Senior Advisor, Hakluyt & Company; Former Deputy Director, National Security Agency
Senior Counselor, Beacon Global Strategies; Former Deputy Director, Central Intelligence Agency
Senior Fellow and Professor of Political Science (by courtesy), Freeman Spogli Institute of International Studies, Stanford University; Davies Family Senior Fellow, Hoover Institution
Washington Bureau Chief, Time Magazine
Panelists discuss the advanced threats facing intelligence agencies posed by breakthrough technologies, and how the intelligence community should adapt to sustain a strategic advantage in a rapidly changing technological era.
CALABRESI: Welcome, everyone. Welcome to this evening’s Council on Foreign Relations meeting. The subject of tonight’s meeting, as you know, is a National Intelligence Strategy for the New Technology Age. I am Massimo Calabresi, the Washington Bureau chief for Time Magazine. I’ll be presiding. We are fortunate to have with us three outstanding panelists for our discussion.
On the far right, Rick Ledgett, ended a nearly thirty-year career at the National Security Agency with a three-year term as deputy director from 2014 to 2017. He is now senior advisor at Hakluyt & Company. Mike Morell worked at the CIA for thirty-three years, serving as deputy director and acting director from 2010 to 2013. He’s now a senior counselor with Beacon Global Strategies. And we’re fortunate to have Amy Zegart, a senior fellow at the Hoover Institution and Stanford University, who co-authored with Mr. Morell an article on the subject of tonight’s meeting in the most recent issue of Foreign Affairs.
So we’re having this conversation at an extraordinary moment in the intelligence community, as Amy and Mike point out in their recent article. The intelligence community is scrambling to stay ahead, and trusted, and relevant at a time of rapid technological change. But we should also be blunt that this is a particularly fraught moment for the intelligence community generally. The relationship between the intelligence community and its overseers is perhaps at a nadir in the post-Watergate period. The Justice Department has at least two, three investigations underway into whether members of the intelligence community spied on President Trump’s presidential campaign. And the community has what can, at best, be described as a troubled relationship with the president.
But I’d like to start with the technological questions and then pivot to broader questions of trust as we—as we move along. So starting with you, Rick, is the intelligence community losing its long-held technological advantage over adversaries thanks to rapid developments in the technological realm?
LEDGETT: Yeah, I think that that’s certainly the case. Not through a lack of effort, but because outside of the intelligence community the technological developments have taken off in just amazing ways. So many people around the world are doing so many different things with technology, that what used to be what we called inside the fence line was leading technological space, now outside the fence line is at least as good, and often better in some cases. And there’s certainly a lot more of it.
CALABRESI: The fence line being internally developed technologies?
LEDGETT: Yeah, that’s right.
CALABRESI: Got it.
LEDGETT: I mean, up until the early ’80s, NSA was the best computer developers in the world. We had better computers than anybody else. That switch flipped in the early ’80s, and now the best computers are typically outside.
CALABRESI: Got it. Does that apply also for quantum computing, while we’re on the subject?
LEDGETT: So quantum computing, if you haven’t read the federation—or, the National Academy of Science’s consensus paper on quantum computing, you should. They basically highlighted a lot of really good work. They said, we’re a decade away. There’s a whole lot of really hard research problems that have not been found to make a—what we would call a cryptographically relevant quantum computer. That’s one that has—
CALABRESI: I see. As for cracking or making encrypted—quantum-encrypted messages.
LEDGETT: Right. Right. There’s a lot of really hard problems that are yet to be solved.
CALABRESI: Got it. And so jus following up, what are the most disruptive technologies, from an IC perspective today, that you’re looking at?
LEDGETT: Yeah. So I think there are three. And unless you’ve been living in a cave for the last year, you’ve heard a lot of talk in the press—in the popular press about them. One is fifth generation wireless, 5G. Another one is the Internet of Things. That’s all the little devices that are going to be connected to the internet and to the 5G network that are going to telemeter everything on the planet, just about. And the third one is artificial intelligence, which really means machine learning. I think Amy’s going to talk a bit about some of the pitfalls of machine learning. But those three technologies, there are three aspects that are really relevant to the intelligence community for all three of them.
First is the intelligence community’s ability to use them in its mission. So to use machine learning for analysis, to use IoT devices to monitor things that we want monitored. Second thing that’s relevant to the IC is adversaries use of those technology, because that gives us an opportunity to work against those in order to produce intelligence. And the third one is adversaries’ use of those technologies against us—in other words, vulnerabilities in the technologies that we as a nation use. So think of it as a three by three matrix, with the technologies and the three uses.
ZEGART: So let me just jump in, since Rick invited me to jump in, essentially. (Laughter.)
ZEGART: So one of the points that Michael and I make in the article is that outside the fence line is really everybody, right? So artificial intelligence, the proliferation of the three key enablers for AI and machine learning in particular are the coding algorithms, right, which are now available to everyone, and in the past five years have gone from academic papers to open-source code, to downloadable apps that a high school student without computer science training can actually use, right, for deep fakes, for example. So you need that. You also need computing power, which you can now get from Google for thirteen and a half cents an hour. And then you need the training libraries, the images, the detailed large libraries on which to train the algorithms. Those too are widely available.
So I had a student who did research looking at fifteen thousand, the leading AI papers created in the past five years. Eighty-five percent of them used one of four training libraries, right? So this genie is out of the bottle. Everybody can access these key enablers. It’s not just a near-peer competitor situation. It’s anybody can use this. So one of the points that we make in the article was that this and other technologies, the effect is to level the intelligence playing field, and not in a good way for the United States.
CALABRESI: So does that mean—does that mean that the traditional state actor target for the intelligence community is no longer so relevant, because everybody can get it? Or does it mean that the state actor is now, once again, the primary concern for the intelligence community?
ZEGART: Well, it’s both, right?
MORELL: It’s both. It’s both. Let me just—let me give you my own three. I’m not as sophisticated. I don’t have a three by three matrix. (Laughter.) I’ve just got three main consequences of this rapid technological change for the IC. The first is what it does to our capabilities. So it can both enhance them, and it can undermine them, right? And we want to—we want to mitigate that undermine and we want to take advantage of those that create opportunity. The second is what it does for the adversary. And here, we’re talking about both nation-states and we’re talking about non-state actors. And again, it’s the same thing. It’s what advantages does it all of sudden give them, right, to be able to have some of these same tools we have. And then how could we take advantage of the fact that they’re using these things, right? So it’s the vulnerabilities that are created by them using it.
But there’s a third one that we really didn’t talk about in the piece, which is that the intelligence community now has a responsibility that I don’t know whether it’s capable of handling right now, and that’s to understand the technological developments that are taking place outside the United States. So today I know that the IC has world-class physicists who look at nuclear weapons programs, and world-class missile engineers who understand North Korea’s missile program and Iran’s missile program. But do we really have the people who are capable of understanding what the Chinese are doing with machine learning or with quantum computing, right? It’s a skill set that I don’t think the IC—I don’t know for sure, I haven’t been there for six years, but I don’t think the IC is probably where it needs to be.
CALABRESI: Amy, you’ve been talking a little bit elsewhere about the challenge of hiring good people for that. What is the impediment to getting people who can address those challenges?
ZEGART: So I think there are—first, I think that’s one of the areas that we did put in the paper, is that it’s not just about technology, it’s about human capital. Intelligence is fundamentally a human capital enterprise. And we have to get that right. There are many impediments to getting the right mix of people in the intelligence community today. I’ll give you just anecdotally, three top students that I know personally at Yale and Stanford wanted to go in the IC, two are cyber experts one’s a nuclear expert. None of the three of them are going into the IC because of the pain points of recruitment are too high. And the pain point was start date. You can’t make this stuff up. The start date did not accord with when they were graduating, or it didn’t work with when they got their clearance. And so the pain point to get people who want to go in the IC, the pain points are too high.
The second key problem is that when you’re talking about building the bridge to Silicon Valley—this is true not just at the IC, but it’s also true of DOD, and I’ve been talking a lot about this—that the messaging is wrong. That it’s usually a dichotomous messaging: If you want mission, come work for the government. If you want to make money, go to work in the private sector. That message falls flat. And there are a number of computer scientists, and STEM experts, and people you’re talking about, that can identify these things, that could be recruited if the messaging is right. I always say, undergraduates will tell you anything for a slice of pizza, right? (Laughter.)
So if you do, which I did, focus group with computer science majors who had never thought about working for the U.S. government before—either the IC or other agencies—and you say: What do you want? What do you think of this message? They say, we want impact. We care about making impact, we just think we can do it better and faster outside of the U.S. government than inside the U.S. government.
CALABRESI: Well, let me ask, because at least in the cohort of college students and Millennials that I interact with, there is a real outstanding trust issue as well with the intelligence community. Can you all address the larger question of trust between the community and young people, maybe that you’re trying to recruit or, in the case of many of the tech challenges, the trust deficit with some of the private sector players, whether that’s over vulnerabilities and the question of the NSA sharing vulnerabilities with the private sector, which has been a contentious issue, or some of the revelations that came out around Snowden, and so forth, over time?
MORELL: So let me make two points. The first is, I want to push back a little bit on this—on the IC not getting the right talent. At least at CIA, and the same is probably true at NSA, the numbers of applications and the quality of applicants is breathtaking. Now, having said that, I do know—I do know of serious trust issues on college campuses with regard to the IC, thanks to the Snowden disclosures. But also, more broadly, with the U.S. government. And it’s fascinating to spend time on college campuses and listen to kids talk about the U.S. role in the world. And when I was in school, we didn’t question that the U.S. role in the world post-World War II was a largely positive thing. Did we make mistakes? Absolutely, but largely positive. Most kids on college campuses, at least at elite universities, now question that proposition, and I think as a result of the Iraq War. But it’s both—it’s both of those things that are holding some of the best kids—and I know some students from Stanford, for example, I had a similar experience as Amy—are not raising their hand and saying: I want to work for the IC.
CALABRESI: Well, look, I got to jump right in on that, because that was the case, as you say, in the whole post- Snowden period. We now have a downward spiral in which the post-Watergate compact between the congressional overseers and the intelligence community, whereby the intelligence community agreed to share all of its secrets with the people’s representatives in exchange for a pledge from the politicians that they wouldn’t use those secrets for political purposes. And that was the way that we got past Watergate. That compact is now, if not broken, extremely stressed. And every day you see another politician using intelligence material for the purposes of trust. So from the intelligence community’s perspective, how do you begin to rebuild trust with the American people in this environment?
MORELL: So, look, I think—I think the answer’s pretty simple, is transparency. I think that the intelligence community historically has kept the fence line too close and not shared enough with the American people about what it is we do, and why we do it, and what do we get right, and what don’t we get right. And we get—you know, when we don’t get something right, what do we do? And to make sure we don’t get it wrong again. I think there’s room to push the fence line out, and to have a broader conversation with the American people. And in doing that, you build trust with the American people. And I actually think you make it easier to protect the secrets you need to protect.
CALABRESI: High fence around a few secrets.
MORELL: Yes. I really believe that. And so what in essence I’m suggesting here is that—is that since the intelligence oversight process isn’t working exactly like it’s supposed to, I’m talking about going over it, right, and having a conversation directly with the American people.
CALABRESI: That’s interesting.
Rick, I’m sorry, I do have to ask you about EternalBlue, while we’re on it, and the question of patches and sharing information with the private sector, because that is—of course has been a trust gap between the government and Silicon Valley.
LEDGETT: Yeah. So there’s a public narrative out there that’s a little bit mistaken. There’s this assumption that the government has massive stockpiles of zero-day vulnerabilities. It’s just not true. So Rob Joyce, who ran our tailored access operations organization, our white hat hackers, if you will, and also ran the information assurance directorate at NSA responsible for protecting national security systems, said when he was doing his hacking for the U.S. government job he didn’t have to use zero days because, guess what? Computer security is such bad shape you don’t need to.
CALABRESI: That makes sense.
LEDGETT: There are so many ways into a system you don’t need zero days, and so why store them up if you don’t need them? So—
CALABRESI: I see.
LEDGETT: So that’s a little bit of a mischaracterization in the press.
CALABRESI: Yeah, EternalBlue, there is the question out there of whether or not it’s been used in the Baltimore ransomware attack.
LEDGETT: I think pretty definitively the technical community said—defined that as not being true over the last week or so.
CALABRESI: OK. Amy, you had a—
ZEGART: So just a couple of points on the trust issue. Part of the problem with the American people is that adult members of our community get their education about the intelligence community from entertainment, right?
ZEGART: It’s spy-themed entertainment, and I actually have done some polling, and there is a statistically significant relationship—a strong one—between people who consume spy-themed entertainment and their extreme views on a whole host of hot-button issues from enhanced interrogation techniques, rendition, et cetera, so—that doesn’t mean that it causes those views, but there is a tight connection there. So to move the fence line out if the IC does that would be very important because the only other source of information about the IC is Hollywood, right? And we know that Hollywood is not really careful about getting the facts right.
So the other player in this story is educational institutions, so if you look at the top twenty-five universities ranked by U.S. News and World Report, more of them offer courses on the history of rock and roll than they do on intelligence, which I love to use because—
CALABRESI: Well, rock and roll is important. (Laughter.)
ZEGART: But it means—intelligence is more important.
Students today have a better chance of learning about U2 the rock band than U2 the spy plane. (Laughter.) So academic institutions—right? That’s true. Academic institutions have a role to play in educating the public.
MORELL: You want to take her class, don’t you? All of you do.
LEDGETT: Yeah, yeah. (Laughter.)
MORELL: Can I just add—
CALABRESI: Yeah, please.
MORELL: —one point on my transparency—my transparency argument? The need for transparency is happening at the very time that the leadership of the intelligence community feels it needs to keep its head down, right, because of the politics that we live in.
MORELL: No matter what they say, they get shot at one way or the other. So at the very moment we need transparency, there are strong disincentives for the leadership to get out there and—
LEDGETT: Can I argue a little bit against transparency and argue for translucency? (Laughter.) I think you need—people need to be able to see the outlines of what we do. They need to understand authorities, need to understand the controls in place; the set of laws, and regulations and oversight processes, and those sort of things; and the cultures of the organizations, and how much time and attention people really do spend on protecting privacy of innocent people—whether they are U.S. citizens or other people—an incredible amount of time doing that and trying to make sure that things are proportional to the threat.
What people want, though, is the stuff Amy was talking about—the entertainment: ooh, tell me the cool spy story about this or that—and you can do a little bit of that, but you can’t be transparent about that without impacting—
MORELL: Oh, I agree with that. I agree with that.
LEDGETT: —the operations, and partnerships, and things.
So I worry that when people say transparency that means, you know—I know you don’t—but when people hear that, they might think full open kimono. That’s not it. It has got to be enough of those illustrative cases that have those details declassified to talk about—and we did some of that with the Section 702 reauthorization effort. We declassified—I can’t remember—twenty or twenty-five examples of things that are done—specifics—so that we could build the case for the Congress to reauthorize 702.
CALABRESI: Well, I’m sorry I’m going to get parochial here, but with regard to the unauthorized disclosure of secrets, there has been a troubling trend over the last ten years with regard to Espionage Act prosecutions. This administration has been particularly aggressive, but the Obama administration was also—
MORELL: Obama was also—
CALABRESI: —very, very aggressive.
We crossed a rubicon, little noticed, a week or two ago with the Assange indictment—obviously a very problematic character—but from the perspective of a journalist seeing the Justice Department charge any American, for the first time, with the publication of—or any person with the publication of true information is troubling. And furthermore, the Espionage Act being as broad as it is, it’s concerning to see the government charge someone for the receipt and publication of classified information.
As people who have spent the better part of your lives in the intelligence community, do you—where do you draw the line on the appropriate prosecution for unauthorized disclosure of material? Should it be the discloser, or should also those who publish it be prosecuted regardless of whether they are journalists or not?
MORELL: So look, I’m going to leave that decision to the Justice Department, but I will say this: there is something fundamentally different about Julian Assange than there is about the Washington Post and the New York Times—
MORELL: —because the methods he used—I know for a fact that Time magazine, or the Washington Post or the New York Times would not allow their journalists to do. They just would not.
I mean, Assange tried—according to Mike Pompeo when he was the director of the CIA—he tried to get people hired by the CIA to penetrate the CIA, right, in order to get him information.
CALABRESI: We don’t do that.
MORELL: Washington Post and New York Times would not allow that to happen, so this guy is fundamentally different. Where you draw the line, I don’t know, right? That’s a Justice Department decision. But I don’t consider this guy a journalist.
CALABRESI: Right. I think we’ll save for another time a larger discussion about whether his journalistic bona fides—or not—get at the larger question of the constitutionality of the Espionage Act, but—putting that one out there.
Rick, do you have an opinion about who should and shouldn’t be prosecuted?
LEDGETT: So I think certainly the leakers, the people who steal classified information, violate the agreements that they’ve signed, and disclose that, that they should be prosecuted—I’m a big fan of that, and it probably shouldn’t surprise anybody in the room—but I actually agree with Michael in this case that the finer level of what’s constitutional and what’s not, that’s beyond my purview.
I completely agree—completely agree on the characterization of Julian Assange as not your typical journalist, and I would go further and say—and there has been stuff in the press about this—you know, potentially a witting or unwitting agent for a foreign government.
CALABRESI: OK. I think I’m done with my questions, so I will open it up to the members. I’d like to remind everyone that this meeting is on the record. Please stand and wait for the microphone, and speak directly into it when you get it. And then please state your name and affiliation. Most importantly, please limit yourself to a brief question—not a statement. I will interrupt you, and then you will be embarrassed and I will be embarrassed. (Laughter.) So please be disciplined.
Let’s see here, who do we have? Over here, Mr. Graham.
Q: Tom Graham, Lightbridge Corporation.
I’ve done some teaching around the country, and I was in the government for a long time, and I find many students who are very interested in working for the government, and working for the IT. It’s more the professors than the students, in my experience—professors don’t want links to the CIA—
CALABRESI: And do you have a question, sir?
Q: —because it could damage their research or something.
Q: So I think it’s—I think it’s the atmosphere that some universities—or at least it could be the atmosphere that some universities create. And so my question is, do you think it’s more the students or the faculty?
LEDGETT: If I can take a swing at that—
CALABRESI: Yes, please.
LEDGETT: —so NSA gets seventeen thousand applications a month for employment. Most of those are from students, and we bring in somewhere between fifteen hundred and twenty-five hundred a year, depending on the year. So it’s—and they are quality students; it’s not, you know, the people that you wouldn’t want at the top of the list. So I think there are—there are certainly enough people out there.
In fact—an anecdote—when I was doing the Snowden stuff in 2013, NSA’s number of applications was about sixty thousand a year. It dropped to forty-five thousand that fall, and by January was up around ninety thousand a year. And anecdotally the hiring people asked them, you know, why did you apply? And they said, we read about what you did, and it’s really interesting. (Laughter.)
ZEGART: Let me just add—
ZEGART: —that the talent problem that we’ve been talking about—we’ve only been talking about one part of the talent problem.
MORELL: Right, right.
ZEGART: The tougher part of the talent problem is the reverse, right? How do you get people in Silicon Valley in these private companies to go seamlessly back and forth between government—how do you get people, when they leave the IC or to go into the IC to take their government experience with them as they spend their careers at Google, and Facebook, and other companies.
So we’re focused a lot on creating the lifers that go into the IC. We need ambassadors between the IC and Silicon Valley, and bridging that—what I call the suit-hoodie divide—is a critical national security challenge. So it’s great to hear that you get thousands and thousands of applicants. I still think the IC could do better at recruiting engineering talent.
But the more important—especially given what you all have said about technology and how it’s outside the fence—where is the technology really advancing fastest? Outside the fence. So we need to have leaders in these private sector firms from the bottom up because much of the cutting edge engineering talent is young, not old. I always say thirty years in Washington makes you an expert; 30 years in the Valley makes you obsolete, right—(laughter)—so we need to be able to get those young people to be ambassadors.
MORELL: Well, the truth of the matter is on technology issues it makes you obsolete in the IC, right, which is why you need that movement.
CALABRESI: Kim Dozier in the back.
Q: A question for Rick and for Michael: If Assange is convicted of charges that include operating like I operate as well as the other grab bag of things that you say he was guilty of, doesn’t that create established case law that would endanger all of journalism?
And then a second one that I just always like to throw out, we often go on to panels on cable news saying, oh, isn’t it awful President Trump just said, blah, blah, blah? It’s classified. When he says it, doesn’t he have ultimate declassification authority, so if he says it, it’s not classified anymore? (Laughter.)
CALABRESI: Why don’t we start with that one? That one is fun. (Laughter.)
LEDGETT: I’ll take the second one, Mike, and you take the first one. How’s that?
MORELL: So I don’t know the answer to your first question, but I would not advocate anybody indicting and arresting you. (Laughter.)
LEDGETT: I think the question about the president—there is a process for declassifying. The president does hold that authority and is the ultimate classification authority, so that’s true. You can argue whether that’s wise or not to do it that way and not go through the process that vets the equities and sort of compares the value.
Think back to the KAL 007 shoot-down in the 1980s, when President Reagan played the audiotapes that NSA collected of the ground control intercept operator talking to the fighters who shot down the airliner. He did that to put the lie to the—what the Soviets had been saying about the fact that it didn’t happen or it was an accident. In that case, they went through the process and weighed the benefit versus the cost.
MORELL: And signed a document to declassify it.
CALABRESI: That didn’t happen in the Bush administration with the Scooter Libby—no, the Valerie Plame case, right? That was kind of an auto—started the slippery slope, I think, if I remember right.
MORELL: I don’t think it started the slippery slope. I think that was—that was—he didn’t have—or whoever provided that information, the journalist—didn’t have the authority to declassify it.
CALABRESI: Right, right.
OK. Let’s see, over here.
Q: Mattias Youni (ph).
Chair, allow me one sentence to establish a fact before I ask my question.
CALABRESI: OK. OK.
Q: During World War II, the Japanese dropped charges which were set too low, and therefore missed our submarines. The Tribune published that fact, and next thing we lost ten submarines. So the idea is—I’m asking—we supposedly rely on the editors not to publish information which damages the country, but since now anybody can claim as an editor, don’t we have to reconsider that standard?
CALABRESI: The question is for me or the question is for the panel? (Laughter.) I’m going to let the panel handle that one.
MORELL: So we both know, right—in the case of Snowden—that several news organizations had the treasure trove and handled it responsibly. What does that mean? It means that organizations like the Washington Post physically protected it and went through it—not threw it all out there, but actually went through it carefully and made decisions about what they thought was in the public interest, and then worked with the intelligence community to say, we’re going to publish this, you know, and the intelligence community would say, we don’t want you to publish any of it, and they said, well, we are going to publish it, so here is your chance to get out of it what you want out, right, and there was a dialogue. That’s handling it responsibly. Julian Assange taking all of it and throwing it out there is not handling it responsibly.
I couldn’t agree with you more on the damage that is done. You know, the New York Times, in late 2001, early 2002, published that NSA could listen to bin Laden’s phone calls. He never made another phone call the rest of his life.
CALABRESI: OK, Jill Dougherty in the front row here, please.
Q: Jill Dougherty from the Wilson Center.
I have a question and I’m trying to—I think it might have been Mike who said it, but just to follow up, I find it really shocking and surprising that the IC, as you said, should understand the technological developments in other countries, but we’re not. Now, is—
MORELL: I said I don’t—we need to be doing that. I haven’t been in government for six years so I don’t know—
MORELL: —I don’t know what’s happening, right? I have my doubts about whether that’s happening. But we absolutely should.
Q: Do the other members of the panel agree? And if so, why isn’t it happening?
LEDGETT: So I think—I would say that there are efforts underway in regards to technologies that matter most. They may not be IC employees. They may be affiliates of various kinds who are doing that work, people who don’t want to work for the government for one reason or another but who do work for the government in that space. I think that’s probably all I’ll say about that.
CALABRESI: Right here, the gentleman with the beard.
Q: Good afternoon. My name is Bob Perry. I’m with the Stevenson Group of Consultants.
My question has to do with the vulnerability of the U.S. electoral system to foreign penetration—some indication of that in 2016. Discussion of administration efforts to prevent that from happening again, my interpretation of what I have been able to read is that it’s lackluster, coming from the White House.
My question is in terms of the intelligence community, what more could you do in terms of active engagement with electoral bodies across the country to help them strengthen their systems to prevent foreign penetration?
LEDGETT: I would say under the current—the current laws, nothing, because they’re actually prohibited from doing that. The venue for that is through the Department of Homeland Security and they’ve got something called the Multi-State Information Sharing & Analysis Center—the MS-ISAC—that’s been working with them.
Now, private sector companies or private sector entities have been doing that. The Belfer Center did some nice work last year and earlier this year in support of what the fifty-one different entities that control local election infrastructure need.
I will tell you that a system that’s got fifty-one different owners is not secure by design, and so, you know, there’s a whole argument about do you need to consolidate that and federalize it. I don’t want to get into that. But I will say that if you’ve got fifty-one different system owners your system is not secure.
MORELL: And I’ll tell you what the—what the intelligence community’s fundamental responsibility on this question is is to understand what the adversary’s plans, intentions, and capabilities are with regard to interfering with those systems, and to inform the executive branch so that they can work with the state and local governments to make sure that those systems are secure.
ZEGART: But in addition to that, and that’s something we talk about in the article, right, it’s not—we think about election security. One part of that is the security of the tally of the vote. Another part of that is the security of the campaign, so the creation or the publication of information, whether it’s true or false, that can change a campaign.
And the third part and the part where the IC really didn’t get it—didn’t get it right, right, was the weaponization of social media, right. And so if you think about what could the weaponization of social media do in the future, whether it’s voter suppression, changing people’s minds, in particular targeted locations when a vote is close, that is a critical area where the IC can and should be playing to identify the sort of intentions and capabilities and actions of adversaries—not just Russia, but many other adversaries that can weaponize social media for a whole host of reasons that have implications at the polls.
CALABRESI: Well, let’s just dig into that one a little bit because it’s quite interesting. Somebody once told me that the U.S. had fundamentally misread the espionage threat of the internet as a whole—that we, because of our background, were focused on the kinetic effects that cyber warfare could have whereas the Russians, with their century-old fascination with propaganda, had focused on the psychological or popular opinion effects that cyber could have.
Is that a fair criticism? Did the U.S. become obsessed with the cyber of Pearl Harbor as opposed to focusing on the softer propaganda capabilities of the internet?
LEDGETT: I would say where the intelligence community missed the boat, and I can say this because I was part of it at the time, was the failure—what I call a failure of imagination. So the way that the Russians used propaganda—I’ll just put a whole bunch of things under the net of propaganda—against Sony in 2007, against Georgia in 2008—internally in the Soviet Union—or in Russia—can you tell I’m a Cold Warrior? (Laughter.) Internally in Russia in 2010/2011, and then in the Ukraine in 2014, and we failed to transfer that over and say, they can do that against us. That was—that was—(inaudible).
CALABRESI: Well, and let me—let me ask—Clapper said in his book that it was impossible to imagine that the Russian operation didn’t alter the outcome. You were there through 2017 or the beginning of 2017. Do you share his opinion?
LEDGETT: I think it’s an unknowable question. I think that there are so many factors that went into that and so many things having to do with both campaigns—things that were going on in the world, things the Russians did, things people in the United States did. I think that’s like a calculus problem with forty thousand variables.
CALABRESI: Let me just ask a targeted question, then, on that. On VR Systems, the Florida-based poll book—electronic poll book—company, there have been a few small stories bouncing around about penetration of VR Systems and new information coming out about that.
Did you, while you were there, see any indication that there actually had been any meddling by Russia—electronic meddling that could have suppressed the vote through making—through chaos at polling stations, for example, through meddling with electronic polling books—registration poll books?
LEDGETT: If I did, I wouldn’t be able to talk about it.
CALABRESI: Well, that was a long question and a short answer, unfortunately, so. (Laughter.)
OK. Let’s see. Right over here.
Q: Hi. I was hoping you could talk a little bit more about an actual strategy—a national strategy to address these challenges and opportunities in the technological space beyond just the talent question, and in particular if you could touch on what’s the role of organizations that can sort of bridge the gap between public and private and help facilitating that rather than just relying on the public sector or the private sector to just work together. And here an example I might throw out there to talk about, something like In-Q-Tel.
ZEGART: Do you want to take the strategy question first?
MORELL: So I’ll start by saying that the fantastic editors at Foreign Affairs pushed us really hard to provide the answer, to say, here is what the intelligence community should do. And we looked at each other and said, we don’t know. We don’t know. This is really hard and we don’t have the answer. And I actually believe that the intelligence community itself is not capable of coming up with the answer. It’s that hard of a question.
And so one of the recommendations that we make in the article and that we’ve actually talked to Congress about—both of us—is a commission of bringing together the brightest minds from the intelligence community and from the rest of government and from the private sector and academia, get them all together and let them think this through and make some recommendations.
We come up with a handful of things that we think are important to do—the talent question being one, creating an open-source intelligence agency is another—so there are some things that we put out there. But we don’t have the answer.
ZEGART: Let me just add a little bit to that. I think we don’t have the answer and I’m reluctant, and I know you are too, Michael, to suggest the creation of either a new agency or a commission to study things because we know if the fundamental problem is coordination you don’t really want to suggest the creation of another agency. But we thought open source was so important and that to keep open source within CIA was akin to keeping the Air Force underneath the Army after World War II. It didn’t make a lot of sense.
With respect to the commission, let me just add that, you know, especially in this particular political moment where there is so much attack against the intelligence community, the natural version is to go to your own corner—to go to your own organization in a seventeen-element community.
And so a good strategy has to work across all those agencies, as you know, and that’s a hard thing to do. A commission is better able to do that, pulling in the constituent organizations and sectors of society—academia, the nonprofit sector, In-Q-Tel, the private sector—to craft how do we—what’s the goal and how do we get from here to there, and to build, as we were talking about at the beginning, the trust and public support that the American people have in pursuing that path forward. That’s a critical piece.
So as much as I like to say we should just get things done and not punt the football with a commission, I think a commission actually is the right answer here.
MORELL: But I have to say, too, that neither one of us are naïve enough to believe that a commission is going to result in the changes that we need. There’s a lot of commissions. Most of the time very little movement in the issue they’re focused on, at the end of the day. I was just on the National Defense Strategy Commission. Our message could not have been starker, with very little impact. So both of us understand that while it might be helpful, it is not necessarily the answer.
CALABRESI: Right here in the third row, please.
Q: Hi. Barbara Matthews, nonresident fellow with the Atlantic Council and also my own firm, BCM Strategy, Inc.
I have a(n) easy—a short question, which will be hard to answer, and I’ll explain it a little—
Q: —if you give me a minute.
Q: So the question is, when you’re thinking about crafting a strategy, which do you think is most important right now to get right? Is it the technology piece or the people piece? This is not a binary question. It’s a hard question to answer. And where I’m going with that is, you know, the—part of the issue with the younger generation isn’t so much youth and it isn’t so much inexperience.
It’s that they live in a decentralized world, and so the technology—blockchain technology—in many ways is very well suited to keeping a lot of information secure. That’s how it’s designed. So there’s a technology piece that can be very useful. Because people now think about privacy and data and their role as individual sovereigns—a lot of the technology community talks about data sovereignty and individual sovereignty—that means people think differently and they offload a lot of thinking to AI and a lot of analytical tasks. So the different kinds of people that come in to the IC is also critical for your pipeline. These are too—
CALABRESI: I’m losing the thread. What’s the question? I’m sorry.
Q: Yeah. Is it more important right now to focus on getting the technology right or to getting a new strategy for new kinds of people right? And it’s a continuum, of course.
LEDGETT: I’m thinking, going back to something that Michael said earlier, the more important thing is to figure out and get agreement in the country on what the intelligence community’s role in America is.
So is there—can there be trust in the Congress and the oversight mechanism, trust in other branches and the executive branch, trust in the IC, trust that—and some of that is through transparency or translucency and some of that is through having conversations about these things that involve rational discourse, not people going into corners and throwing political bombs at each other, which is kind of the place we are now.
MORELL: And then here’s a—here’s a thought I had when you were asking your question, and it’s not an answer to your question, unfortunately, but here’s the thought I had, which is that getting the strategy right is one thing, and then implementing it is a completely different issue. And I’ve seen plenty of times in the executive branch—and, quite frankly, in the private sector, too, in the last six years—where people have the right strategy and they don’t do a very good job implementing something, and at the end of the day that’s probably even harder than coming up with the right strategy.
CALABRESI: Can I ask—just sort of following on your thread a little bit, that what your all assessment of the state of the relationship—the trust relationship between the intelligence community and the major private sector technological players. Is it—I mean, I guess I could say maybe it hit a low point around the Comey testimony surrounding the iPhone in the San Bernardino case. But where is the community right now with its credibility and trust with major players? You cite a couple of examples in the piece of lack of trust. Maybe just mention those and—
ZEGART: So I’ll start off, and we may arm wrestle over this one, I think, because we have different perspectives on this. So there is still a Snowden hangover in the Valley. There’s no question about it. I mean, one of my colleagues who came from Facebook will tell you publicly, right, that they had—his threat matrix that he created had the U.S. government on it, had your agency on it, because they felt like they had to protect their systems from the National Security Agency just like they had to protect their systems from the People’s Liberation Army of China.
CALABRESI: Well, that is not a healthy place to be.
ZEGART: So and the feeling from the—from the private sector and the folks that we’ve talked to was, and you may disagree with this, but their perspective is that here we’re complying with the government request for information and then we find out that they’re sitting on our—on our fiber optic cables going to our data centers and we didn’t know about that. And that—and that may not be right but that’s the feeling, right, and that’s what you—that’s the reality of their perception.
Add on to that then the Apple FBI—
ZEGART: —challenge, and so you do have a deficit. That said, it’s better, right, and people will work behind closed doors in a way that they’re not willing to work in front of media cameras. So there’s movement in the right direction but it’s still a long work in progress. And add to that—we were talking about this earlier—the fundamental problem is not just trust; it’s that there are misaligned incentives between the private sector and the IC.
So these private sector firms have a fiduciary duty to global shareholders. There are global companies trying to wrestle with what their American responsibility should be. They have a global workforce, some of whom have worked for three-letter agencies, others of whom have come from foreign countries, and they have global markets and global shareholders.
And so that’s the fundamental conundrum they’re in, that our security and economics world now is tightly intertwined in a way it never was in the Cold War where we had strong dividing lines between the Soviet Bloc and Western capitalist economies, and that’s where the rubber meets the road. It’s incentives, not just trust.
CALABRESI: OK. In the middle here—relatively young member of the audience.
Q: Yes. (Laughter.) My name is Alex Yergin.
Thank you so much. This has been a great panel. Back to the discussion of how kind of entertainment shapes our view of the intelligence community and about the questions of transparency, I noticed recently that the CIA started an Instagram account that’s actually very entertaining. So my question is, could the IC—
CALABRESI: If you can’t beat ’em, join ’em. Is that it? (Laughter.)
Q: Yeah. Could the IC almost kind of get in on the entertainment game and the content game in a way—without revealing secrets but sort of as a way to kind of build trust and gain more recruits? (Laughter.)
LEDGETT: So when I was doing the Snowden task force, we recruited—the deputy public affairs officer from the Naval Criminal Investigation Service came up and worked with me—a guy named Paul—and one day in July we’re sitting around talking, like, gosh, we need—we need an NCIS-like character or show about NSA—sort of, you know, show people that we’re not trolls who live in the basement and read Grandma’s email.
And so he called—he called the TV show and we actually had a session with the writers, the producers, and we had four of our female analysts who sat down and talked via videoconference with them, and the character played by Emily Wickersham was generated from that. So that is the sum total of NSA’s reach out—(laughter)—to the private—to the entertainment sector in that space.
MORELL: The CIA—the CIA—
LEDGETT: CIA’s got much more history.
MORELL: CIA has a little bit more experience than that. But I’ll tell you, the IC has nowhere near the experience that DOD has with working with Hollywood, right, and making themselves look good by supporting movies that are made—films that are made about—
LEDGETT: Top Gun.
CALABRESI: Well, let me just follow up on that a little bit, Rick. You’re saying that’s the only example you know of of the NSA working with Hollywood to produce content for the movies. Is that what you’re saying?
LEDGETT: For TV, yeah.
CALABRESI: For TV. Mike, the CIA does more of that?
ZEGART: Mmm hmm.
CALABRESI: Like what? (Laughter.)
MORELL: Like Zero Dark Thirty, right, and there was—there was some controversy around that.
CALABRESI: Right. Right.
MORELL: But, you know, usually when somebody makes a movie about CIA, makes a TV series about CIA, CIA will open the doors and allow the producer and some of the main actors to come in and get a feel of the place, right?
CALABRESI: FBI does a ton of that, too. Right.
MORELL: Absolutely. But nowhere near the making of resources available, right, to the film companies as DOD does.
CALABRESI: But the other thing I think it’s just worth—you know, I think maybe the public doesn’t generally know that there is often a robust collaboration between the federal government and the entertainment industry in the production of characters and perhaps plotlines and so forth.
ZEGART: So I’m going to get in trouble at home for saying this because my husband is a retired screenwriter, and when I would do work at CIA people would always say they wanted to talk to him, not me, because I’m the nonfiction person—he’s the fiction person. I’m much more uncomfortable with this idea of collaboration for entertainment because it’s hard, as a viewer, to understand what is fact and what is fiction, and we see the blurring between fact and fiction all the time.
And as these guys know even better than I do, intelligence is about nuance. It’s about context, and it takes a lot of context to understand the difficult choices that our intelligence officials make every day, and that nuance often gets lost in the creative process. And I think Zero Dark Thirty is the poster child, in my view, of how Hollywood wanted it both ways when, at the beginning, it was a reported film. It was supposed to be journalistic.
It was supposed to be more like a documentary than an entertainment movie. And then when criticism surfaced about how it was portraying critical issues like enhanced interrogation techniques and how relevant they were or important they were in the capture of Osama bin Laden, the answer from the—from the director and the writer were, it’s just a movie. You can’t have it both ways, and I worry that the intelligence community gets in more hot water for that kind of collaboration than if it just told the story of what the IC agencies do.
CALABRESI: Well, I think—I mean, it’s absolutely fascinating—coming off of your question—it’s a fascinating question. In the end, the—what we’re actually getting at is what kind of propaganda do we find acceptable in new media in the U.S. and it’s worth noting that I believe there’s a law on the books that prevents domestic propaganda.
So we’re edging up to the line if we’re providing—if the agencies are providing information and collaborating on some of these projects, it does feel to me as if we’re getting somewhat closer to that line. Then maybe—and if we’re talking about trust that there are downstream issues for that, now that I have opinion—(inaudible).
MORELL: Here’s where we are now. So I’m not—you know, propaganda, not propaganda, you know, legal definitions and all, right. But here’s where we are now is what gets created by Hollywood creates one of three perceptions, that the IC is as good as James Bond and there’s no threat we can’t solve. There’s no—there’s no bad guy we can’t find, right. That’s not true. That’s not true.
MORELL: Right. (Laughter.) The second is, is a—is they get nothing—they get nothing right. Everything they touch falls apart.
MORELL: I call this, by the way, the New York Times theme as well, they get nothing right.
CALABRESI (?): Oh, (I don’t think ?) that’s fair.
MORELL: Right. That’s the Maxwell Smart approach, right? A lot of comedies—a lot of comedies that take you there.
And third, and probably the most damaging, is that—is that the intelligence community is rogue, right? The intelligence community does things that the president of the United States doesn’t know about, sometimes the director of the CIA doesn’t even know about, right. And that is not—that’s not true and that is not a good theme to have out there.
LEDGETT: Enemy of the State, classic—
MORELL: Enemy of the State, Jason Bourne—
CALABRESI: I would just throw into the mix here that there’s a whole—obviously, there’s a whole movement out there completely separate from the entertainment industry—QAnon—that exists in—that is highly conspiratorial and is creating its own narrative.
So as much as it’s good for us to pay attention to the relationship between the intelligence community and the traditional entertainment industry, there’s a whole separate deep state conspiracy theory ecosystem in new media that is its own threat to the trust of the American people in their intelligence communities.
Let’s see. Right here, please.
Q: Thank you. Stapleton Roy with the Wilson Center.
MORELL: Good to see you, sir.
Q: Aside from ferreting out secrets, obviously, one of the functions of the intelligence community is to try to tell truth from falsity, and one of the most disturbing aspects of your terrific article was the laying out of the degree to which the new technologies are expanding the areas where telling truth from falsity is difficult, even for the experts.
This has enormous implications and I wonder if you could expand on it a bit. One of the implications, though, is this. Clearly, if the capability is there we have to use it as well. So there’s both defense against the use of it by others, but there’s also our own use of it.
But the problem is in a government where the government is supposed to be accountable to the people, if the government is disseminating falsehood, which is picked up by the media, so that the American people are misled, then how can we talk about having faith in government or confidence in government?
CALABRESI: I got a question from an experienced public servant. In the Cold War we did all three things. We told the truth, we let lies circulate without trying to combat them, and we told some lies ourselves. Where is the right place for the U.S. intelligence community to be in the era of new media? Should we lie and push back against other people’s lies in that way?
MORELL: Look, I think it’s important to note that this is a policy call. This is not a call that gets made in the DNI’s office or the director of CIA’s office. This is a call that gets made in the Oval Office about what kind of covert action you conduct and where you draw the line. Absolutely true.
CALABRESI: Is that true that any falsehood requires a finding?
MORELL: A falsehood—to put a falsehood out there would be part of a covert action, which requires a finding but, more importantly, requires the knowledge of the entire national security team, right.
CALABRESI: I see.
MORELL: So that is a decision—
CALABRESI: In a properly functioning NSC. I got it.
MORELL: —that gets made in the sit room, right. Now, I would say—my own personal view, right, is that the United States has to be extraordinarily careful in the actions it takes because we live—you know, we don’t want to throw stones because we live in the biggest glass house, right, and I think you got to be extraordinarily careful in setting precedents that lead others to do things and think that things are OK to do that you don’t want coming back at you. I think you ought to be really careful about that and I think the—I know President Obama felt very strongly about that.
LEDGETT: I think there’s—there is a role for military deception in the case of deceiving the enemy about your plans. We just celebrated the seventy-fifth anniversary of D-Day and that was one of the best deception operations—military deception operations—ever run, and I think there is a role for something like that in a country who values truthful information like we do.
ZEGART: There’s always been that role. So George Washington was a master of deception, right. Benjamin Franklin was a master of deception. John Jay was a master of deception. So our Founders were actually very good at using deception to convince the British that we had better troops in the winter of Valley Forge than they thought; otherwise, we wouldn’t be here today.
So there’s a long history of deception for military operations. But I think, getting back to the technology piece, technology is changing the deception game in a big way and it’s not just about speed and scale with deep fakes. It’s about—deception, I think, historically, used to be an elite-level game, right. It was elites trying to deceive elites about what was—so the Cuban Missile Crisis, right, this was Khrushchev trying to deceive President Kennedy and his advisors about what he was actually doing on Cuba.
But with technology now deception has gone mass and so now elites can wage deception operations deep in the societies of other countries, including the most powerful democratic countries in the world. That’s a new problem for the intelligence community of how we defend against that kind of deception, how we recognize it, and then there are all of the ethical questions of under what circumstances would we ever engage in the same kind of practice.
CALABRESI: Well, I mean, it’s an open question, right, whether or not the U.S. engages in misinformation and disinformation in social media itself. Do we?
MORELL: So as of—as of—(laughter)—as of August 2013 when I retired from the CIA, the answer is no.
CALABRESI: What about the Cuba program that we launched? There was a great series by the AP on testing social media in Cuba. Does that ring a bell, Rick?
MORELL: The State Department—(laughter)—
LEDGETT: That’s it.
MORELL: No. No. No. No. No. No. This was a—
CALABRESI: I’m not making it up, I promise.
MORELL: This was a State Department program. It was not an intelligence program.
CALABRESI: OK. OK. (Laughter.) Well, they’re blaming—they’re blaming you, Stapleton.
MORELL: It wasn’t—it wasn’t covert. It was overt. It was open.
CALABRESI: OK. David Sanger at the back.
Q: Thanks. Along the theme that we were just—
CALABRESI: From the New York Times.
Q: Yeah, from the New York—what theme did you say we had, Mike? We have the—we have the—it’s always failing.
MORELL: Legacy of ashes theme, right?
Q: Yeah. Right. (Laughter.)
MORELL: Anything they touch falls apart.
Q: I’ve written all three of the themes that you’ve described at various moments. But as part of this question of what you admit to or not, we’ve seen some fascinating cases in recent times where we’ve had cyber weapons or elements of them that have gotten out loose. You saw this is WannaCry when the North Koreans ended up taking out the—part of the British health care system—I don’t think they were aiming for it—with a weapon that they got that was—had been published by shadow brokers and is believed to have been American in origin. Same thing for some Russian attacks. There’s some question about whether that has shown up in some of the ransomware attacks in recent times.
And in each one of them the U.S. intelligence community has come out the same way, and your former colleagues, Rick, have all said, we just don’t discuss whether or not there was origin here but we—even if it was American we don’t have any responsibility for it. The responsibility belongs to whoever launched the attack.
It strikes me that this argument is running a little bit thin. But I’m wondering how that fits in to the discussion you just had here about how one deals with Silicon Valley, with consumers, with people who begin to wonder whether the problems they’re seeing every day on the internet are partly American inspired.
LEDGETT: So I’m a little bit constrained in what I can say about that because I still have a lifetime obligation to protect classified information and I follow that pretty closely—actually, really closely. (Laughter.) And so what I would say, though, is that whether, you know, regardless of the provenance of the—I think you’re talking about the EternalBlue exploit that was alleged to have been leaked from NSA by the shadow brokers back in 2017.
So the—Microsoft published patches to all their systems in May of 2017. So it’s been two years since that’s been a known problem, and I think what my former colleagues who work at NSA would say is, if you haven’t patched your system in two years, you own that problem, and I would actually tend to agree with that. I think that’s like—that’s like complaining that the bank was robbed when you store the money in clear plastic trash bags on the curb. That’s not a legitimate complaint.
CALABRESI: We got time for one last quick question, back—second from the back, right in front of Kim. Yeah. There you go. Nice and quick, though, please. We’re right at the end.
Q: Chuck Hoist (ph), retired from Georgetown.
A lot of Pakistanis died of polio or trying to vaccinate from polio because of the CIA fake vaccination program in Pakistan in order to get Obama. I wonder—
CALABRESI: Osama bin Laden.
Q: —if you could comment on the origin who had that bright idea.
MORELL: There is a deep state. (Laughter.)
CALABRESI: Is it just—can you address, first, the facts there? Did—
CALABRESI: —many Pakistanis die from—
MORELL: Well, now I’m constrained. (Laughter.) But I’ll say this. Your—the predicate of your question is not accurate. That’s what I can say.
CALABRESI: Meaning that—
MORELL: That’s all I’m going to say. (Laughter.) That’s all I can say.
CALABRESI: OK. Well, on a mysterious note we’ll end. (Laughter.) Thank you very much for being here. (Applause.)