyber deterrence. before that he was the
undersecretary of defense for policy and the principal deputy under defense. so couldn't have a better panel for talking about this topic which is not to talk about what the russians have done, i think we all know that pretty well by now. but to talk about should be done back. and this is a new kind of conflict we are in. it is not the russian tanks pouring through, it is a different kind of conflict and we need different kinds of responses. i've asked each of our panelists if they could briefly say for five minutes or so -- give some opening opening remarks and then we'll tu turn to questions and then we'll have time for questions from the audience. why don't we start with you. >> we'll start with the angle what do you do about cyber enabled activity and have a strategy to deter that type of activity in a world where the rules are not yet entirely clear
as to what -- what a nation can get away with in that space. over a period of years, and jim talked through some of the cases, we had started to move towards a policy of showing that when it comes to cyber activity, including bi-nation states with other organizes and nop state actors that you could figure out who do it. so doing the attribution and putting the resources in to doing the attribution and i started on the criminal side of the house doing computer hacking cases and for that period it was kept separate from the intelligence side of the house. when i went over to work for director mueller, as his counselman chief of staff and i saw what we had on the intelligence side of the house. we are good and much better than the public or our adversary nations knew. so we started changing toward a
strategy. it is great that we no it but it is causing real harm to real people now and in that sense it is not a traditional intelligence collection issue. and starting first in the area of economic espionage with the indictment of the five members of the people's libertiation army but then moving on to calling out publicly north korea's behavior when they attacked sony motion pictures because they didn't like the content of a movie to charges that were brought against iranian revolution air guard core affiliated actors for their attacks on the financial sector of one -- figure out who did it and, two, and this is newer, make it public. don't keep it on the intelligence side of the house. even though that has real costs in terms of losing sources and methods and perhaps provoking confrontation in the sphere because once you start making it public, it is vitally important not just to send a message to a foreign country or adversary but also because of the victims are
often -- in the private sector and they can't take the necessary steps to protect themselves unless they know what is occurring. and that requires being more public will what we're seeing and link to that we need action. we need congressional action, we need new regulations in this space, we need public support for taking retaliatory steps that may cause temporary churn and unless we see the urge ep-- urgency of what is occurring publicly i don't think we'll have the drive toward action. so one figure out who did it and two make it public and then impose consequences. so i named three of the four major adversaries when it came to seeing provocative behavior in cyber space. i ran north korea and china and what we hadn't done prior to the election is take an action when it came to russian activity. and whatever the -- and there are complicated debates but whatever the thoughts were in terms of not taking action prior to the election, it is clear
after the fact that the result has been that russia believes that it was a success and that without taking additional action, they're going to continue provocation when it comes in cyber and since then we've seen continued russian activity and not just in the united states, but in other countries around the world. it is designed to undermine the integrity of elections and we've seen the irresponsible use of not pecha, which is the administration publicly named that caused hundreds of millions worth of damages to companies around the world, including around $300 million just to one -- when it comes to the case of fedex, to more recent activity, plus we have a long history now of russia shielding the top ten essentially cyber criminals who -- the estimate from csis put last year at $650 billion worth of loss to
global commerce. so when you put that together on a global scale, and the things like as reported in the washington post, attacking the olympics, what greater symbol of our country's working together to show that you are not a member of the world order than attacking the olympics through cyber enabled means. so we've moved and you've seen those publicly out into figuring out who did it and make that public were not where we need to be to impose sufficient costs to change the calculus to get the behavior to change. this isn't about regime change and it wasn't with the other three countries in this space, this is about the -- having costs proportionate enough to whatever the benefit of the adversary seeing this type of behavior to get the behavior to change and if you don't change the behavior, then the policy isn't working and you need to keep ratcheting up the cost. i'll close with thoughts on how one can do that or avoid the problems that came to the
election, one thing that is difficult leading up to a democratic election speaking about elections is ensuring that there is confidence in the assessment as to what occurred. in that sense i very much support a bill proposed by senator rubio that would have a requirement that the professional members of the intelligence community report to congress what their finding is. so this is clear whether or not people believe that someone in an adversary is attempting to meddle in the election. two, in advance, outline the -- what the consequences will be and the bill does that and in terms of ways one could ratchet up pressure i'll throw out a couple of ideas. one would be we have sanctions. actions that we saw this week building on the mueller indictment and the model of using the criminal justice system to make pbl in gre-- makn great detail what is requiring
action and led to sanction but they are good but not enough. not enough to cause behavior. to ratchet up the cost, one, you could look at tieing the oll ollic -- olig arouarchs around to securing their real estate and that the legal authority exists to do that. and so then you do the investigative work to make the tie to those assets and seize them. and pose additional sanctions on companies if they are run through shells. and number two, similar to the strategy after ukraine is macro economic sanctions folked on certa -- focused on sectors like oil and gas. that would cause real economic pain and in that sense deter this type of behavior. three, to try to do this multi-laterally and also to look
at, as was done post election in december and then against the san francisco consulate and our british alleys -- allies is to take action simultaneously with the allies, ten or more countries simultaneously taking action to -- to -- to clair up persona non grata operating out of post in countries throughout the world. i think those steps could be proportionate to the damage and send a deterrent message. >> thank you. rick. >> thanks. first after i would like to start by agreeing with everything john said. that is the right way to look at this. and i would like to concentrate on the benefit versus the cost calculus because the benefit is huge and the cost is nil to the russians. and so when you look at that and change people's behavior to
modulate behavior, you have to lower the benefit and increase the cost. hond do you do that? in terms of upcoming med term elections, let's secure the election infrastructure. there are a couple of bills, one by senator klobuchar that i think are applicable that talk about providing federal funding to the states so they could take action. you don't want to make this a federally managed activity thattthat infringes on state's rights but access information to clear the state officials in the way the dhs has started to do and engaging through the mechanisms like the multi-state information sharing and advisory council and taking advantage of the information that the federal government has and making it available to the states. and there is great work in the private sector on that, too. the center for internet security has produced a book and the book center at harvard produced a manual to do that. so continuing down that path and putting resources and some more
attention behind it. so make it harder to do that is thing one. thing two, make it harder for the what i call information operations to reach their target. what is the target of information operations, the brains of the decision maker. so in this case the decision makers are the voters in the country. and so how do you, without infringing on free speech which is a first amendment which is a important american value, how do you make people aware of the providence of things that they see on social media, activities like twitter or facebook, or things that are promulgated through the news cycles. the stories are emphasized or not emphasized in order to make a certain point. the intelligence community assessment that was published last december does a good job of laying some of that out in the unclassified version that was published. the use of state media and the use of troll farms.
and if you google hamilton 68 there is a website for alliance securing democracy and i'm on the advisory council for that and they track the activities day by day of the russian associated troll farms and look at the stories that they are emphasizing and that divisive things they are looking to highlight in social media. so how do we get a better handle on that and make people aware, help people think critically and look at multiple sources of information, that is a big problem. we won't fix it this year but it ought to be something to look at long-term going forward. third thing is what are the things that would cause the russian government and specifically president putin to change the guidance that he's giving to his people. he cares about controlling information flow to the population of russia. that is a core part of keeping power, is making sure that -- giving his high approval rating is making sure the information flow is managed and cares about
support of oligarchs and the approach that john said is a good approach and he supports the military and the intelligence services and less than the first four, he calls about the thin veneer of respect ability on democratic process going on in russia with the upcoming election. so there are things that the u.s. government can do if it chose to, and in each of those domains and it would require careful thought about which ones do you start with and how do you ratchet up the sanctions that the -- that the trump administration just announced against russia are a step but a step on a long staircase and think about how you go from step to step and until you reach that point where the benefit is decreased and the cost is increased to the point where it changes behavior. >> thanks, jim. i'll start by agreeing with both john and rick. and i would like to first as a
disclaimer, but i'll make reference to the findings of the defense science report on cyber deterrence, which i did -- coher chairs with jim gossler, i'm speaking on behalf of myself and not the department of defense or anyone else. the actions the united states may take and in terms of a campaign plan, because i'll point out there are escalation risks associated with taking actions but there are greater escalation with not taking strong action. so point one is that -- is that to have an affective deterrent strategy think about the mindset and values of the party -- in this case an individual, president putin who you are trying to deter and to put it pretty directly and succinctly, in putin's eye, the united states is the gressor. when russian authors written by
warfare, they are talking about promoting of democracy. and they've thrown some of the amount -- at moscow but it continues to be in their view of campaign. they see the united states and western europe pursuing nato expansion. we've done that since the end of the cold war and at this point in time georgia is still on the table. ukraine potentially is. the united states is pursuing conventional military superiority and part of the national defense strategy. in fact it was explicit in the last administration and this administration. and somewhat surprising to me the russians also believe -- and i believe president putin believes that the united states is pursuing nuclear superiority. when you look at this crazy status six system, the nuclear power and nuclear torpedo intended to -- with a multi-megaton war head take out the west coast of the united states it shows a certain degree of paranoia to say the least. so you could argue that putin is
wrong on those issues as i believe he is, but at end of the day putin and the senior leadership pursue they are leading regime change. if you want to understand the stakes here and what president putin may be trying to pursue, you need to understand it at that level. the bottom line goal is to prevent us from having the ability to grow nato, to put pressure on them and ultimately to impose regime change. pretty high stake stuff. that is point one. point two, we need to push back and as we do so, there will be risks of escalation as the united states and others push back. but if we do not push back, they'll be center of escalation. and the escalation will be one sided. it will be russia continuing increase the steps it takes in terms of information operations, in terms of its affecting elections rather than just having some potential to do so as it did in the last election. and obviously should it wish to do so, in terms of its turning the dial up on pain in the
united states through cyber attacks on the electrical grid and water supply ab we saw reports yesterday about russian capabilities in that area. so we -- we now know as a matter of public record that russia has cyber tools embedded in the u.s. electrical grid and in another areas to include in our nuclear power plants, which shows the ability to scale this potentially to a pretty high level. so taking action will have risk of escalation. if we don't take action, we'll see one-sided escalation, and at some point -- at some point there is no doubt that either this president or future president will decide to take more significant action or congress and the american people will press toward that. and if we haven't taken action in the meantime, if we wait until it reaches a catastrophic attack on the united states, in the midst of a crisis, president
putin will be surprised by the action and the risk of serious military escalation is far higher. so if we wait to impose greater cost, somewhat paradoxically perhaps, we run a much greater risk of escalation. i wan to just list one sentence -- ten steps to take. first of all, to reiterate, much stronger sanctions that target putin and his oligarchs or cronies. second, enlist international support. and we've begun to do that and we need to do more. third be prepared to back off of the sanctions that are focused on cyber and information operations if putin's behavior tha changes so they are conditional. that is important part of having successful coercion. and third we need to develop not just legal actions and sanctions but real cyber options. to go after putin's valued assets through cyber space so he doesn't think he has dominance.
fifth, i completely agree we need to get off the dime of boosting the defenses of the election system. we are behind the power curve for 018. we need to be in a better position for 2020. and six push back on information operations and we can talk about how far we want to go there. the state department global engagement center is doing nothing but setting the problem at this point and time. we can debate what it should be doing but nothing doesn't seem like the right answer. it is great to see the big companies including facebook and twitter and google begin to step up. they're role is fundamental in fighting fake news and so forth. and it does come to first amendment issues directly but it is something that the private sector will have a central role. seventh, the push on defense critical infrastructure is fundamental and it is a long-term campaign and ten years away from projecting the electrical grid so that is not a near term solution and eighth, extend help to our allies and
partners and they will become more vulnerable in relative terms and they'll be a target as we've seen from russia to date. ninth, we should not cut off high level contacts with russia. i would have liked to see theresa may do more but not cut off contact. we need to have the discussions. we need to ensure that president putin and his leadership understand why we're doing what we're doing and because there is a significant likelihood of this escalating, whether near term or long-term or both, we need to have the channels and people that can understand each other in that context. and tenth, and related to the last point, we need to be prepared to stap it on here. the u.s. is under attack. it is a different kind of attack than we've experienced before. it will escalate. because we don't do anything for a long period of time and the other side continues to escalate and then we respond and that is
dill to manage or be systematically, have an opportunity to have a bit of a learning exercise on both sides but it is -- it is virtually serving to escalate. so far this administration has taken very modest steps, far too little, far too late. i hope that they'll take more significant steps in the coming days and weeks. thank you. >> thanks, jim. that last point is one that struck me. and one of the reasons we're having this event is in discussions you have with i would say intelligence or military professionals, on classified or unclassified basis, there is a general consensus within the community that we are in a conflict. and that the con fliflict is geg better and not worse and we aren't doing so well. it is getting worse not better. that is what i meant. getting better for someone else but not for us. that is the wrong way to go. so we are in a new kind of conflict and if i got a general
agreement from the speakers that, that we need to do something back and start our own discussion here by asking what does that do something back look like and one of the ideas that some people, including me, have floated is we have a fairly effective campaign, we can talk about how you define effective, against isis. it was joint task force. should we be taking -- and jim you mentioned we need a cyber response. should we be taking pages from the jtf aries book and apply them to russia, china, iran, maybe north korea. >> you want to go first. >> i think the joints task force is a good model. it included both cyber activity, technical intelligence and information operations and the idea of having a campaign plan, a campaign approach is critical as well. but the range of tools that should be brought to bear with respeck to russia and its cyber
actions and its -- and in some of the allies, domestic politics, pressure as well being brought there on individuals and parties. we need to have a much broader portfolio and that includes legal action and economic sanctions. and so and it includes working with allies. but the campaign plan includes these elements to push back on information operations and cyber -- as it does make sense. >> rick, i think it does. i think it has got to be, as jim said, knit together with legal and economic and diplomatic activities. it can't just be just cyber. some of that has to do with the fact that we live in a glass house when it comes to cyber. we're more vulnerable than russia and so a -- in a tit for tat battle we lose. because the american people have more at risk than the russian people do and the -- or the
american government has more at risk than the russian government does. so think about the mal-ware that we talked about that is on critical infrastructure in the united states. well it is been there since 2012. starting with something called have eggs and then black energy bot so it is known that it was russia and so the question is what is that about? is that about having a capability to use if and when you want to, is that about messaging, deterrent value and probably a combination of both, good military planning just in case and a little strategic messaging and deterrence mixed in there so to counter that, you can't just go back and do cyber activities. you ha you have to do more an engage the legal system and find the enablers both in russia and outside of russia that are enabling that to happen and start figuring out how to exert pressure on them to build a coalition of like-minded countries in order to make -- make statements about the sorts of behaviors that are not
tolerated. congressman mike rodgers and i wrote an op ed on four things the government should do and one of them -- one of the most important is a u.s. statement that this behavior is unacceptable and we won't tolerate it. before the elections, the u.s. should just say that unilaterally and then use it as a basis to gather international support for that sort of thing over time. >> now i'm the position of being able to say i agree with everything that jim and rick said. i walked to the -- through a little bit in my opening remarks two areas that i think in terms of don't need like for like on how to respond for this activity. you need to device measure that impose enough pain to change the cost benefit analysis. and that is where focus one on the -- two types of sanctions that we haven't done to the extent that we could both in terms of what the law allows and
our ability to apply it when it comes to both the assets of those companies and real estate of oligarchs and the macro economic sanctions. and then secondly the idea that there are known operatives in almost all of our allies that are operating out of post and so far it has been tit for tat, each country has something provocative occurs and we'll respond but if that was done in coordination with allies simultaneously, it would show there is an increase to the cost in the behavior. and the behavior is not against the united states, we've talked about the united states but it is global. and that is the behavior that has to top -- stop. russia's becoming a rogue nation. and don't -- you kind of guess
of the strategic calculations causing it to be increasingly rogue around a variety of areas, but that decision is causing it to do things like attack international institutions like the olympics, to use russian affiliated actors using chemical weapons on the soil of a close ally, the harboring of cyber criminals committing billions and billions worth of damage to everyone around the world and the servers are known to be locate and rather than take them down, they're signing up many of the organized criminal groups as intelligence assets while giving a green light to their continued criminal activity. to the use of something like nonpecha, virus that self propagates or pretends to be
rans ransom ware and that is hitting everything from hospitals to companies. when you look at that behavior to jim's key point is it is -- it is against their own interests along with ours to allow that to continue to escalate because eventually there is going to be a snap back and that increases the chance of both sides miscalculating and having a much worse situation than you have now which is why we -- that it is urgent that we act immediately to stop that one way ratchet of escalation that makes it much more likely there is a conflict that causes much wider harm. >> you are going to hear agreement among the three of my speakers and me throughout the thing -- and that is one of the things i wanted to get out of this, you talk to people who either are in the business or were in the business, there is a general sense of consensus. there is a general agreement. and so one of the things we'll try to do and maybe tease out,
if there is someplace -- i haven't found it yet. but it is also to help get the public message out there that we are going into a fight. we are in a fight. and we now need to maybe put a little bit on our side. and a couple of points came up that might be worth talking about. one of them is -- one of the advantages -- some of our opponents have and if we come up with response strategies, they could be applied to china or to iran who are also very active, to the north koreans who are on their best behavior but that could always slip. they know that we worried a lot about being consistent with both our own laws and with international law. and particularly with international humanitarian law. so how much do we need to worry about proportionality in the responses. do we need to think about proportionate? what is proportionality in these acivities. so we want to follow the laws of our conflict and it turns out that makes it a complicated
response. i don't know who wants to go first. jim in. >> i would be pleased to go first but we have someone with legal training. >> the first time they turn to the lawyer. >> if i could make a quick comment so you don't badly about that, john, from my perspective, proportionality does not mean either that the response is semetric, cyber for cyber, nor does it mean it is exactly the same scale. a proportional response intended to send a message that avoids a war could be substantially a larger response -- >> and some lawyers will say that is wrong. >> i think it is -- it is a right and forget the -- the law, it is the right policy to try to divide something that is proportionate in other words that is designed to fit the action that you are responding to and want to discourage.
now it so happens in this case that we have pretty good estimates, particularly if you take into account again these scale of damage caused by both -- not peca but the continued harboring and flouting of international norms which wh it comes to cia criminal activity. we talk about this big amorphus cyber enabled means, rightly so. it is not amorphous from every country around the world. the cooperation with like-minded countries that disagree in other areas will cooperate when it comes to law enforcement when it is criminal behavior narrows it down where a lot of the behavior right now that is affecting the entire world's -- i say digital economy but really e-commerce is commerce now is emanating from russia. that means when you are talking about proportionate steps, the
damage amount is way up in the billions and billions of dollars. interesting report to follow up on the csis, and if you did a estimate, the last is between $650 million to a trillion dollars of criminal cyber behavior and could you assign a percentage coming not necessarily from the russian -- from russian state but from russia without response to requests for law enforcement, cooperation and that gives you a sense of where the outer boundary might be on proportion. >> we've actually gotten exactly that question from the house finance committee. so hopefully we could hook up an answer to it. but i think it is probably going to be more than 50% attributable to russia. but that is a guess. and we need to refine it. but, rick, when you think about proportionality, how much did that worry you in your old job? >> i think exactly as john
points out, it is a legal basis. we're a nation of laws. we follow the laws. and of course we have to be proportional. but i also agree with jim said, proportionality is not necessarily the same domain. so if you look at the assault on our democratic institutions and our society and the use of in flamtory -- sometimes fake news, sometimes emphasis of -- or slants on a particular story that may have a kernel of truth, that is a strategic bar that is high in terms of things to do to respond to that. i'm not advocating a military response. i don't think that is appropriate. the military response. but there are things short of that that are serious that we should consider. >> you could think of a -- a sort of scale where you would have cyber kinetic legal
measures on one side, covert and overt, is there a preference. does overt have a advantage over covert. what is the blend that is most effective? >> can i take a swing at that. >> sure. >> so i think that we want the hand of the united states to be seen in this space because we're sending a message and trying to deter behavior and if you don't let the hand be known at least tacitly, then it leads to -- and the russians have done a masterful job of this, of doing actions and doing things that are essentially illegal under international law but having it be known but not provable that it was russians. sort of a wink and nod. and that is good for internal consumption and shows the president is a strong man who stands up to the west and the
russia view is they are not a great barrier any more because the west victimized them in a cold war. >> jim or john? >> sure. i think you covered many of the categories. but being explicit to include diplomacy, if it is limited to diplomacy, and the strong words and so forth, it is clearly inadequate. but in addition to the kagt-- t you put out and john can speak with more expertise, is economic sanctions. whether they are targeted at specific individuals, whether they are targeted at other entities or firms and they could be tailored and they are not a perfect tool but they are critically important to this area. and i do think we need to say, if we are getting hit with offensive cyber penetrations then the use of offensive cyber to counteract that should be on the table. >> on point of diplomacy being an important part of the
package, i think that is right -- and it is also proportionate to what is occurring because again it is not -- it is an attack on democracy that we're seeing where there is a systematic attempt to undermine democratic regimes in countries throughout the world. there are cyber criminal behavior is affecting countries throughout the world. the reckless use of offensive tools like [ inaudible ] are askias affecting countries throughout the world and the more countries that are involved ant the greater the likelihood you change behavior before you reach a state you don't want. and related to that, i think public is important. and that includes working on means -- means of criminal indictments is one, sharing information with private sector and with parties overseas is another, of sharing resources an making attribution public and continuing that strategy, which i think this administration is pursuing. speed matters.
so trying to do that quickly and in conjunction with allies -- i'll throw out one idea that i'm not sure i exactly endorse but try to be -- another area to take a look at would be -- and this is related really to the cyber criminal activity. i don't think it fits as well for the undermining an election regime but the sovereign immunity doctrine to see if -- you might be able to do it now. but also to see if there are ways to look at statutes that would increase the likelihood that private parties could bring suit for the damages that they've suffered. and not pecha, the but the damages to certain companies already out and outlined by independent groups, so that our victims hear suffering damages -- you could consider such a mechanism as well for election -- i think it is hard tore come one a concrete damages
and probably less suited to the civil system. now that -- that approach has been explored before, for those who support state sponsored terrorism and it has draw backs as -- drawbacks as well because -- because that is more provocative. i'm not sure i'm endorsing but something to think about. >> pretty bold. >> it is interesting. jim, could i add a category and i may ask a question of you because you are the expert on this topicch , so improving the resilience from the critical infrastructure for example, is vital vitally important. our defense report concluded that we are not going to get there within the next ten years, with respkt to russia or china. but taking those steps will make increasingly the resilience of cyber protection associated with it will make it more difficult
and make it attribution more viable and it will make it also importantly, less likely that terrorists could hold us at that kind of risk, a catastrophic attack. and the same is true on the information side. that the russians are piling on to -- when there are fires lit on the far right and left to pour gas lien on them but they are not creating new arguments. they are amping up arguments that are there and trying to get us to be more polarized. the reality is is that -- the phenomenon of fake news is not something that they brought here. it is something that has existed over here and that they've helped to develop further. so finding ways for -- it is heavily in the private sector but a government role as well. finding ways for us to combat fake news in ways that are consistent with the first amendment and so forth.
i think you could think of that as a type of resilience but i put that out as a category. i think it is absolutely essentially, i do not -- i think it is sufficient but essential and it is even more essential for the lesser actors who have increasing cyber capabilities and want to get into the game of manipulating u.s. public opinion as well. >> no, i think you need to split it into two parts. and so on the resilient side i'm gloomier in that i don't -- ten years is probably an optimistic estimate so i do think -- i would make fun of deterrent and i do still at some levels but you have to convince potential attackers, and we have four, that the risk of doing something to critical infrastructure is outweighed by the cost and that is part of what we're talking about today. is how do we identify costs that could apply to people. on the social media side, i think there is a question of what does -- what does
intermediation look like and the ability to impose new standards on the new media look like. and some people have said, well facebook needs to go out and hire 3000 editors. they probably don't need to do that. but how do we encourage people to begin to identify the false information that is probably something that you could do with technology, but how do we do it in a way that is respectful of freedom of speech. it is a very complicated issue because no u.s. government agency has the authority to go and say, this is -- this is fake news. this is false. so it is something that we'll have to either change the laws or find incentives for the companies. >> i do think there is a role for the government in terms of helping identify the prove innocence of -- the providence of a story and the first time this story appeared was in this place.
and that is input that i agree our government can't run. but i think that -- and john, you would be the expert on this, but i think that they could add a paragraph to the 39 paragraph and user license agreement that nobody needs that says we're going to exercise our judgment and flag things that we believe are suspicious or don't look factual and you agree to let us do that. >> how would you break -- how would you avoid a tit for tat cycle? what would you do -- this is not going to be a one-move game. so we've experienced things -- i think we should do something back and i'm fairly confident the other side will not say, okay, we give up. so we'll get into a process here and how do we control that. and i don't know if escalation dominance is the right way to think about it. that is a nice nod to her man khan. but what is it we do to get out of the cycle of tit for tat and
you've seen this in the terrorist cases. for those that are the experience, it doesn't do you any good to get into response -- counter response cycle? >> i would -- -- i agree with that. it is true within cyber space, because as was noted early. >> we are more vulnerable than russia in cyber space. that doesn't need it be the case forever. i do think ten years is probably on the optimistic side but it is not for increasing our offensive capability. and which is nontrivial even today. the -- one of the challenges that we need to just have in the foremost of our mind is we think about u.s.-russia tit for tat, high on the escalation ladder is thermo nuclear war so taking steps we have limited aims even though we're responding strongly, keeping open channels of communication, taking note of fire breaks. today there is a fire break
certainly between conventional and nuclear. i believe there is a fire break between nonkinetic and kinetic at the point you cross a fire break you are opening up a new level of potential conflict. and it's important to understand that. and finally, there is also something to momentum as well as to tit for tat. if the other side doesn't have a chance to absorb your actions along with your explanation of the action and its limited aims as well as intent. then the possibility of moving into a rapid tit for tat, that could spiral i think is much more dangerous. >> i think you also have to demonstrate that you are in this for the long haul. this isn't a two-move game. this is a game until it is done and until we get to where we want to go and that requires a -- a uniting of messaging from the administration and from the
congress to say -- and the support of the american people to say, yes, this is something that we think is important and we're going to stay in until it is done. >> support of the american people and i think key allies is -- as well. i think where we are in we're so far behind where the escalation actions have taken us that the next step could be coordinated in large. that will give a pause and time to assess. the problem now is that it is coming late and small. and so -- in that sense, it invites a similarly small retaliation where you are always behind where the initial provocation -- where the initial provocation was. this is serious -- undermining the elections was serious and i know we're a broken record on
that, but it is amazing that that is publicly attributed and disclosed but the action to date in response is -- it was beginning this week where we saw sanctions for the first time has not been proportionate to what occurred. so that ledger needs to be balanced with the next -- with the next set of actions. >> if you were going to look for a precedent for this kind of action, at least for me the one that occurs first would be the reagan administration. that is how long ago this was. where you saw concerted action against -- at that point soviet poo espionage by the u.s. and u.k. and canada and other allies. what do we need to do now with our allies. how do we work with the allies. >> u.k. is easy. they have an incentive. >> and john has spoken particularly to both of them and at one level it is the -- it is
the coordinated responses. and it is working together so that we don't surprise them or cause them to think that we've gone off the deep end and take -- or take such think it's such actions that we then lose their support and we weaken the alliance. which frankly to president putin would be a win. so it's that level of communication and this coordinated action and showing -- showing to president putin and to others with whom we wish to deter that we are capable of -- and will act together. that znts mean the most common denominat denominator. at the end of the day having a coalition is valuable but that doesn't mean everyone has to agree. secondly, technical cooperation as well. and that is -- that's been occurring over the recent years. i think that dial could be turned up dramatically. i know that there are -- in working with some of our allies, there are concerns about
security of intelligence and security of technical information and so on. but the reality is to deal with the technical challenges and the vulnerabilities we have in these systems, speed is going to be more important than information security in my view. so i'm getting the cycle where we work with our allies and partners closely. and help facilitate private sector than even more government to government is going to be fundamentally important. >> there's a -- there's a number of western-style democracies who have been subject to this sort of stuff. japan, in terms of the olympics, is one i think. germany, france, norway, netherlands, sweeten, italy, all of them have in one way or another been subject to this kind of activity. so it seems like there may be some natural allies in that space. >> this is something you emphasize in your questions. this is not just an issue of russia. this is an issue of at least in
the cyberspace i think of sending a message to those other actors who are wondering what red lines are, what you can get away with, what are the norms when it comes to international behavior, and in that sense too it escalates the stakes of getting this right or you're encouraging a miscalculation by, say, north korea or iran or another actor when times are tense. >> so the u.s. is encouraging response from like-minded nations, activities like this. response should be, you know, temporary, painful, but reversible, right. and what you get back from some of the smaller nato members is i'm worried about attribution. i'm worried that i just won't take your word any more, that it was whoever you say it was, north korea, china, russia.
what do you do in those cases? our answer has been can't tell you sources and methods. do you change that? do you give up and act u unilaterally. some said coalition of the willing. >> i think you have intel to intel service conversations about that. we do exchange classified information with partner services in other countries. and so it doesn't mean you show everything if it's a particularly sensitive source but you show a lot more than you would show publicly. and then it's the -- hopefully the -- the government trust their own intel people and they say yes, we looked inside the covers and it's real. >> owh, john, go ahead. >> as well, we've seen strategy that this occurred with the december actions. there really were three. to focus more on shutting down of certain facilities and removing operatives and
sanctions. but the third was releasing the signatures of the code that was being used by russian actors. and similarly, it's been an open secret in cyber security community that the energy leaks were attributed to russia. stating it publicly allows you to show those indicators to allies who are looking at this saying trade craft. there's a way in this space to work with robust third party community of independent cybersecurity experts who, once they get the signature, make use of it. >> john raises a really good point. one that i don't recall seeing in the press. those same implants and critical infrastructure exist all over western europe and other, again, friendly to the west countries, so it's not just in the united states. >> if you were going to do one thing right now, i know we've talked about the need for a
coherent strategy and an olive government approach. now we're on the spot. what's the one thing you would do right now? would you fry the servers and the internet research agency? what would you do? would you release panama papers too? tell me what you would do. >> so i'm going to do a cheat. the first thing is have a campaign plan approach to this, right. and once we've articulated where we think we should go to work with our allies and partner so we're not acting alone. i think it's time to go directly after the so-called oligarchs. and so hit them in the pocketbook. in a way that president putin notices. and that would be done through targeted economic sanctions. and that would be -- i think it's useful to have a category of these sanctions that are specific to the combination of cyber intrusions and ongoing information operations.
for example, we could say these would come off if we get through the 2016 election cycle and our allies get through their election cycles as well without interference and they could -- they would go on -- >> on the 18th? >> i'm sorry, yes, thank you, 2018. and some for 2020. then leave room for them to be dialed up also if there's more interference. that's not sufficient but i think that's necessary, one that i would be looking to build consensus on right now. >> just a little further, a key part watch you would do then is interact with the russians and be very clear in messaging them about what we're doing. >> yes, exactly. >> go ahead. >> i think that's exactly right. the campaign plan is a key part of that. because, you know, if you tonight know where you're going, any road will get you there. we need to know where we're going. it doesn't need to be a fully for the plan, you know, in -- on page 35, but the first 5 or 10
pages need to be clear. an overarching statement of a goal. something to generate enthusiasm inside the country and with allies to support that thing. the first actual act is exactly that, going after the oligarchs money in terms of asset seizure. i would use the power of the u.s.-based financial system and the banks to exert influence on banks that we may not have great relationships with but they all send money through u.s. basks. that give us a very big lever. in the case we're willing to use it. >> the same space, so i agree, i would consider. but this is less to do with the cyber activity and more to do with the incident that just occurred in the united kingdom is contemplate a simultaneous expulsion of members that are linked to their intelligence apparatus across multiple -- across multiple allies. the other thing, which is
deterrent, which is the pending legislation, would be a dead man switch. it's advocated for a while. it says essentially if there's a neutral joketive assessment from the intelligence community that's provided to congress that says "x" country is meddling with our election, the following retaliatory actions will occur. and there's a version of that. i can't remember which bill. it may also be in the reveal bill. that says essentially when it comes to russia, there are five bank, and the executive branch can pick two, any two of the five. but if this is the conclusion there's meddling in 2018, then they will face macro economic sanctions, which would cut them off from the u.s. banking system. that way your red line is clear, pre-election, and hopefully there's no confusion as to what our action will be. and it takes it out of the
partisanship so it doesn't exacerbate any tension between -- any internal tensions here and that way it achieves their goal because it's a dead man switch, it's going to happen in the conclusion is reached. it's not a party decision. >> i would say it's with great reluctant that i endorse that idea. not just because of the history of the idea and the nuclear business where the russians reportedly did have at least to the past such a mechanism to release their forces but also because i would like -- i would like a situation which the administration and congress would work together and tailor something. that's been difficult lately. and because of that, i would support that. i would just add that it should be the floor not the ceiling. and that should be understood. because otherwise, you're allowing your potential adversary to calculate exactly what the costs are and they can -- and you want to add that uncertainty. you want to be able to add to that cost. >> you can tell a couple of us
are recovering arms controller because we keep coming back to it. it makes you wonder, then what will the declarer to policy look like for this? and main not the old-fashioned single essential. the facts happen, why is the consequence -- do we get a benefit from having a better decollarer to policy? declaretory policy? >> if we are attacked, we will respond. we will respond in a way that is intended to increase the costs of that attack. so they significantly exceed any benefits the attacker expects to achieve. importantly, then we need to act on it. we have multiple statements that amount to policy. what we haven't done to date is take substantial actions that
actually do increase the costs of having any possibility to be even approaching the level of benefits. maybe another conclusion, to further -- maybe another conclusion from this conversation is we need to act. >> i agree on the policies. we said earlier in the op-ed. i think being overly specific is bad. you don't want to give them a road map on, okay, well, this is okay, so i can do this. you want to just say, you know, if we see activities that indicate, as jim said, that we're being attacked, that our critical infrastructure is being attacked or efforts under way to undermine our democratic policies, then we deserve the right to act with all elements of power as we see fit in a proportional way. loyally words to that effect. >> i don't want to underestimate. i think it's important to have a
decla declaretory policy. we've declared it now multiple times in the context of specific actions. that has a -- the inverse effect of encouraging future action. so i think less time right now on figuring out the exact words of the go forward policy. and putting points on the board and, cuting a response to the action that's already taken place in violation of the member statements from two administrations that really agreed on very little else. >> if i was mean, i would now ask them why do they think we haven't enacted this. but i'm not going to do that. or ask them how do we get out of the trap of making statements? i'll put that one on the table. but before i do those questions, let me see if there's anyone in the audience who has a question. we've got one. we've got two, three, four, five, six. we've got a lot of questions.
so maybe we'll just go down the road and go ahead. >> steve winters, independent consultant. you mentioned the oligarchs several times. i heard paul wolfowitz float the same idea. he said the way to get to putin, the way to get to the people he runs the country for, a tack them where they'll feel it, their lifestyle, their money. so i'd just like a clarification on that. i'm not a fan of russian oligarchs. but this sort of principle here, you're not actually saying the oligarchs are involved in the cyberattack. it's just putin's dependent on them. they'll say change your behavior because we don't like what's being done to us. if you extended that principle, if you didn't like what xi jinping is doing, well, take the top 100 billionaires in china and put the squeeze on them and
pretty soon he'll change his behavior. so could you clarify that, exactly what the reasoning here is? >> my guess is we all have the same perspective on this but let me go first. i'm not talking about a blanket approach to everyone who's made a ruble or billions of rubles in russia or anyone who's affiliated with president putin in any way. those people who are close and who are part of the decisionmaking process and specifically those people who are involved in a way in which we can credibly demonstrate, even if it needs to be through classified channels, we can credibly demonstrate that they have a role in decisionmaking and in support of some of these network mentioned earlier as well. there's a substantial number to whom that would be applicable. >> and one thing i've been through and kind of forget was while china is in some ways a more difficult target than
russia because of the greater economic strength it has. complicated commercial relationship with the u.s. but why don't we -- we can come back -- we have a couple things we can come back to but there's a lot of questions. can you hold up your hand again? go ahead. then we can maybe just slide over that way and then we'll come back to this end. >> thank you. i have two questions. so why do you say that we're more vulnerable in cyberspace than the russians, that's number one. and number two, if there's an unwillingness to act on everything you've said, what are our options? other than the hand-wringing? but so far, the administration has shown an unwillingness to do much. even to acknowledge that russia is a problem. where do we go from there? >> i'll take a stab. the reason is because we are so much more dependent on computers
and networks and information systems that underpin our day-to-day lives. everything from groceries showing up in the grocery store and gas showing up at gas stations on time to the network that supports using your debit card to pay for those things when it's time to do them. to the power that goes to your house. all those things are intertwined and they're all part of a critical infrastructure. there's a great report by the national infrastructure advisory criminal from august of 2015 on the dhs website that talks about the intertwined financial telecommunications and power, infrastructure. how if any one of those goes down, everything goes down. >> the good news is i think we're approaching parity in terms of reliance on the internet. maybe not all of russia but certainly key parts in leningrad, partdon me in st. petersburg, moscow. hold your hands up again.
this time -- every time i say that, more people hold up their hands. just pass the microphone along as we go and that will save a little time. but we've got the individual there with the blue shirt, thanks. >> mike connell. cna. internet sovereignty perhaps is a way of moving forward. sovereign control of information flow within their territory. is there any opportunity for working with them in that area? is it just really there's no room for compromise in that area? >> either of you guys want to -- >> well, so the idea has occurred. you can make a trade. where you acknowledged the desire by russia and several other countries for greater control over the internet. in exchange for some level of cooperation perhaps on cyber crime, perhaps on stability.
and it just -- there's two fundamental problems. the first is very often the deal would involve abandoning core parts of the universal declaration of human rights and western countries aren't willing to do that. the second part, there's a concern you could make the concession and then not actually get anything in response. so it has been talked about in the last few years. and doesn't seem to be a useful avenue. even the russians don't raise it anymore. we have another one. go ahead. >> paul schwartz, at cna. i think mr. miller mentioned putin perceives himself under attack and the west is aiming for regime change. and there was -- when it came time to talk about potential options, going after the oligarchs bhaen s was mentioned times. are these two things reconcilable? are we risking unwanted escalation by threatening the
very thing that you said he feels is fundamentally at risk here? >> yes, in my view, there's -- it's important to go after those people who are involved in this type of activity or supporting this activity. either officially or unofficially. and who are tied to president putin. and at the same time to show that we have limited aims. to both state that we have limited aims. and by the actions we take, not demonstrate we have unlimited or broader aim of regime change or of undermining the power structure within the kremlin or the power structure in the country. anything that began to hit it, that would be at a very high level of escalation. >> there's a precedent, you know, with china where there was the indictment of five members of the people's liberation army, but it was very specifically
tied in public messaging. made clear this was because of a particular type of activity, the targeting of private enterprise here for the commercial benefit of private competitors overseas. and subsequent actions matched that principle. it allowed for a breakthrough where president xi agreed to that principle. since then, you've seen a decrease in that type of activity. not all activity. but the type that was within that principle and then you saw on the u.s. side there weren't -- there haven't been additional actions that are outside of that principle. so clear messaging and sticking with your lane i think matters. >> if we have time, which looks like we won't, maybe we can come back to how would you persuade the russians that we weren't kidding, you know, we really were serious that we weren't
going to change the regime? because i think they're deeply paranoid about that. >> sure. >> one more question. we had multiple questions. >> yes, gentlemen, thank you. i think if you took a comprehensive look at our, like, policy on sanctions for russians, it's going after the oligarchs is going to be what hurts putin the most, right? we've sanctioned the oligarchs. we've sanctioned banks all over the world. my view on that is i think what putin values most is being the puppet master. he likes controlling the intelligence services. he likes controlling illicit activity. whether it be through federal agencies or, you know, his army of hackers or mercenaries in different countries. what approach could we take to attack him if that's what we think hurts him the most? being the puppet master? being the kgb officer that he formally was?
>> you can just pass it to your right there. okay. i'll give a quick first response. your question highlights why it's important to have a campaign plan and to think through the steps that are maybe taken today. and could be taken in the future. my own judgment is if you lead off by going directly after the instruments of state control and the center of president putin's or anyone else's power, that's a pretty big move. far more serious than going after some of the assets associated with some oligarchs or other sanctions. i personally would think you'd want to reserve that type of move for higher on an escalate ladder, understanding that you could get there, but that when we get there, president putin may believe what's good for the goose is good for the gander, if you will, and there are steps that could be taken the other way around that could lead to in my view potentially serious
escalation. i wouldn't take that step off the table, but i would say that if you believe they're worried about regime change, to go after the instruments of power would reinforce that view. the capability to do that may be something we desire to prevent them from escalating rather than something we lead with in my view. >> i agree with that, except i add one more thing. in addition to the oligarchs, i would also demonstrate the ability, although not do it at scale, to get information into russian citizen's information flow. there's dozens of technical ways to do that. everything from broadcasting television over satellite with the country to doing things on the interior net. i would also signal we can do this if we want to.
we're holding back because we're, again, trying not to be exploratory. >> former chief science adviser for microsoft in the uk. let me set the stage, rick, this question is for you. if we rightly assume that russia had something and they're holding over trump's head, is it possible, and i'm going to ask if your answer can be yes, no or maybe, is it possible that trump is taking actions -- the actions that trump is taking to destroy our relationships with our allies and other countries, with the intention, with the intention, of making us act singularly such that our allies will not support us in the
future? is that possible? yes, no or maybe? >> so is it possible or is it likely? >> likely. >> there's a fourth option which is if you've ever seen "sesame street" the option is "me no recall." >> i think that's highly unlikely. if you look at president trump's behavior and how he acts with other entities, there's a consistency there. it's not like a 90-degree change in behavior. i think this is just the extrapolation of behavior into his new role. >> we had one in the back, then we can maybe move over to this side. there's a couple. there's three who are coming close. >> -- cyberattack, intellectual property. given that the u.s. has had a weak response and expertise in international cyber diplomacy, do you believe this has set a
precedence -- oops, sorry. do you believe this has set a precedent for other nations to engage in this behavior and interfere in other western democracies? if that is the case, maybe what countries can we consider as potential threats. >> so i'll take a quick -- i think the other panelists have more expertise certainly on the technical side. i think we were very slow to respond to chinese theft of intellectual property. they did it at scale, massive scale. and it was -- had economic costs to the united states and economic benefits to them i think are measured at least in the hundreds of billions if not trillions. so that was -- we were late to take action. i'm pleased and proud that president obama did so. i'm pleased and i was frankly a little surprised how successful it appears to have done on increasing the scope and scale of what the chinese were doing. i think your question -- you
question is right -- or is along the correct lines. if you are a western developed country and you're looking to boot strap your economy, trying to find niches or even larger areas where you can gain intellectual property and have an advantage where you didn't invest in the research and development but you can exploit it. would look awfully attractive and a small investment could bring that along. the good news is in putting pressure on those countries, the united states has a lot of tools, including not just legal and diplomatic, but economic as well. it's worthy of considering what it looks like in that regard. i don't -- i'll turn it over to my colleagues. i was not aware of any countries, any small countries attempting to do that. attempting to do that at scale and in ways of having that diplomatic conversation and the
threat of economic reaction would not be sufficient. it's something to consider for the future, certainly. >> i agree with what jim said. i thought you were asking will other countries take a cue from the russians and try to pull the levers to effect, you know, elections and opinions inside the united states. the answer to that is yes. and i also think that it's not just governments are doing it. a colleague of mine was in europe recently and told about a contact from a company that was offering information operations in support of a brand in a not very thinly veiled offer to not just speak positively about his brand but speak negatively about other people's brands so think of it as combat advertising. >> some of us got a briefing on effective social media presence by political operatives. my immediate thought was we should do it. blue star rating. can we move the microphone over to this side to -- >> i actually have one question. >> i'm sorry, go ahead.
>> it was actually about social media. there was a comment about facebook. that goes against the main point of facebook. facebook considers itself more as a conduit, a platform for article. so what does this look like when the u.s. government is asking things like twitter and facebook to help combat the fake news? >> well, actually just in terms of waves. so you may remember my space, which was one of the original social media sharing-type companies. and the first wave i think is they at first did not take seriously the fact that child predators were exploiting that platform to reach kids. and that to some have said the fact that the platform no longer felt safe drove my space out of business and is where facebook originally got its rise. and then we saw -- time i was
working on terrorism issues. the islamic state in the lavant adopt a new strategy, crowd soursing terrorism and attempting to use social media just like al qaeda used western technology in the form of aviation to kill. they were trying to use social media to turn particularly young or troubled people into human weapons to kill. and it took a little while. in terms of conversation. to convince those in social media companies this was a real issue, threat, abuse. they when were convinced, i think a combination of public attention to the issue, they took steps to combat it and put additional resources in. and we're just at the beginning now of really focussing on the nation state threat and the use of those platforms to do things like attack fundamental values of undermining democracy.
in the interim, the other issue they've been having is bullying. which is decreased people's desire to use the platform and as a way of preventing free speech. if you are so bullied when you articulate an opinion that you leave the platform. so i think there's business reasons consistent with their model why they want to make it ultimately a safe place. i think it was rick who raised this. there's some transparency as well. so you're not deprived of access to the view but you know where it's coming from. and that should be encouraged and on the government part requires sharing as much information as they can about what the threat looks like in a way the companies can consider and then take appropriate action using their platforms. >> it's worth noting too that it's not just the u.s., it's also a number of countries in western europe. driven more by islamic terrorism
than by russia in many cases. political extremism. it may not just be the u.s. who asks these companies to change what they do. can we move to this side? i think we've got time for -- i think we got two questions here, is that right? >> hi. first, thank you very much for coming today. really appreciate hearing from each of you. my name's john. i'm an air force officer. have a quick question. would be interested, the way you portrayed it, it was not very effective in your opinion. what would it need to be effective? and is the state department the right place for it? and then just kind of writ large, your thoughts on information operations and how to do them effectively and the authorities, legalities maybe that are needed and what we can do to make them work. thank you. >> yes, great question. in terms of effective information operations, there's certainly areas in which the u.s. military does it
effectively at a tactical level. and you can go through multiple cases including at certain points in time and in many locations in iraq and afghanistan during those operations. that's obviously not what we're talking about here. we're talking about effectively communicating to external audience, including international audiences, regarding on the one part of it, the mission, issel and al qaeda and so forth. and about russia. to me what that fundamentally means and what is the centerpiece of informational operations at the tactical level at all is truth telling. and the reality is the united states is not going to be the most credible source of information about islam or about -- or about russia. so that means -- to me it's about building coalitions. and emphasizing that the mission
is to get the true story out. and to shed light, you know, literally. on what's really going on. i think any effort -- anything that has the slightest taint of propaganda will be absolutely counterproductive. whether in the counterterrorism or in the combating propaganda from russia role. it's got to be about truth telling and getting the story out. and working with others who will be more credible than our state department in that regard. >> i agree. i think the moral in my mind is like a combined joint task force where you've got from all a cross the whole of government and you've got international partners and they work together under some kind of construct to say here's our -- agree on the goal and agree on the campaign plan. and then execute it in that way.
i would not put dod in charge because internationally that resonates in a certain negative way. definitely be part of the team. >> peter who's at kings college had a good idea. i don't know if he published. this is in a conversation. we the usg should just get out of the business because people aren't going to trust us. he said, why don't you just create contests on youtube and have a $10,000 price for the best -- we're talking anti-terrorism. anti-terrorist video. let some kid do a rap video, you know, a hip-hop. it will be ten times better than -- we used to call them useless when i was a child. but the state department entities responsible for this. i think i have time for one more question. >> yes, while we're waiting, that kind of reminds me -- the madison valley coalition that
the previous administration put together to get madison avenue, silicon valley and hollywood together to produce that. >> i think they sponsored called -- of developing content in universities. the government just explained the terrorism problem and then stepped back and said we'd be the world's worst messenger to disaffect our youth. >> so that's another area of consensus. i think everyone up here thinks usg should get out of the business. go ahead. >> rob shawl, usg. homeland security. i think my question dove tails nicely the last two, talking about the information influence based and building resilience. what viability do you see in a german style law or approach that says social media companies should have a reporting
mechanisms by their users for this kind of information and maybe a reporting mechanism to the usg on how they handle that. do you see that as something that could work here or would that run afoul of -- >> so the first part of social media companies having a mechanism so users could report content that's in violation of terms of service essentially and having an effective mechanism. i think you're seeing a movement towards that by our social media companies already. the question of then whether that required reporting to government that would be a much more difficult -- maybe not desirable to mandate. there's huge brand incentive though. depending on the type of activity. if it's criminal or other type of activity. to do those reports. or do them in scale ultimately. and then as jim was touching on,
we're in a world of multinational corporations where they need to operate and abide by the values of multiple countries and legal systems simultaneously. so the actions of countries in european are going to effect -- sometimes they can be confined to the country. case of france where certain content -- if you have the same law there, violate the first amendment. but there you can work out a mechanism which doesn't hit like what looks like a french ip address. but by and large, i think the solutions need to be one that sustain a global test. so the value that it's endorsing has to be one that is consistent with countries that share our values and ones that do not on human rights. so it's a neutral value. and then secondly, the execution is one that they could abide by,
multiple countries. that's an easier -- if you violate terms of service, then that is an easier one to come up with a reporting mechanism and do that's country agnostic. >> anyone else? let me try and summarize a little bit. if i miss anything, please correct me. so what i got from this was we're in a conflict. it's not the kind of conflict we expected but it's the one we're in. we need to act. right? another policy will not do us any good. we need a campaign plan. it's got to be a whole of government complain plan. it can't just be a one off type of thing. we need a portfolio of responses that includes legal, diplomatic, economic and potentially military. either overt or covert. when i say military, it could be the intelligence community, it could be dod, cyber community.
but forceful responses have to be part of this. this game will be more than one move. it will be multiple moves. we need to think ahead of how we will deal with those moves. finally, messaging is important. both to the american public. to the political leaders. so they know what we're up to. but also to the rest of the world. and to the russian people. and that includes contact with the russian leadership. to let them know we have limited goals. we're interested in stability. regime change is not the target here. anything you want to add? >> one thing i might add. if we're not completely unified, at least -- the compass arrow in the same direction.
>> more than a unilateral approach, so that's a good point. >> they dove tail well with yours, jim. one is we need to expect escalation. if we don't respond, we'll have a rapid later escalation. we're better off having some potential steps. we need to understand that will happen. and your point about -- speaks to that. second, increasing resilience of the critical infrastructure and including our electoral system. our 50-plus electoral systems. and the technology behind them. and to find ways to reduce the impact and the -- fake news. these dynamics exist within our country and other actors including terrorist groups and small states that may wish us ill like north korea. their capability's coming up. we can't overlook that offensive
side as well. >> on the defensive side, i think we need to start thinking moon shot and incentivizing the research that says we put certain systems using -- we've moved information over a very short period of time historically 25-year period from analog to digital. we connected it through a protocol that was never designed for security. and we're on the verge of doing that on an exponential scale while repeating the same mistake of not building security on the front end when it comes to the internet of things. before we make that society information, we need the legislation regulation collective will to ensure we don't make that move. so that's another area where the time to act is now. regardless who the adversary might be.