20th century laws cannot effectively deal with 21st century threats
Speaking at CSIS, Mr Brannen made clear that despite recent frictions, in the field of intelligence, America’s alliances were intact.
“I am sure that we will talk more about ISIL in the question and answer session, but let me note that the grave threat posed by the phenomenon of ISIL makes it absolutely imperative that the international community urgently commit to achieving an even greater and unprecedented level of cooperation, collaboration, information sharing, and joint action—in intelligence, law enforcement, military, and diplomatic channels. The ISIL threat demands it.
At CIA, we work closely with foreign intelligence security services around the globe to advance our shared counterterrorism goals. Over the course of many years, we have forged broad and deep partnerships with our closest allies in Europe such as Great Britain, France, and many, many others. These strategic relationships have been instrumental in helping to knit together a transnational architecture that allows counterterrorism officials and experts to work closely together across sovereign borders to disrupt terrorist plans and activities. And while many terrorist operations have been thwarted as a result of strong transnational teamwork, tragically, not all terrorist plans are uncovered in time.
These strategic counterterrorism relationships need to stretch far beyond the traditional trans-Atlantic environment and alliances, which is why we are working closely with so many services in different parts of the world.”
The director singled out Russia and Egypt as two essential partners in the fight against terror:
“For instance, we are working very closely with our Egyptian partners, who are working tirelessly to prevent ISIL terrorists from launching attacks that are aimed at derailing Egypt’s political reform initiatives and economic development objectives. I reiterated our commitment to strengthening our counterterrorism partnership with Cairo in a call to my Egyptian counterpart this past weekend.
And while Washington and Moscow have significant policy differences on how best to bring the bloodshed in Syria to a close, I have had several conversations with one of my Russian counterparts over the past several weeks about ways to strengthen U.S.-Russian counterterrorism cooperation, specifically on the ISIL threat.
These relationships are an essential adjunct to diplomacy and military operations. By working with our foreign partners, we enhance global security by helping them tackle challenges that threaten us all. And we benefit from a wider net of collection and from the insights of local services, all of which enhance the intelligence we provide to policymakers.”
Global instability is on the rise according to Brannen, and has now reached a level last seen in the 1960s during decolonization. Many parts of the world, including Syria, Iraq, Ukraine, Yemen, Libya, and parts of Africa are shaken by brutal conflicts. Mainly this is due to nationalistic, sectarian, and technological factors which are working against the established international system. Socio-economic trends and climate change exacerbate the situation. Mr Brannen cited three examples of such destabilizing factors: The unraveling of the post-cold war order, global economic weakness, and the rapid advance of information technology and the threat of cyber attacks.
“First, the ideas, institutions, and states that have undergirded the post-Cold War system are under significant stress. It is easy to think of this as a phenomenon confined to the developing world, and that is certainly where we see states that have actually failed, and borders that no longer carry any practical effect, such as the border between Syria and Iraq. But there is considerable stress on governments in even the world’s most stable regions.
In Europe, for instance, the migration crisis, sluggish economic growth, and a host of other factors have given rise to heightened nationalism, secession movements, and the increasing popularity of political parties on both the far-right and far-left. Even ideas that were the pillars of the Continent’s postwar prosperity—such as economic integration and democracy itself—are being questioned in some quarters.
Across the globe, in both authoritarian and democratic societies, governments are finding it increasingly difficult to meet the demands—realistic or not—of their skeptical and restive populaces. The so-called Arab Spring revolutions were not fought for democracy per se as much as they were fought for relief from regimes that had failed to meet basic standards of governance and civil society.
And as we have seen, when people become disillusioned with the powers that be, social media enable them to more quickly and easily form associations that defy the status quo. And in part, that is why the global landscape has been changing at a faster, more disruptive pace.
How nations respond to these challenges, adapt to them, and evolve will be one of the great plot lines of this century.
When I meet with my foreign counterparts—from both friendly and not-so-friendly governments—I sense a very real apprehension about instability and its various manifestations: terrorism, humanitarian crises, proliferation, and so on. Interestingly, I hear these concerns even from officials representing governments whose policies are quite arguably contributing to the problem.
In Europe, anxiety has risen in states along Russia’s periphery after Moscow demonstrated its willingness to use military and paramilitary forces in Ukraine. And in the South China Sea, tensions persist as China unilaterally pursues its territorial claims, including actions that rival claimants perceive as violating their sovereignty.
At the same time, the principle of democratic governance is under siege. For the ninth consecutive year, Freedom House in 2014 reported more declines than gains in the quality of democracy worldwide. Worsening ethno-sectarian and socioeconomic strains are eroding democracy, as is the rise of a more sophisticated form of authoritarianism that forgoes brute force and heavy-handed propaganda in favor of media manipulation, ubiquitous surveillance, criminalization of dissent, and controlled elections.
Second, the resumption of strong, sustained growth in the wake of the 2008 financial crash and Eurozone crisis has been elusive for some of the world’s largest economies. Even China’s economy, with its seemingly endless potential for growth, is slowing.
In many developing societies, growing pessimism about the prospects for economic advancement is fueling instability. Regions with burgeoning youth populations, such as the Arab world, have been unable to achieve the growth needed to reduce high unemployment rates. Perceptions of growing inequality have resulted in more assertive street politics and populism. At the same time, slower growth has left these nations with fewer resources to devote to economic, humanitarian, and peacekeeping assistance to address these challenges.
Mankind’s relationship with the natural world is aggravating these problems and is a potential source of crisis itself. Last year was the warmest on record, and this year is on track to be even warmer.
Extreme weather, along with public policies affecting food and water supplies, can worsen or create humanitarian crises. Of most immediate concern, sharply reduced crop yields in multiple places simultaneously could trigger a shock in food prices with devastating effect, especially in already fragile regions such as Africa, the Middle East, and South Asia. Compromised access to food and water greatly increases the prospect for famine and deadly epidemics.
And finally, the rapid advance of information technology has given rise to an entirely new and wide-open domain for human interaction and progress: the cyber realm.
As an intelligence officer, much of my job involves dealing with the unintended consequences of the cyber revolution. For as much as it brings the world together, it also serves the purposes of those who wish us harm.
Of greatest concern, the cyber realm gives small groups and even individuals the potential to inflict damage on a scale previously restricted to nation-states. And while states are largely rational actors subject to deterrence, the same does not apply to terrorists and criminals.
Both government and private networks are under constant attack. The Department of Homeland Security reports that more than 640,000 cyber-related incidents affected federal agencies in fiscal year 2014. The massive and prolonged hacking of employee records held by the Office of Personnel Management underscores the intensity of assaults on government IT systems. And I am all too familiar with the ease with which miscreant hackers can use social engineering techniques to perpetrate criminal intrusions into personal email accounts and information technology and communication systems.
Unfortunately, there is every reason to expect cyber intrusions to increase in quantity, cunning, and impact. For one thing, the economics of cyber attacks are skewed to favor the attacker.
“Exploits,” or malicious software tools, are easily acquired. In fact, their prices are falling dramatically in some criminal markets, not because of declining demand but because of an increasingly competitive marketplace. These exploits can be reused on multiple targets, and the likelihood of detection and punishment remains low.
And while the vast majority of cyber attacks target money, proprietary information, and privacy itself, we need to realize that the range of potential targets is much greater. We simply cannot discount the very real possibility of attacks against vital infrastructure—utilities, transportation, and other essential underpinnings of modern civilization.
The world has changed dramatically since I first raised my hand and swore an oath of allegiance to the United States Government as a 24-year old newly minted CIA officer eager to make a difference in August of 1980. I remember vividly taking a seat at my first desk on the sixth floor of our Langley Headquarters, putting my fingers not on the keyboard of a computer but on the keys of an electric typewriter, which was quite high tech at the time.
Thirty-five years later, our lives as well as our fingers are inextricably linked to the cyber realm—the new digital frontier, where most human interactions, transactions, and communications take place. And while that digital environment holds tremendous potential and opportunity for the further advancement of humanity, our increasing dependence on it brings obvious risks and challenges.
To deal with those risks and challenges, reactive strategies are insufficient. There has to be systematic learning, informed by constant information sharing, so that one organization’s detection becomes another’s prevention.
In other words, countering cyber threats is very much a team effort. And a crucial point to bear in mind is that about 85 percent of the Worldwide Web’s critical infrastructure is held by the private sector. This is a privately owned and operated environment in which the rules remain uncertain at best.
A number of federal efforts in recent years have promoted the sharing of cyber threat information between the private sector and government. DHS and FBI, for example, have programs to share cyber threat information with a broad community of industry stakeholders.
We should be sharing a lot more information than we are as a nation, but programmatic, technical, and legal challenges—as well as concerns about privacy and the role of government—have hampered progress. Congress over the past few years has tried, so far without success, to pass laws addressing the need for comprehensive cyber policy, especially on information sharing.
The fact is, 20th century laws cannot effectively deal with 21st century threats.
Within the past few weeks, the Senate passed the Cybersecurity Information Sharing Act, or CISA, which is roughly similar to two bills passed in the House. We may see a conferenced bill by early next year, which would be an important step forward.
And as our country deals with this issue—and, specifically, the security and privacy concerns that revolve around information sharing—it is important to note that security and privacy are not mutually exclusive. The benefits of improved information sharing can be achieved in a manner that protects privacy and civil liberties.
My hope is that America—ideally, along with our allies—can eventually adopt a comprehensive legal and operational approach to this threat without being forced to by a catastrophic cyber attack, in the same way that 9/11 forced our country to integrate its national security assets in a more rational and effective way against terrorism.”
Mr Brannen closed by emphasizing that he aimed for the CIA to adopt “digital solutions into every aspect of our work”, and urged that: ” if we are to excel in the wired world, we must place our activities and operations in the digital domain at the very center of all our endeavors.”