What the Future Holds for American Intelligence with Amy Zegart

hello and welcome to the future holds for american intelligence with amy zieger my name is tanya shornak and i'm the program manager of alumni education at the stanford alumni association amy ziegert is a stanford alum and is the morris arnold and nona gene cox senior fellow at the hoover institution a senior fellow at the freeman spoke institute for international studies and professor by courtesy of political science amy specializes in u.s intelligence emerging technologies and national security grand strategy in global political risk management an expert in intelligence reform she served on the clinton administration's national security council staff and as a foreign policy advisor to the bush cheney 2000 presidential campaign the author of six books amy's most recently wrote spies lies and algorithms the history and future of american intelligence when amy isn't conducting research or writing a book she's overseeing the hoover institution national security affairs fellows mentorship program is teaching classes this spring at stanford with the same title of her recent book spies lies and algorithms welcome amy thank you so much tanya it is just a pleasure to be with all of you and i just have to share before i begin it takes the stanford alumni association for me to actually uh see that my former roommate from hong kong who's a stanford alum dana bender is on the line so dana it's great to see you i didn't go to stanford as an undergraduate i didn't have that pleasure but dana did and i connected with the stanford alumni association my first year out of college to host me when i was living far away from home so stanford is the gift that keeps on giving um what i want to do today with all of you is to share my recent book spies lies and algorithms and to hope to put i hope into perspective a lot of what we're seeing in the news with russia's invasion of ukraine and the unprecedented use of intelligence in a number of different ways and so i started off writing this book as an intelligence 101 i wanted a book that i could use to teach undergraduates and it turned out to be intelligence 2.0 i ended up writing a lot more about how emerging technologies are challenging every aspect of the intelligence enterprise so i'm going to give you in about 30 minutes this sort of sneak preview of the whole book uh and then i'm happy to to in to talk in q a about the experience of teaching this book to a hundred stanford undergraduates right now for the first time and what i'm learning about their questions and how they come at intelligence issues from a variety of different perspectives so i have a few slides so let me share my screen okay uh let's start actually with a picture that's worth a thousand words so this is an event that happened as i was finishing the book over july 4th weekend and 2020.

and what happened was this at 2 in the morning a weather satellite detects a fire that breaks out in iran the flames of that fire are so bright it's detected from space now iran's atomic energy organization released the photo that you see on the screen and you can see it shows a little bit of damage and a nondescript sort of building in the front corner of the building now the atomic energy organization of iran called that building uh an industrial shed that was under construction and said that the fire was a small incident that had limited damage well what happened was that two people named david albright and fabian hines quickly got to work weather satellite to texas fire uh the it's uh they go on twitter they're both non-proliferation researchers and armed uh and they work outside the government and armed only with their own computers they quickly start researching and they geo-locate this building and they determine within hours that in fact it's not an industrial shed under construction it's a centrifuge assembly facility one of the main ones at natanz one of iran's most important nuclear sites now they also determine looking at commercial satellite imagery that in fact this is not a small fire it's quite a large fire most likely caused by an explosion and quite possibly the result of sabotage david albright and fabian hines go on twitter by mid-morning the associated press is running their analysis by afternoon they're quoted in a major story in the new york times and by evening israeli prime minister benjamin netanyahu is asked at a press conference whether israel has sabotaged this facility in iran's nuclear program and as netanyahu replied as he normally does very currently i don't address these issues now this incident is important in a number of respects but to bear in mind that all of this happened very quickly all right in the course of a single business day the two men whose analysis fueled this news story didn't hold any security clearances didn't work in a u.s government agency didn't work in an intelligence organization and all of the information that they used they got from unclassified sources or open source intelligence now i'll share with you a slide that they used over that weekend this is the satellite imagery commercial satellite not a spy satellite you can see from the top down the much more extensive damage to that industrial shed under construction this iran shed fire incident is just one example of a dramatic new world that u.s intelligence agencies face now it used to be that tracking dangers like illicit nuclear programs were almost the exclusive province of government spy agencies but that's not true anymore emerging technologies from cell phones to the internet to ai and commercial satellites are profoundly changing the intelligence business i'll just give you a couple of examples when russia invaded ukraine the last time in 2014 the most important intelligence about those troop movements came from selfies not secrets russian soldiers like young people everywhere like to post photos of themselves on social media and they did that even as they were invading with ukrainian highway signs in the background and timestamps on their photographs enabling analysts to detect troop movements as they unfolded in the osama bin laden operation in 2011 pakistani military officials did not see our seal team coming but a local i.t consultant in abadabad pakistan did he heard strange noises outside his bedroom window and he ended up live tweeting the entire bin laden operation so intelligence isn't what it used to be more people have access to it more people can collect it more people can analyze it it's a dramatically different world but before delving into more systematically what does this new world look like for intelligence what's the future for us espionage i want to talk for a little bit about the old world of espionage and the challenges that we have always confronted uh in intelligence so we know that spine is as they say the second oldest profession it's as old as warfare the earliest known surviving intelligence reports were chiseled on clay tablets in the amarna letters more than 3 000 years ago we know sun tzu wrote the art of war in china hundreds of years ago and even our founding fathers were actually quite adept at espionage and even fake news benjamin franklin was uh the deception master in his day literally cranking out face fake news reports from his paris basement franklin you might remember was a printer by trade and he cranked out fake news stories with fake advertisements to inflame opinion in europe against the british and to generate support for the patriots during the revolution so we all know that spine has been around forever and yet my research finds that most americans know very little about how our intelligence agencies work and what they do know they learn from the movies and from tv shows i'll give you just a couple of disturbing facts that i found in doing research for this book disturbing fact number one there are more members of congress who are experts in powdered milk than u.s intelligence the congressional dairy caucus has many more members in it than the number of members of congress who have ever worked in an intelligence agency before i also found that professors don't typically study intelligence either i track in the top three journals in political science which is my field the number of articles written about intelligence in the 15 years after 9 11.

big intelligence stories in the news big controversies big issues we have detention and interrogation programs we have rock wmd and that intelligence failure we have warrantless wiretapping by the national security agency we have edward snowden so a lot of reason to believe that academics should be investigating these issues and studying these issues and of the nearly 3 000 articles that were published in the top journals in political science in that period only 5 out of 3 000 covered anything related to intelligence and since professors teach what they know we aren't teaching very much about intelligence either this is my undergraduates love this slide it's a leading question of course guess which u2 is taught in more of the universities ranked by the by in the top 25 by u.s news and world report and the answer is it's you two the band not you two the spy plane more of the top 25 offer courses in the history of rock and roll than courses on the history of u.s intelligence so there's an education gap in this country members of congress don't know enough about intelligence the public doesn't know enough about intelligence and we're not teaching enough about intelligence in universities so let me give a little bit of background about what intelligence is and what it isn't so most simply put intelligence is information that gives policy makers decision advantage and by that i simply mean information about threats and opportunities better and faster than competitors and adversaries now it seems cliche to say but we often forget that intelligence is not a crystal ball intelligence we often blame intelligence agencies for not anticipating the fast fall of kabul for example or not understanding exactly what vladimir putin is going to do and when he's going to do it but intelligence is much much harder often than the media portray it to be and it's because intelligence deals in fragments of information it deals with information that is often inherently ambiguous so we knew for example that putin's troops were massing along the ukrainian border but what we didn't know for sure was what those troops were there to do same thing happened with the first gulf war saddam hussein's troops were massing along the kuwaiti border and there was a real division in intelligence agencies about why they were there some analysts assessed that saddam was actually bluffing that what he really wanted was leverage in his negotiations with the kuwaitis other analysts believed he was preparing to invade it's hard to get into the intentions and the minds of somebody else so it's inherently ambiguous the intelligence business and then of course there are adversaries that are doing everything they can to deceive to hide to shield uh the uh what they're doing from others who want to figure it out so intelligence is not a crystal ball intelligence also is not policy intelligence is an input to policy so intelligence officials are not supposed to walk into the oval office and say mr president here's the intelligence and for this reason we recommend you follow policy a b or c intelligence is not supposed to do that it's supposed to be as objective as possible as an input to policy and the third and perhaps most surprising part about intelligence is that it's mostly not secrets typically 80 of an intelligence report comes from openly available information or open source intelligence this was true in the cold war it's not just true today it's always been the case so intelligence is not a crystal ball it's not policy and it's not just secrets if it's not just secrets that leads to the question why do we spend more than 80 billion dollars a year on all of these intelligence agencies or as i put a little more flippantly what what makes intelligence more valuable than just doing a google search and the answer is really three important uh things that make uh intelligence uniquely valuable for policy the first is that intelligence agencies tailor information to what policy makers need to know when they need to know it so a tank commander has to know will that bridge ahead support my tank and the tank commander needs to know that now not a week from now not a day from now not a year from now you need to know it now what are putin's aims today or tomorrow or next month at the upcoming summit longer term questions require intelligence agencies to answer them in a timely fashion one that's top of mind for many officials today why is china dramatically increasing its nuclear arsenal and even longer term questions like how is the cyber threat landscape changing those two are questions put to intelligence agencies to track and to deliver intelligence to policymakers about so that first crucial function what makes intelligence different than google is answering questions that policymakers have specifically and delivering those answers in the time frame they need the second function is what intelligence officials like to call speaking truth to power this is what i affectionately refer to as the spinach function of intelligence right telling policy makers things they might not have thought to ask and might not want to hear but they need to know what's going on in the world and the third function is marrying that open source or public information with those nuggets those secrets that are stolen from a prime minister's safe or intercepted in a foreign email communication for example so it's that combination of secrets and unclassified information that can really add insight for intelligence so that's the old world of intelligence and as you can tell the old world of intelligence is hard enough now what i found is we're facing a new world of intelligence if you think about internet connectivity you think about artificial intelligence and the power of algorithms today where you think about quantum computing and encryption we are facing a convergence moment where emerging technologies have never before changed so much so fast in so many different areas and they're changing intelligence too and as i describe it the moment of reckoning for intelligence is driven by technology that is creating what i call the five mores for intelligence let me take each of these wars in turn the first more being driven by new technologies for intelligence is more threats that intelligence agencies have to track now this is a this is a comparison of the cold war if we were at stanford in the 1980s and we were talking about one of the top three threats confronting the united states the answer would be the soviet union the soviet union and the soviet union everything was viewed through the lens of what would moscow think and the picture to to sort of give you an idea of that threat landscape is an actual reference photograph of a soviet missile being helpfully for our purposes paraded through red square that was a reference photograph that was used during the cuban missile crisis of 1962 but now thanks in large part to technology we have a much more complex threat environment with rising states failing states failed states non-state actors and more and if we think about cyber in particular for all of american history until now two things protected our country power and geography those two things don't protect us in cyberspace so the united states it typically was in the physical realm if we had a more powerful military we could provide better security but the united states in cyberspace is simultaneously powerful and vulnerable right because we're so digitally connected and because we have freedom of speech that can enable disinformation to go viral so we're powerful and vulnerable in cyberspace that has not been true in the physical world before and geography doesn't protect us either our two vast oceans used to protect us from the bad neighborhoods of the rest of the world but in cyberspace the good neighborhoods and the bad neighborhoods are all connected and we can't avoid that fate because the internet wasn't designed to be secure it was designed to be open so that's the first more more threats driven by technology the second more is more speed intelligence has to move at the speed of relevance for policy makers to have options and to make better decisions and that speed is dramatically accelerating thanks to technology so you know you can't get a phd in political science unless you talk about the cuban missile crisis so here's my cuban missile crisis reference in 1962 if we look at that studied event john f kennedy had 13 days famously between the time that u2 spy plane snapped photographs that showed soviet nuclear missile installations in cuba and the time he had to assess the intelligence and make a decision about what he was going to do he had 13 days between the time the intelligence came in and the policy was announced if you fast forward to 911 in 2001 president bush had 13 hours between the time of that first terrorist attack and when he had to announce his policy to the nation today thanks to cyber attacks we have more like 13 minutes or 13 seconds or maybe we're too late because we know that breaches are typically detected weeks or months after the bad guys have already been in our networks so the speed of intelligence is dramatically accelerating now too the third more in intelligence is more data all of us are drowning in data today and intelligence analysts are no exception i'll just give you a couple of data points to send this home there are more people on earth today who have cell phones than running water that's how connected we all are and the amount of data on earth is estimated to double every 24 months it's an astounding amount of data and it's growing exponentially so intelligence is a lot about finding needles and haystacks to generate insight for policy makers now imagine those haystacks are growing and growing and growing it's an enormous challenge for intelligence analysts so more data the fourth more is more customers it used to be that intelligence was always done in a classified fashion for people who had security clearances and worked inside the u.s government but today intelligence customers or decision makers who need intelligence are increasingly people who work outside of government voters like us who need intelligence about foreign election interference tech leaders who need intelligence about cyber threats to and through their networks critical infrastructure executives like financial services executives who also need intelligence about cyber threats to critical infrastructure this is a dramatic change for intelligence agencies that are have until now always been used to operating in this classified world and so what this slide is that you can see is a public service announcement from four different agencies one of which the the stern looking man on the right hand side of the slide is general nakasoni he's the commander of u.s cyber command and the director of the national security agency you know the joke of nsa was that it nsa used to stand for no such agency because it was so secret even its existence for years wasn't acknowledged now the nsa director is making public service announcements about threats to elections this is a very big change for intelligence agencies producing for a much wider array of customers the fifth and final more for intelligence and perhaps the most dramatic one is more intelligence competitors today anybody with a cell phone anybody with an internet connection can collect intelligence produce intelligence analyze intelligence and we're seeing this play out in real time with the war in ukraine these open source intelligence producers uh generating information about what's happening on the ground in ukraine now i have a picture here of the star wars cantina and it's to give you a sense that this is a wild world of people who come to intelligence from a wide array of backgrounds capabilities and motives now in the book i have a chapter that looks specifically at nuclear threat intelligence and looks at this emerging ecosystem of intelligence competitors and i'll just share with you a little bit about this world this picture that you have here is two members of the ecosystem one uh the guy smiling in the stanford building with the stamford red shirt on the left is my colleague sig hecker dr hecker is a nuclear physicist by training he's the former director of los alamos national lab he spent most of his career with high level security clearances and sig now is one of the leaders in open source nuclear threat intelligence he does everything without a clearance he produces for the general population and he's developed really important intelligence about among other things north korea's nuclear weapons program the other guy in the slide is also a part of this emerging open source intelligence world his name is jacob bogle he's a rare coin dealer who lives in tennessee and his hobby obsessive hobby is making a fantastic maps of north korea and its various military installations so a wide range from physicists to coin dealers in this world now let me take a step back and ask how systematically do these two worlds differ and what are the implications of this wild world where anybody can collect uh and analyze and distribute intelligence well if we think about the open source world or the ocean world on the left we know that people come from a wide array of backgrounds with different objectives some are hobbyists like jacob bogle some are former government officials some want to make money out of being involved in this type of work so they come from a wide array of backgrounds with different motives it's open to anyone anyone from any country with any background can join the quality control in this world is informal it's ad hoc it's voluntary which means that bad information can go viral much more quickly and much more easily and finally this ecosystem moves much faster so you think about the iran shed fire that i talked about at the very beginning david albright and fabian hines it took them a matter of hours to collect intelligence analyze intelligence put it into the world and get in front of a major policy maker at his press conference that same day so it moves much faster compare that to the intelligence bureaucracy our 18 agencies of our u.s intelligence community

there the objectives are more focused it's giving policymakers decision advantage people come with a narrower range of backgrounds uh you have to have a security clearance takes a long time to get through that process and to get hired uh and peer review is more formalized you know red tape has its benefits uh there's a more formal systematic mandatory peer review it doesn't mean intelligence is always right it does mean that it's more carefully vetted before it becomes publicly known or before it goes to policymakers and of course the whole system moves much more slowly so what are the benefits of this emerging world well the first key benefit is there are more people putting their talents to work trying to understand what's going on in the world they're more hands on deck the second key benefit is because this information is all unclassified it can be shared it can be shared between government agencies which is often a problem we think about 911 and the difficulty of connecting dots across agencies unclassified information can be shared within the us government and between different countries and finally the third key benefit is more diverse perspectives because you have a wider array of people and backgrounds looking at this kind of information so you know the typical saying that the optimist sees the glass half full and the pessimist sees the glass as half empty but engineering students at stanford i'm sure will tell you that the glass is twice as large as it needs to be there's a real benefit to having alternative perspectives on the same set of issues or data but there are real risks to this emerging world as well and we're seeing this already in ukraine as well with disinformation being peddled among this open source intelligence community the first key risk is errors can go viral and when they do they can sap the most important resource in washington which is attention right so the more that intelligence agencies have to debunk bad information being produced in this environment the less time they're spending on their primary missions there's a second risk of deliberate deception we can see this open world being a playground for deliberate disinformation uh at scales that we haven't seen yet and may be more likely in the future and then the third key risk is crises can become harder to manage now this may at first seem strange right we think a world with greater transparency and speed of information is generally a good thing but when it comes to crisis management transparency and speed can be very risky they can be very escalatory so we know from crisis management of the past like the cuban missile crisis the keys often to resolving crises are secrecy secrecy to negotiate face saving compromises and time to think time to develop policy options we know again from 1962 that john f kennedy was able to avert nuclear war because he had time to think 13 days and because he had secrecy to negotiate a compromise with the soviets a secret trade deal the soviets would remove their missiles from cuba in exchange for americans removing our missiles from turkey that missile trade deal from the cuba missile crisis was so secret nobody knew about it for more than two decades so i put just as a thought experiment imagine a cuban missile crisis today playing out on twitter and imagine the tweet says just in new peoplesat.com images show nuke missile sites in cuba hashtag crossing red lines well now leaders are backed into a corner now they don't have secrecy to compromise and they don't have time to think crises could become harder to manage in the future let me end with a little bit of the so what because part of what i'm doing now that i finished this book is working with congress and the u.s intelligence community about how can it the intelligence community be reformed to adapt this changing technological environment let me leave you with three thoughts about what we need to do for the united states intelligence community to do a better job the first is our intelligence agencies need to be able to understand emerging technologies better and how they're shaping geopolitics the second is that intelligence agencies need to be able to use new technologies better including open source intelligence so that they can keep pace with the change in the world beyond and the third key is that our intelligence agencies actually need to work with these emerging organizations and the dynamics of this open source ecosystem to develop norms and standards and training to shape how this ecosystem is going to work so that it can harness the insights of a much wider array of organizations and individuals rather than relying only on the us intelligence community i have some thoughts and recommendations about how to do that which i'm happy to go into into in q a but let me stop there and thank you all for the questions and the conversation that i know we're going to have thanks so much thank you for such an illuminating presentation how the intelligence community is meeting the challenges of the digital age let's jump right into questions we have a question here when will we learn how u.s intelligence helps ukraine and russia's 2022 invasion and are and what are we likely to learn such a great question so i'm going to give an answer that may be surprising we are learning now and we will never know right so what do i mean by that we've had more information declassified with respect to russia's invasion of ukraine than at any time in american history this is an extraordinary level of detail of persistence of granularity about what vladimir putin's plans were so you might recall uh before the invasion u.s intelligence agencies and the bind

administration released really stunning details including false flag operations right why did they do this i think the main reason they did it was to combat information warfare so what the administration essentially did was it got the truth out before the lie right it told the world watch out for what vladimir putin is about to tell you and don't believe it it's a con he says he's not going to invade but he is it was an extraordinary moment and i think it was pivotal to rallying the allies i think it was pivotal uh to informing the world and it was a real high moment for intelligence so we already know a lot about what intelligence agencies knew more than most events but will we ever know the full story of russia's invasion of ukraine and what role intelligence played probably not because the classified record is something that is hard to penetrate and folks inside the intelligence world often tell me often criticize and complain to me why do you always write about our failures and not our successes and i say well your successes are often secret but your failures are usually public so i think we know a lot today but we'll never know the full story of the role that intelligence played we have another question from richard um i wonder if you have any comments about the risk the internet of things devices posed to national security lots of inexpensive iot devices are being exported from china do those represent potential platforms for intelligence gathering or cyber attacks potentially millions of tiny trojan horses flowing into the west from china yes the short answer is yes so anything that is smart is vulnerable so cyber folks talk talk about this as the attack surface so you think about anything that connects you to the internet is an attack vector into your data right whether it's ransomware or whether it's turning your machine into uh you know a bot that can then uh create a ddos attack that brings down you know the grid or brings down uh other systems so and we think about these billions of devices around the world we are all loved to be more connected than protected so these consumer devices usually have pretty bad security so there's a question of the china supply chain which is a real concern but there's also the more fundamental question of these devices generally don't bake in security so you think about your um connected doorbell your smart bird feeder your fitbit your children's toys that have connectivity where you can record conversations all of those are attack vectors for nefarious cyber actors to do their job so think twice about how smart you want to be with your smart fridge or your smart toaster right those can be the first cyber attack with the refrigerator actually occurred almost a decade ago so this is not something that's sort of science fiction in the future these things have already happened here's a question from um [Music] andy chen what is the role of the intelligence community in our polarized political environment are we in danger of politicizing the ic either due to politicians misuse or use of it or the internal ic biases are there any safeguards you know this is one of the questions i found really interesting from my own students so my stanford undergraduates today is this question of how political the intelligence community is of course it's really important that they're not political at all because intelligence has to be seen to be objective for any president to trust in it to try to use it and so that's a real concern there's no question that the last administration really stressed uh the the and politicized the intelligence enterprise i think there's been a return much more of a return to sort of professionalism as a result of the past year or so i think there's real concern ongoing about the brain drain that left the intelligence community as a result of that period and i think there's also concern about the political statements made by former senior intelligence officials which are also often not helpful so when a former senior intelligence official talks in a very political way about a former president or a current situation i think that the tendency is for the american people to think that that's how they operated when they were wearing the hat being in office and they're not supposed to do that so i think the sort of political conversation both by the past administration and by former intelligence officials criticizing president trump former president trump has been unhelpful in that respect why did the chinese spying efforts get our mrna vaccines i'm sorry the question was did they why didn't chinese spine effort to get our mrna vaccines boy i wish i knew the answer to that question you know one of the reasons we don't know i think is that a lot of cyber activity is so highly classified and there's good and bad to that right so the phrase until the mid-2000s even the phrase offensive cyber operations the phrase was classified so this obviously impedes development of ideas of strategy of communication of bridge building with different sectors when something is so highly classified that's improving but the challenge with cyber is and the reason why we don't know the answer to that question is that once you use a cyber capability you can lose a cyber capability right because it's not like if i use an f-16 to drop a bomb somewhere and people know that i did it it doesn't mean my f-16 isn't workable anymore i can still use it the next time but with cyber defenses and cyber offenses if the other side knows what you can do they can render that ineffective or they can turn that weapon against you so there's a reason for this extensive secrecy in cyber and i suspect we won't know we may never know why the chinese weren't successful in stealing the mrna vaccine so this uh alum has another question with this chinese spine so extensively in the u.s shouldn't that make it easier for us to pass them false information and are there efforts in that direction yeah so you know a couple points on that you know the fbi director has publicly said uh that china is the most serious counterintelligence threat the united states faces on average the fbi has publicly said they are opening a new counterintelligence investigation related to china every 12 hours it is an enormous espionage effort undertaken by the chinese and it's not just government capabilities it's not just the security clearances which were stolen 22 million of them in a hack of a government agency it's vaccine research it's university research it's it's a commercial technology so it's a very serious challenge uh and um you know the question then is you know are we feeding them false information undoubtedly we are that's good counterintelligence right is to uh raise doubts about the information that an adversary may be getting uh but this is a really serious concern and obviously there's um concern in the bite administration about how to prosecute counterintelligence well without creating um a xenophobic overreaction that uh cast suspicion on foreign scholars studying in the united states unfairly or folks of chinese descent that are academics or in commercial enterprises so there's real concern about that too and striking the right balance between not being overly zealous and depriving people of their liberties while not being overly naive and letting chinese espionage go without a defense here's kind of a fun question did you uh did you watch the tv series the americans and if so how accurate was it i did watch the tv show the americans i like spy themed entertainment as much as the next person i hear i mean i haven't done a lot of research on the americans i hear it's actually fairly realistic right we know there have been sleeper cells in the united states uh for a long period of time there was a big cell that was discovered and rounded up about a decade ago you might remember the news reports about that one of them was a real estate agent no one knew that they were actually russians they looked like real americans um so there is some realism to the americans but i i have not uh dissected it with a lot of attention about just what is real and what isn't what impact will the new space force have on american intelligence so space force is a really interesting development so for those who haven't been following this closely it's a new service it's split from the air force and what it reflects is that space is a contested domain so we've talked about cyber security but we think about really all of our cyber capabilities rely on space-based assets so when you go to your atm you need space-based assets for that atm to work when you use your gps right or you're using google maps you're relying on satellites uh and so we need a space force today the argument goes because so much of space is now um being contested there are anti-space capabilities being launched into space and there are anti-space capabilities from the ground this is a even more highly classified area i would argue than cyber in general but you can divine from intelligence public threat assessments and speeches that the chinese and the russians are particularly active in anti-space uh capabilities so destructive uh capabilities of sort of blow up satellites which causes space debris and a whole host of other problems uh and to uh degrade the capabilities of satellites to work in times of conflict so space force is going to be a really important development from not only an intelligence perspective but a national security perspective here's a question can you elaborate on mossad's reported assassination assassination of iran's top nuclear scientist using an ai assisted remote controlled machine gun yeah this was a very interesting story in the news of i mean it felt like it was something right out of a a movie i only know what was reported in the news i can't you know say anything more from the classified realm but we know the israelis are very good some of the best at harnessing technology and using technology for military and intelligence purposes and there's been long been suspicion that israel has been conducting covert action programs to degrade iran's nuclear program including the sudden deaths of a number of iranian nuclear scientists so this was a from from public reporting a really dramatic and very sophisticated operation with uh an ai um capable or ai driven machine gun as part of this really elaborate operation i wish i could say more about it but there just really hasn't been more declassified about it here's a question from bill how much of our intelligence spending is on cyber versus traditional old-fashioned intelligence gathering is cyber soon being the vast majority we don't know the answer to that question because we only know the top line of the intelligence budget that's declassified and and that for years was there was arm wrestling over even whether that number should be made public uh so we don't know we i wish we could break out intelligence spending by topic area that would be very useful for us to know uh but it would also be useful for adversaries to know which is why it hasn't been declassified you know that question raises um i think a broader question which is how do we know what we know about u.s intelligence so i've mentioned a number of times you know that's classified i don't know the answer to that but the reality is that compared to other countries u.s intelligence agencies declassify much more than any other country in the world we know much more about our 18 how our 18 intelligence agencies operate than the british do than the israelis do than our other allies do so uh you know i still complain as an outside researcher that much too much is classified i think classification inhibits national security it inhibits our understanding of what intelligence agencies do and how they can improve but if we take a step back it's really remarkable actually how much our intelligence community does reveal about what it does that's a question are you familiar with the the 2012 book castro's secrets by brian littell it recounts the 1987 defection to the us of a top cuban intelligence officer florentino i think it's aspiaga who explained that cuban intelligence had been running rings around us for the previous 30 years that every last one of our four dozen us buys in cuba were actually a double agent loyal to cuba and run personally by fidel castro is this book credible so i haven't read the book but i can say you know there's been a lot of analysis of cuban intelligence and so people may be surprised to know that cuba has long been one of the most active foreign intelligence services targeting the united states and we do know that there were a number of moles in the u.s government that turned out to

be spine on behalf of cuba so people who posed as intelligence officers or members of the us government who were in fact double agents and working on behalf of the cuban intelligence services and we also know that some of those people several of those people in fact passed their polygraph tests while they were actually betraying the united states so this is something i was just talking to my students about last week about counterintelligence and the widespread use of the polygraph how do we know traders how do we catch traders uh and there's a big debate about polygraphs and one of the examples often used is uh so many of these cuban assets actually passed their polys as did rick ames perhaps the most damaging mole inside the cia in history so he betrayed secrets to the soviets and then the russians and at least 10 of our sources in russia were executed as a result of his treachery so there's a lot of public information about cuba's intense spying efforts in the united states and absolutely uh counterintelligence failures with respect to a number of cuban agents inside the us government here's the question we have not experienced a significant cyber attack from russia since the start of the ukraine war some analysts say that russia doesn't want to do this because it would reveal their capabilities and the u.s would learn how to defend against it do you think this is correct i think this is such a crucial question and many colleagues and i have been talking about this and thinking about how we can learn from this episode and what research we need to take because it really turned a lot of expectations on their head so the conventional wisdom among the cyber expert community was cyber would go hand in hand with the beginning of kinetic or physical conflict that we expected i too and i was wrong expected that putin would be launching a lot of cyber attacks at the start of this war because of course ukraine has been his cyber test bed for years so putin has tried a number of cyber things out in ukraine he turned off the grid through a cyber attack twice two years in a row uh he's meddled with disinformation and ddos attacks on various uh ukrainian sites for years so but we didn't really see as much as we expected to see so what's going on one hypothesis is actually putin did try but the u.s cyber command there's been some revelations and congressional testimony was sort of on the job and providing defensive help to the ukrainians long before the russian invasion so cyber command is made public that they were pretty active in helping defend ukrainian networks so maybe putin tried and the defenses worked that's hypothesis number one hypothesis number two is exactly what the questioner said which is that well maybe putin actually didn't want to use cyber weapons and there's a lot of evidence to suggest that that may be true as well because we know that he thought it would be a fast uh sort of uh coup essentially that it would that the invasion would be quick uh that it would be a lightning strike and he didn't need to use cyber weapons so why reveal the cyber capability if you don't need to excuse me so that's possible too the third hypothesis is he's going to use them in the future he hasn't used them yet that doesn't mean he won't so we see a lot of announcements by the us government to batten down your cyber hatches because just because putin hasn't used a weapon in the past doesn't mean he'll continue to restrain himself from using that weapon in the future but we just don't know enough and it's a really important question for cyber experts to better understand the actual use of cyber weapons in a physical conflict the question from audrey how does the intelligence community relate with groups like anonymous anonymous is an interesting hacking group so when we think about you know as i talked about this world of more players that can do more things i put anonymous in the sort of you know the threat landscape picture so it's not just countries or nation states that are allies or adversaries or competitors or partners it's this loose arrangement of organizations that cross national boundaries or even individuals some of them are for hire some of them are driven by like anonymous by ideological reasons and so that crosses all of these boundaries right so what are bad guys doing in cyberspace what are good guys doing in cyberspace who does the us government partner with who are we concerned about it's not just governments anymore and so i think the big picture here is that the relative advantage of u.s intelligence agencies is

declining more non-state actors more non-state groups can do the things that governments used to be able to do that means our intelligence agencies are relatively behind the curve instead of in front of the curve looking to the future what are the companies like twitter and google doing to assist or obstruct u.s intelligence and will they be called on by foreign governments to help them as well so there's a lot that happens behind the scenes you know one of the things that i think is really important to um for folks to know is i call this the canary in the coal mine the canary in the coal mine of this technological moment of reckoning for intelligence was the 2016 election interference by russia in our presidential election and the one part of russia's election interference that u.s intelligence did not detect the one part was the use of social media right so how did how do we know about facebook's false accounts that turned out to be russians facebook right u.s intelligence community didn't pick that up there were we now know russian operatives that were sent to the united states to learn how to be more effective with their social media manipulation russian intelligence operatives came to the us at least two years before that election to figure out how to do that better so this is a big deal and social media is a disinformation superhighway and so the challenge there is you know how can they work better with the us government how can they work better to uh clean up their own platforms there is more collaboration today than there has been in the past no question about it it's gotten a lot better but that's not saying a whole lot because it used to be terrible right after the edwards note in revelations there was a real distrust between tech companies and the government that's gotten a lot better because we all can see the threat landscape and the challenge to our democracy so it's better the collaboration but to the second part of the question foreign governments do make demands on these same companies they demand access to data they demand data localization and so this is a real challenge for companies because of course they have global markets they have global shareholders and they have global employees but they're american companies too so how to reconcile these global interests with the national interest is an ongoing uh challenge for these companies and for the us government what are the odds that some electronic devices in my house is listening to me 24 7 is reporting back to some foreign or u.s intelligence you know i don't want to make people too paranoid but i would say if you don't need to have a recording device on i would unplug it and turn it off i mean we know right from public reporting that you know these devices can record you even when they look like they're turned off we also know that really dedicated cyber attackers can insert malware into your phone and turn your phone into a recording device and you have no idea that that's the case there's public reporting about uh the nso group which is an israeli company that has spyware called pegasus that was sold to governments around the world and we know now has been used against dissidents in their own countries so you know i try to turn all those things off i don't want to make people too paranoid that everyone's listening to your every phone call but i will say this and i think this is really important which is that there are real legal restrictions that prevent the national security agency from listening to your phone calls right so the nsa is not allowed by law to listen to the content of your call with your grandma right except under extremely narrow conditions that are overseen by the judiciary by the executive and the legislative branches so i think after edward snowden there was a widespread misperception that nsa was listening to content right of your phone calls that was not the case uh and nsa is a foreign intelligence agency it's trying to listen into phone calls abroad you bet they are that's their job and it's trying to collect emails abroad but it is really restricted from doing those kinds of activities on americans on american soil to the extent active disinformation is an act of influence an adversary in thought or action and thus in circumstances more policy enactment than intelligence collection what are the mechanisms guiding the active use of disinformation i'm not sure whether the question is the active use of disinformation against the united states it sounds like um what are the mechanism guiding the act of the use of disinformation to influence an adversary in the thought of action so i think a lot of you know what you think about typical intelligence it's not necessarily disinformation but it's sowing distrust can you trust the people in your inner circle can you trust that your computer systems are functioning as they're intended simply generating that distrust can provide enormous benefits so if we think back again to revelations by the us intelligence community about the truth right what was vladimir putin up to i think a secondary objective beyond just the information warfare getting the truth out before the lie a secondary objective is doing what what is called creating friction right and this is a page out of cyber commands playbook so cyber command has a strategy called defend forward and what that strategy entails is getting into networks of an adversary to make it harder for that adversary to operate i think that's actually what the intelligence disclosures with vladimir putin and the ukrainian invasion were in part designed to do so vladimir putin a kgb guy you can take the man out of the kgb but not the kgb out of the man you have to imagine that he's stewing in his juices about how do the allies know this information who can i trust in my inner circle who should i arrest who should i imprison what computer systems might have been penetrated and how do i know what i can trust and what i can't that's enormously beneficial to the united states that he's worried about that and feels like he can't trust systems or people so i think in terms of rather than disinformation i think of really causing distrust among an adversary and who and what they can count on to deliver information to themselves and that's all a part of this five versus spy battleground the question um in recent years there are a lot of their lots are stanford grads who are going to work for the cia or other intelligent agencies is intelligence becoming a more popular career for stanford students i don't know i mean i don't have the data to know you know five years ago it was this number and today it's that number but i will say i think there is an enormous interest in impact right undergraduates today really care about making a difference in the world and they will do that based on what they hear from different organizations about how they can most achieve that impact in the fastest way possible i will tell you in my class i had no idea how many students would sign up for it i thought maybe i'd have protesters i didn't know what i was going to get a class about espionage on a university campus you just don't know what the reaction is going to be and when i posted the class online it was full within nine minutes right so there is just an enormous interest i think in these issues i think there's an enormous interest in how we can make the world a better place and i think some many students think that maybe that could be through government service at some point in their careers doesn't mean a lifetime in government agencies but making government service part of their portfolio of activities throughout their lives i think is is pretty attractive to a lot of students today and for our last question what protections do you personally take with your internet digital devices well you know the one sort of mantra i always tell myself is the best technical the best defense against technical intrusion is often a non-technical move so i think we often think that we have to have technological fixes to technological problems so when i was writing this book for example i had a hard copy of my manuscript the most up-to-date version of my manuscript because you might remember there were actually a lot of cyber attacks on draft manuscripts for reasons i don't understand but there were that would either hold them for ransom or change them and so the best defense for me was to have a hard old-fashioned copy of the entire manuscript because that was 10 years worth of work and i didn't want to lose it in a cyber attack so i do things like non-technical solutions to technical problems facebook by the way does the same thing right the ultimate fail-safe for them if their servers go down paper manuals to figure out how to get them back up and running so i take basic steps like uh two-factor authentication uh when i travel to a place where you know there's going to be a lot of cyber activity like hong kong or china i don't bring any of my own devices none of them i have a different phone i have a different gmail account i have a different telephone i'm really careful when i travel about what i do and i don't like to connect to public net networks ever those are kind of the basic things if you had to pick two-factor authentication it's free on gmail don't ever use gmail without two-factor authentication it doesn't take that much time alright so you can see tony you need to go and do that get your two-factor authentication on your gmail uh have good passwords right that isn't password or your dog or your birthday right and just remember to have non-technical backups to the things that are really important to you again thank you amy for joining us for your amazing presentation well thanks so much for having me

2022-05-04 05:23

Other news