Posted on

NSI Policy Paper – Chinese Telecommunications Companies Huawei and ZTE: Countering a Hostile Foreign Threat

This NSI Law and Policy Paper:

  • Describes the foundations of Huawei and ZTE, the concerning actions taken by these companies, and the actions taken by the United States and allied governments in response.
  • Evaluates the key issues at stake for U.S. national security and competitiveness.
  • Argues that the U.S. should seek additional restrictions on Huawei and ZTE products and services in the U.S., while working with allies and partners to limit Chinese telecommunications expansion.
  • Provides actionable recommendations to counter the serious cybersecurity threat from Huawei and ZTE.

Read the complete paper here.

About the authors:

Andy Keiser is an NSI Fellow and is currently a Principal at Navigators Global, where he focuses on cybersecurity and other national security priorities.  He served 14 years on Capitol Hill for former House Intelligence Committee Chairman Mike Rogers – as Senior Advisor to the Committee, Chief of Staff, and Legislative Director handling all national security policy issues. 

Bryan Smith is an NSI Senior Fellow and is the Vice President & Technical Advisor Beacon Global Strategies. He provides strategic advisory services to defense and intelligence companies. He has held senior resource management positions in the House and Senate intelligence committees, the Office of Director of National Intelligence (ODNI), the Office of Management and Budget (OMB), and the National Reconnaissance Office (NRO).

 

Posted on

NSI Experts Weigh In: 2019 National Intelligence Strategy

Yesterday, Director of National Intelligence Dan Coats unveiled the 2019 National Intelligence Strategy.  Our experts weighed in about the strengths and weaknesses of this new strategy. 

January 23, 2018

Bryson Bort – NSI Fellow; Founder & CEO, SCYTHE

“For the first time since the Cold War, Western liberal democracy is seriously at risk, and the ODNI is finally catching on. The quadrennial refresh of the national intelligence strategy is updated to reflect the 21st century where intelligence and our adversaries are increasingly at the cutting edge of technology. ‘Other emerging, disruptive technologies’ enable access and influence in a truly asymmetric way and we are, and have been, the most vulnerable.”

 

 

Megan Brown – NSI Senior Fellow and Associate Director for Cybersecurity; Partner, Wiley Rein LLP

“The NIS is constrained in what it can really tell the world about the United States’ strategy, but it offers an important sense of what worries our government. In that respect we see themes that are similar to what DHS and others are saying, with continued blurring of public and private fields of engagement.  Such consistency is good.  For example the NIS rightly addresses cyber as a major challenge for the foreseeable future. Lurking under the surface are unaddressed issues of international cyber norms, defenses, and how the IC can help protect and defend US companies from a daily onslaught of attacks and threats.

Interestingly it calls for better insight—’anticipatory intelligence’ —into evolving technologies like AI and connected devices, but doesn’t grapple with emerging threats to its abilities. The government’s national security interest in new tech is not new. The Commerce Department is right now considering export controls on a variety of emerging technology categories, to try to keep our adversaries from getting them. But regulating US companies and emerging tech may drive some innovation offshore, further straining the IC’s ability to understand and anticipate issues.

The NIS also lauds partnerships with private organizations, but I see obstacles to partnership and other IC goals.  First, we have an undercurrent of global mistrust and misunderstanding of US law and regulatory philosophy.  Other regions sit in judgment of the adequacy of US privacy law, or seek to impose their own regulatory regimes on data use, IoT devices and more. States in the US are also setting up a regulatory and punitive approach. Varied regulatory efforts may have unintended consequences, make it more difficult for innovators, and chill cooperation with the government.  The IC and others in government must champion the US positions and interests, including against regulatory threats that undermine partnerships.

 

The IC cannot stop these trends. The IC should work with agencies and global partners that can reiterate the importance of voluntary partnerships and information sharing to cyber and tech policy here and abroad.”

Cam Burks – NSI Visiting Fellow; Deputy Chief Security Officer, Chevron Corporation

The 2019 National Intelligence Strategy of the United States is a superbly organized roadmap that will favorably position our country for much longer than the stated four year target.  Reading more like a business plan than bureaucratic doctrine, this strategy identifies foundational imperatives that will enable our country to assume a sustainable competitive advantage on a global level. Of particular importance is the timing of its release.  Our country needed to see this plan now, during a period of national political turmoil, to publicly reaffirm the strength of how their government will provide bonafide national security.  I commend Director Coats for not only his exceptional strategic vision and leadership of the community, but for his adroitness in providing Americans with an injection of confidence at just the right time.

The identified mission objectives are correctly prioritized, calibrated to the current day landscape with a deeper emphasis in the geopolitical space, intuitively designed, steeped in many of the basic, traditional elements that have made our national intelligence function comparatively superior for years.  What differentiates this strategy, however, is its clear recognition of the role of the enterprise.

Enterprise’s focus on people talent and organizational capability, as well as scalable integration, innovation, accountability, business and performance management, and the leverage power of partnerships, are measurable priorities found in most successful corporate environments.  We do this well in America, and its application, to an appropriate degree, within our intelligence apparatus, will give us that competitive advantage we need to persevere in any circumstance.

I believe strongly that our people – our intelligence professionals who dedicate their lives to protect our nation – are the most important component of this entire Strategy.  The current uncertainty in the federal employee community vis-a-vis the ‘shutdown’ and recent, uneven political commentary of the intelligence community, presents a tangible risk to its sustainability.  Attraction, retention, diversity, and professional development of this specific government workforce is profoundly important and my hope is that our national leaders realize the associated criticality and commit to it in any political environment.  The stakes are much too high for any alternative.

Dr. Nicholas Dujmovic – NSI Visiting Fellow; former Staff Historian, Central Intelligence Agency

Intelligence is primarily an executive function, and this National Intelligence Strategy (NIS) succeeds as a succinct yet comprehensive statement of this administration’s concerns and priorities regarding intelligence missions and activities.  Yet, you wouldn’t know from this document that by law, Congress plays an important role in setting intelligence priorities.  The NIS mentions Congress in an almost pro forma manner and exclusively on the receiving end of intelligence products and oversight reporting requirements.  This new and feisty Congress, with its renewed emphasis on legislative oversight of executive functions, may have something to say about the new National Intelligence Strategy.   I see the potential for Congress asserting itself in two areas:  counterintelligence, and the structure of the Intelligence Community itself.

Congress has a history of telling the IC that it’s not doing a good job on counterintelligence, and with all the information breaches, blown spies, and brazen influence operations the U.S. has suffered at the hands of especially Russian and Chinese intelligence, it wouldn’t be a surprise if Congress took the initiative to radically reform US counterintelligence.  The NIS identifies CI as a priority, but Congress might ask, ‘Why is it in seventh and last place, when these foreign actors are eating our lunch?’  And Congress might not stop at CI:  DNI Coats should prepare for questions from the new oversight committees like, ‘Explain to me why we need 17 intelligence agencies.’

Amyn Gilani – NSI Visiting Fellow; Vice President of Product, 4iQ

The 2019 National Intelligence Strategy is exactly what the Intelligence Community needs right now. Since 9/11, the threat landscape has completely evolved and previously dated strategies have been predominantly focused on adversaries similar to al-Qaeda to a point where we were operating too tactically and not prioritizing long-term mission objectives. This strategy focuses on the ’21st century challenges’ which include improvements in intelligence collection, cybersecurity, emerging technologies, and workforce growth and retention.

The DNI has given a larger platform to Cyber Threat Intelligence (formerly Cyber Intelligence). The fifth domain is getting the attention it deserves; previously writing on cyber focused on understanding adversaries, vulnerabilities, and threat detection/prevention. Now, DNI is stating how economies, health, safety, and prosperity could be at risk through cyberspace. Americans’ private data is constantly targeted by nation-sate and cybercriminal adversaries through retailers, healthcare, and various industries and the DNI is finally addressing this.

We also see some remnants of Edward Snowden and Vault 7 as there’s an introduction to new terms, like Insider Threat. Understanding the risks at the enterprise level is also key to understanding the full threat picture. We know that Russia and China play long-term games and we must be proactive on identifying insider threats, who could possibly be the person working right next to you.

Finally, the most impactful part of the strategy is people. In the ‘People’ section, we really see a reflection of the Intelligence Community workforce and how much it has struggled with retention. In the last five years, we’ve seen so much turnover within the private sector that the IC has been depleted of talent. However, this new strategy is breaking boundaries and creating a progressive work-culture. The message is bold on ‘diversity’ and ‘inclusion,’ specifically stating that the IC welcomes all types of ‘national origin, language, race, color, mental or physical disability, ethnicity, sex, age, religion, sexual orientation, gender identity or expression, socioeconomic status, veteran status, and family structure.’ This is a large step forward for the DNI to address how important the people are to the mission, no matter where you come from.

In a time where defense policy seems to be struggling, it’s great to see a strategy that is tailored for staying ahead of our opponents and supporting the modern-day intelligence analysts and operators.

Kristen Hajduk – NSI Visiting Fellow; Regional Director for the National Capital Region, MD5 – The National Security Technology Accelerator

“The 2019 National Intelligence Strategy acknowledges the challenge of our generation: while our ability to gather, access, and utilize data is exponentially increasing, our biological ability to process, understand, and assess the consequences of the increasing amounts of information has not changed nearly as fast. Ultimately, this makes it more difficult for analysts, decision makers and average citizens to distinguish the irrelevant from the important. This ‘noise’ can and, often does, lead to either decision-making paralysis and/or missed opportunities.

We must adapt our structures and processes to operate effectively in this information-saturated, hyper-connected, hyper-distributed global environment.  We need to change the way we do business and learn how to leverage emerging technologies to sort through the noise and buy back the time we need to govern events and not be governed by them.  We need to bridle and saddle the technological horses of the information age, not be trampled by them.

The first step is to acknowledge and understand these factors that are driving our current security environment.  The 2019 National Intelligence Strategy effectively brings this priority to the fore.

Matthew R. A. Heiman– NSI Senior Fellow and Associate Director for Global Security; Chairman of the Cyber & Privacy Working Group, Regulatory Transparency Project

“The 2019 National Intelligence Strategy (NIS) is more a circumspect document than the National Security Strategy and the National Defense Strategy, and it reads more like a catalogue of activities than a detailed strategy document.  The lack of greater specificity is to be expected when dealing with the Intelligence Community (IC).  That being said, there are two items of note.  The NIS cites Russia, China, and Iran as U.S. adversaries, but it refers to North Korea as a ‘mutual concern’ for China and the U.S.   The softer treatment of North Korea is likely a nod toward the ongoing diplomatic discussions about denuclearization.  The NIS makes cyber and cybersecurity a priority, which is appropriate, but insider threats, which are responsible for the intelligence community’s  biggest black eyes in the last decade (e.g. Snowden and the loss of NSA cyberweapons likely caused by NSA employees) are addressed with standard boilerplate.  Let’s hope efforts to address this real risk go beyond the routine.”

Jamil N. Jaffer – NSI Founder; former Chief Counsel and Senior Advisor for the Senate Foreign Relations Committee and former Associate Counsel to President George W. Bush

“The National Intelligence Strategy released yesterday starts out strong with a solid assessment of the current challenges facing the U.S. government, noting the weakening of the post-WWII international order, our own increasingly isolationist tendencies, and the broad range of threats posed by our enemies.  It rightly highlights ongoing Russian influence efforts—part of what is likely to be judged the most successful covert and overt influence operation in history—and also correctly calls out the fact that both Russian and Chinese global efforts often directly conflict with our national security objectives.  The strategy also rightly highlights the threats posed by Iran and North Korea in a range of areas, including pursuit of WMD, support for terrorist groups, and aggressive cyber activities, and is likewise accurate in forecasting that outer space and cyberspace are likely to be key domains of future conflict as they are leveraged by our adversaries, as well as the potential effects of the spread and adoption of disruptive technologies, not to mention the continuing threat of international terrorism.

But there the strength of the document unfortunately ends.  The NIS overall lacks a clear, driving vision that is new, daring, and different and that is able to squarely grapple with the changing threat landscape it identifies.  Much of what is in this strategy in terms of implementing policies and procedures feels like it could have been written in the Cold War.  Luckily, though, the IC has strong leaders that can still drive change, even if the strategy itself could have been more visionary.

When Director of National Intelligence, Dan Coats, was in the Senate, he was a leader on a wide range of issues, in particular, on confronting Russian aggression head-on.  One hopes he might return to that role having correctly identified the threat facing our nation and the West more generally.  DNI Coats is precisely the kind of leader we need at this challenging time; likewise, leaders like Gina Haspel at CIA, Chris Wray at the FBI, Ellen McCarthy at State INR, Betty Sapp at NRO, and Gen. Paul Nakasone at NSA, and many others like them also deserve our support.”

 

Andy Keiser – NSI Fellow; former Senior Advisor House Permanent Select Committee on Intelligence

Give credit to Director of National Intelligence Dan Coats for laying out a four-year strategy for the intelligence community (IC) that provides strategic direction and a general framework of the threat environment to which the IC is to respond.

While the document itself is a bit preoccupied with buzzwords and generalities, the framework is the right one to direct the IC to combat the threats from hostile nation state and transnational terror organizations in domains from traditional espionage, to cyber to space.”

 

Dr. Andrea Little Limbago – NSI Senior Fellow and Associate Director for Emerging Technologies; Chief Social Scientist, Virtru

The dual-use nature of emerging technologies appropriately resonates throughout the NIS; we are just on the cusp of how disruptive these technologies will be. Within the strategic environment, cybersecurity, artificial intelligence, and nano- and bio-tech are among the many emerging technologies highlighted as potential threats. As the NIS notes, these technologies dramatically shift power relations and create new asymmetries that have the potential to cause greater instability. At the same time, many of these emerging technologies are essential to strengthen intelligence and national security. The core enterprise objectives include a significant focus on new technologies to help secure and safeguard data, while allowing for innovation and data sharing to meet mission objectives. Importantly, the NIS reasserts America’s commitment to privacy and civil liberties at a time when digital authoritarianism puts them at great risk across the globe.

Harold Moss – NSI Visiting Fellow; Senior Director Strategy & Business Development, Web Products, Akamai Technologies

Director Coats offers a clear and logical approach for addressing the evolving threat landscape. By highlighting emerging technologies and focusing on non-traditional threat vectors he is laying the foundation for a more flexible and relevant approach to modern threats. The emphasis on expanding the national security corpus of intelligence beyond traditional boundaries, to encompass academia and industry will enable a far more resilient approach to proactively managing the threat landscape facing our nation.

I am especially enthused as Director Coats intelligently calls out two core challenges often overlooked or ignored with respect to talent acquisition and innovation. While he does not highlight how he will address these problems directly, the acknowledgement that a broader issue exists with respect to future endeavors beyond the present day concerns is encouraging. Far too often strategy is mired in the weeds of today.  Director Coats has put forth a reasonable plan that looks at addressing the problems of the forest as opposed to a handful of trees.

Elliott Phaup – NSI Visiting Fellow; Policy Advisor, Representative Dutch C. A. Ruppersberger

The 2019 National Intelligence Strategy builds on its predecessors in charting a path forward for the U.S. Intelligence Community in the years to come. The DNI rightfully characterizes the world we live in as ‘turbulent’ and ‘complex,’ and renews a focus on the emerging threats being leveraged by our adversaries – including those in space and cyberspace. Among others, I’m encouraged to see a focus in areas like cyber threat intelligence, leveraging partnerships to tackle tough challenges, and finding ways to harness the data rich environment of the future by empowering the IC’s unique and innovative workforce.

The NIS sets objectives which will help the IC evaluate its performance and while many areas of the NIS are encouraging, some aspects and characterizations of the volatility we are seeing at home and abroad are all too real. Whether it is isolationism, climate change affecting migration or the threats posed by the ‘weakening of the dominance of Western democratic ideals’, these are all concerning threats that the IC can’t tackle alone and will require leadership across government.

Bryan Smith – NSI Senior Fellow; former Budget Director, House Permanent Select Committee on Intelligence

As a former intelligence operations officer and senior resource manager, I cannot imagine what practical use any intelligence officer could make of this so-called ‘National Intelligence Strategy’.  A strategy should clearly articulate an organization’s objectives by priority, when they will be achieved, where, and by whom.  Most importantly a strategy maps out how these objectives will be achieved.

A true strategy will have almost as much to say about what an organization won’t do, as about what it will.  One tried and true approach to strategic formulation is to undertake a brutally honest examination of an organization’s strengths, weaknesses, opportunities, and threats (‘SWAT’).  The ODNI attempts nothing of the sort here.

Instead of a strategy, we are presented with a generalized description of what the Intelligence Community does or is supposed to do (organized into seven piles).  There is no hint, for example, as to whether cyber threat intelligence should lay claim to greater resources than counterterrorism or counterproliferation, or whether the IC should prioritize Russia and China over Iran, North Korea, and terrorists.  Neither does there appear to be any intellectual link between this document and the National Defense Strategy, which actually does set some priorities.  Perhaps the document’s biggest failing, however, is that it is all ‘what’ and no ‘how’.  Exhortations, such as ‘strengthening efforts’, ‘bolstering’, ‘enhancing’, ‘expanding’ or ‘leveraging’ this thing or that do not constitute a strategy of ‘how’ to get things done.

Dan Wagner – NSI Visiting Fellow; Legislative Liaison for Policy and Budget

The problem with this National Intelligence Strategy (NIS), as with previous ones, is that it speaks more to how we have been conducting intelligence functions and not enough on the future.

A strategy is supposed to lay the groundwork for the future and a way forward.  The 2019 NIS does to a point, but misses the mark on the ‘how’ of fully incorporating the influences that affect intelligence assessments (technology, geopolitics, finance, trade, etc).  It also misses the ‘how’ to remain relevant to an administration that has been accused of undervaluing intelligence.

Given the shift in priorities in the National Defense Strategy (NDS), dialing the thermostat down on terrorism and increasing the emphasis on great power competition, it was expected to see the National Intelligence Strategy (NIS) make some adjustments.  The difference between the 2019 NIS and the 2014 NIS though was negligible.  Definitely not enough to illustrate the shift in strategy necessary to refocus intelligence assets and energy to align with the National priorities.  Additionally, it is not enough to likely win over one of the biggest customers, the US President.

That said, the NIS has historically done a reasonably good job broadly covering all the threats to the US, and the 2019 version is no different.  There is, after all, only so much that can be covered in an unclassified document on intelligence.  The NIS is meant to be an overall wire structure to focus the intel enterprise.

There is not enough of a change in this year’s NIS to cause any major changes in the Intelligence Community.  With a new strategy developed and released every four years, the larger concern is if this strategy has focused enough on the future rather than relaying how the enterprise has been doing business.

Disclaimer: The views and opinions expressed in this analysis are those of the authors and do not necessarily reflect the official policy or position of the National Security Institute or any agency of the U.S. government. Assumptions made within the analysis are not reflective of the position of the National Security Institute or any U.S. government entity.

 

Posted on

NSI Experts Weigh In: Chinese Hacking Indictments

Earlier today, Deputy Attorney General Rod Rosenstein announced that the Department of Justice indicted two computer hackers associated with the Chinese government.  Our experts weighed in about the implications of these charges 

December 20, 2018

Megan Brown – NSI Associate Director of Cybersecurity and Senior Fellow; Partner, Wiley Rein

Kudos to DOJ for its collaboration with other countries and its work to call out cybercrime and advance norms. While some may think these indictments are theatre without real consequences, they are a key part of US leadership that can shape expectations for international behavior.

The tactics of these and other cyber criminals hurt companies and citizens in the US and around the world.  Actions like today’s serve as a reminder that companies suffering breaches are themselves victims of criminal activity. Sophisticated companies with robust defenses are being attacked and compromised by persistent and savvy criminals who are well resourced and protected.  Like minded governments must work with the private sector to respond to these threats and build resilience across the global economy. 

Dr. Nicholas Dujmovic – NSI Visiting Fellow; Former Staff Historian, Central Intelligence Agency

With all the recent news about Russian intelligence activities, this Justice Department announcement is welcome as it brings forward the even greater Chinese threat.  But even here, we’re looking at just the tip of the iceberg.  Chinese intelligence activities against the United States and the West run the gamut from collection (technical and human) to ruthless counterintelligence to covert influence operations that are breathtaking in scope.

As Michael Hayden noted in his memoir, ‘I stand in awe (as a professional) at the depth, breadth, and persistence of [Chinese intelligence] efforts against the United States.’  These efforts involve technical access programs through IT, relentless hacking linked to the People’s Liberation Army, stealing US Navy contractor data on weapons systems, trying to recruit American and French government officials and industry leaders involved in national security through LinkedIn, subtle and not so subtle attempts to mold Western thinking about China through mechanisms like the Confucius Institutes on college campuses.  The list is seemingly endless.  Make no mistake, China is using its considerable human and technical resources to achieve intelligence dominance over the West.

Jamil N. Jaffer – NSI Founder; former Chief Counsel and Senior Advisor for the Senate Foreign Relations Committee and former Associate Counsel to President George W. Bush

“Today’s indictment of two Chinese nationals that worked with the Chinese Ministry of State Security is another strong step by the Justice Department to pursue those who would target our economic and national security through cyber theft of core American technology.  That being said, significantly more needs to be done to staunch the bleeding and to prevent American intellectual property being repurposed abroad.  It is simply not enough just to indict individuals, we must also track them down and bring them to justice.

More importantly, we must also punish such activity directly when it happens in order to deter further activity going forward.  We can best do so by taking strong military, intelligence, and foreign policy actions, where appropriate.  Such actions will work better to deter foreign cyber activities than indictments standing alone.

Moreover, the government must take action now to work directly with the private sector to empower it with the type of information it needs to defend itself against such threats going forward.  Sharing threat information after an indictment is announced is helpful, but needs to happen sooner when a threat is detected, not after hundreds of millions of dollars in research and development dollars have already walked out the backdoor.

Indeed, if there ever was a case where something more than an indictment was necessary, this is it.  Here, 45 technology companies and government agencies in over a dozen states had hundreds of gigabytes of data stolen including technologies related to computers, satellites, oil drilling, and other highly sensitive and national security matters.  The victims included the Navy, where sensitive data on over 100,000 Navy personnel was stolen, the Department of Energy’s Lawrence Berkeley National Laboratory, the NASA Goddard Space Center, and the Jet Propulsion Laboratory.

Given all this, it is critical that the U.S. government not only continue to take the kind of strong actions it has today, but that it should also do more now to address the very real threat posed to our economic and national security by aggressive Chinese cyber activity.  First, it should share information about such threats in real time, as they are detected, rather than weeks and months later when an indictment is announced.  Second, it should open the door wider to take significantly stronger action against foreign nation-states, including keeping all military, intelligence, and foreign policy options on the table.  Finally, if we are ever to truly deter such activities going forward, the government must, when appropriate, actually take such actions in response to such foreign cyber threat activities and not simply rely on an indictment in federal court.”

 

Dr. Andrea Little Limbago –NSI Associate Director of Emerging Technologies and Senior Fellow; Chief Social Scientist, Virtru

“Since 2014 the Department of Justice has issued a series of indictments that link Chinese government-backed personnel to economic espionage. However, this year has seen an uptick in indictments and public naming of China as a core violator of the rule of law.  In the past few months alone, China has been linked to the Marriott mega-breach, ten Chinese intelligence agents were indicted for compromising aviation technology, two other officers were indicted for conspiring to steal rice production technology, and a Chinese spy was extradited from Belgium for commercial theft. 

However, today’s indictment is unique for several reasons. First, the degree of international coordination, including reinforcing statements from allied governments, supports a global norm against cyber-enabled commercial theft.  Second, the Department of Justice publicly rebuked China for violating the 2015 agreement against cyber-enabled commercial theft. The rebuttal joins this year’s report from United States Trade Representative on China’s corporate espionage, and reaffirms China’s non-compliance to an agreement that was similarly made with other countries, including Australia and Canada.  Finally, while much of the focus is on the vast range of commercial espionage, it is important to also remember China’s role in the major theft of the personal data of US citizens, including the OPM and Anthem breaches. Today’s indictment notes the theft of 100,000 Navy personnel, including salary information and personal phone numbers. The indictment is yet another reminder that China’s theft is not only detrimental to U.S. commercial innovation, but it also infringes upon the privacy of U.S. citizens through a broad range of personal data theft, including health, travel, and financial data, and personally identifiable information such as social security numbers and birth dates.”

Bob Stasio – NSI Visiting Fellow; Former Cyber Operations Lead, National Security Agency

“Today’s announcement regarding the U.S. Department of Justice (DOJ) indictment of two Chinese hackers appears to be a continuation fo the ‘name and shame’ strategy which began under President Obama. I am of two minds when it comes to this approach.  I applaud the DOJ for taking an aggressive stance against the Chinese strategy to exploit the U.S private sector with state-backed resources – most commercial entities are struggling to deal with advanced persistent threats, and this indictment gives a real signal that these type of actions will not be tolerated.

Alternatively, charging Chinese espionage actors that will likely never be extradited does nothing to practically stop hacking against the U.S. The ‘name and shame’ strategy against state actors may actually endanger current and former U.S. intelligence officials traveling overseas, as belligerent nations may seek retribution.  In my view, a more effective alternative would be using our offensive cyber capabilities under the Department of Defense to send a message versus the continual reliance on law enforcement. “

Dan Wagner – NSI Visiting Fellow; Legislative Liaison, U.S. Special Operations Command

China is the greatest threat to US National Security, period.  The next likely catastrophic event on the US will come from the Chinese in the cyber realm.  The DOJ charging two Chinese hackers for attacking multiple companies is one of many tools the US should be employing on a regular basis to stress to the Chinese this is not acceptable and there are now consequences.

For too long the Chinese and Russians have gone unchallenged, experiencing few repercussions for their constant cyber hacks and attacking.  Perhaps it was out of fear of starting WWIII.  Primarily because many senior US officials did not understand cyber or were focused exclusively on the counterterrorist fight as the greatest threat.

Countries like China and Russia continue to hack US companies and information, with the latest target being Marriott, and have openly pledged to not only not stop, but to increase.  China and Russia are starting with a leg up on the US, no thanks to Snowden.  The amount of data that countries like China, Russia, and Iran are compiling on US policy makers, as well as corporate and government leadership and technology, is scary.  What they can or intend to do with that data may be even more scary.  The US must respond by bolstering their Cybersecurity capability and prosecuting those countries and people who conduct operations against the US and our allies.

The Administration has recently released new cyber guidance in the form of a Presidential Directive granting more power to conduct cyber operations.  Recently though, the top commander in the Middle East and Central Asia authored a paper stating that the new authority is not enough.

The head of U.S. Central Command, Gen. Joseph Votel, wrote in his paper that the Pentagon must ‘normalize’ electronic warfare and cyberattacks and incorporate them into daily operations.  He went on to state, ‘We need to proactively execute cyberspace and information operations early in ‘Phase 0 / steady state’ of the planning process — well before operation execution. Only then can we shape the [information environment], hold our adversaries’ capabilities at risk and execute at the speed of war.’  I have to agree.

Russia China Iran and North Korea have all conducted offense of cyber operations around the world and it has not resulted in World War III yet.  It is not a secret that the United States has offensive cyber capabilities and such capabilities will likely also not result in World War III if executed with precision and diligence when provoked.

Taking the restraints off of US offensive cyber capabilities through the administration’s new cyber policy may be the next right step in proving our cyber superiority in the newest domain.  This is not a capability to be taken lightly.   Restraint and target vetting, as well as high level approval should be maintained.  As the article points out, there is great Intel value in cyber ISR versus cyber attack.  However, just as we flex our muscles through ‘shows of force’ to Russia, China, Iran and North Korea by conducting flyovers and moving aircraft carriers into areas in the ocean, the US must also conduct the equivalent of a ‘show of force’ in the cyber domain. The trick is we must now figure out what that looks like.

Disclaimer: The views and opinions expressed in this analysis are those of the authors and do not necessarily reflect the official policy or position of the National Security Institute or any agency of the U.S. government. Assumptions made within the analysis are not reflective of the position of the National Security Institute or any U.S. government entity.

 

Posted on

NSI Experts Weigh In: Syria Troop Withdrawl

Yesterday, President Donald Trump announced that the United States would be withdrawing troops from Syria.  Below, NSI experts weigh in on the potential outcomes of this move and the future of the region. 

December 20, 2018

Matthew R. A. Heiman – NSI Associate Director of Global Security and Senior Fellow; Former Lawyer, National Security Division, U.S. Department of Justice and the Coalition Provisional Authority, Baghdad, Iraq

“President Trump threatened to withdraw forces from Syria before, and his advisors appeared to have talked him out of it.  This time, they weren’t as persuasive.  This is a bad result for the U.S. and the Middle East for the following reasons: Russia, Iran, and the Syrian regime will fill the void created by the U.S. departure; the job of destroying ISIS was not yet complete; and the U.S. pushback against Iran looks fairly toothless.  The Middle East is not a safer place and U.S. interests are not served by this move.  Let’s hope the President changes his mind.

Jamil N. Jaffer – NSI Founder

“The President’s decision to precipitously withdraw U.S. troops from Syria is a catastrophic mistake of historic proportions.  In addition to handing Russia and Iran a major victory in a region critical to our national security, the President’s decision actually snatches defeat from the jaws of victory by allowing ISIS the chance to rapidly reestablish the very bases and infrastructure that we spent years working to destroy and sacrificing American lives in the process.  In many ways, this decision puts the President squarely in line with decisions of the prior Administration that he has, in the past, mocked as being weak and irresolute.

Even worse, yesterday’s decision—announced on Twitter with apparently little serious discussions at senior levels within the Administration—suggests to our allies that the United States is not prepared to see its military efforts through to completion.

The President’s announcement of victory against ISIS notwithstanding, the reality is that America and our allies continue to face serious threats coming from the Middle East, including from ISIS, which, while it is certainly back on its heels, is far from defeated.  Indeed, the rapid removal of American troops from Syria means that the immediate threat of terrorist attacks against Americans around the world, including here at home, will increase overnight, with groups like ISIS and al Qaeda becoming emboldened by America’s abandonment of our serious campaign against them in the region.

Other threats from the region are also likely to get worse as a result of President Trump’s policy shift.  These threats include the Iranian regime’s support of terrorism around the world through proxy groups like Hezbollah, which is also directly responsible for keeping the Assad regime in power in Syria, the rise of Russian military activity across the region and its undermining of American influence with key actors, the targeting of key American allies in the conflict against ISIS and al Qaeda, and the potential economic chaos that could result from increased instability in the region.

In sum, leaving this fight behind and abandoning our allies in the region is a step in exactly the wrong direction.”

Lester Munson – NSI Senior Fellow; Former Staff Director, Senate Foreign Relations Committee

“In Jim Mattis, Mike Pompeo and John Bolton, the President has an excellent national security team.  He should listen to them and reverse his decision to abandon Syria to Iran, Russia and Bashar Assad. Removing American forces now will dramatically increase the likelihood that Syria will descend further into chaos and negatively impact American allies in the Middle East and Europe.”

 

 

David Priess – NSI Visiting Fellow; Chief Operating Officer, Lawfare

“Whatever one thinks of the merits of abruptly pulling US forces out of the continued fight against ISIS in Syria, it’s hard to deny that the way in which this appears to have been decided and announced surprised national security officials at all levels — and left them ill-prepared to execute or even explain the sudden change in policy. Generally, the interagency process allows all of the pros and cons of policy options — ranging from their tactical implications to their impact on America’s alliance relationships — to be hashed out. Even officials who had argued against the ultimate decision thus understand, and are prepared to help implement, policy change.

Having participated in many interagency meetings at various levels while at CIA and at the State Department, I recall all too clearly how laborious and frustrating the interagency process can be. But there’s a reason for that process: to avoid an unforced error like this one.”

and frustrating the interagency process can be. But there’s a reason for that process: to avoid an unforced error like this one.”

Alicia Sloan – NSI Visiting Fellow; Co-Founder, Duco Experts
“Bringing our servicemen and women home from conflict should always be our North Star. However, this announcement of victory over ISIS underscores how naive the President is as it relates to how non-state actors work, and yes, make come backs. What’s more, the message to our allies is: if you want an ally in the long term, it doesn’t pay to link up with the United States. Try Russia and Iran instead (although this blame doesn’t lie solely on President Trump).”

 

 

Glenn Sulmasy – NSI Visiting Fellow; Provost and Chief Academic Officer, Bryant University

“This is a bold and courageous decision by President Trump.  The Syrian issue remains chaotic – a mess.  The decision to get our troops out of that very chaos will preserve American lives and prevent us becoming further  entrenched within this growing debacle.  Keeping our troops in Afghanistan has done little to achieve any final victory over the Taliban or al-Qaeda.  There is little sense in putting American troops in a region that is increasingly becoming lawless without any clear cut path to a traditional ‘victory.’

There is no question that the troops who have been stationed there are relieved, and their families are delighted to get this welcome Christmas gift. This is a true victory for  the traditional, realpolitik, conservative national security policy.”

Dan Wagner – NSI Visiting Fellow; Legislative Liaison, U.S. Special Operations Command

“If there is any U.S. leader that can create a ‘winning’ narrative from getting out of Syria, it is President Donald Trump.  Right, wrong or indifferent, he has unabashedly made the decision from his gut, against the sage advice of his senior cabinet officials.  The decision was likely based on money and weighing the immediate benefit to the American voter.  This is how he will be able to turn this situation into a winning narrative with the voters, regardless of the long-term impacts amongst the coalition partners and in the Middle East.

That said the U.S. strategy has been one of an endless combination of counterterrorism as well as nation building.  It has been a losing strategy over the last 18 years of entering a country to eradicate the threat to the homeland and then become entangled in the quagmire of regional politics, while building the government back up again. Trump would argue that it is time to make others take ownership of the issues within their region. Others will argue that the U.S. broke it [Syria] and now they need to fix it.  However, others still will argue that it has been proven that no amount of money will fix the problem and the U.S. has a terrible track record for fixing nations.

There are real concerns about Russia and Iran gaining a strong foothold in Syria and thereby increasing their influence in the region.  It may also force them to take ownership of this problem, as ongoing issues in Syria will ultimately affect anything they want to accomplish in the long run.  There is a chance that it will force both countries to pour money and resources into Syria to fill the gap left by the U.S. and experience similar frustrating challenges.  If this were to happen, it would focus energy on a new problem for each of them, rather than on the U.S. directly.

The conflict in Syria is unsustainable indefinitely, and it is clear that there is no real strategy other than what we have been doing in Afghanistan and Iraq – which is to continue to throw money and U.S. blood at the problem.  Is ISIS truly defeated?  That remains to be seen.  Part of this Syrian retrograde cannot be to allow ISIS to regenerate.  The U.S. will likely need to force Syria (and Russia by proxy) to take ownership of their country.  It is only a matter of time until Afghanistan will follow suit as well.

President Trump does not have a great track record for truly caring about U.S. Soldiers.  However he does care about votes and money, and declaring victory against ISIS fits his narrative of both “winning” and “putting America first”.  Whatever the reasoning for the President to order pulling U.S. forces out of Syria, it is going to cause uncertain outcomes in that region (Syria, Turkey, Iran, Israel) and with coalition partners (including the Kurds).  However, that should only be slightly less comforting than a strategy of sustaining the same levels of funding and cost of U.S. lives indefinitely.”

Disclaimer: The views and opinions expressed in this analysis are those of the authors and do not necessarily reflect the official policy or position of the National Security Institute or any agency of the U.S. government. Assumptions made within the analysis are not reflective of the position of the National Security Institute or any U.S. government entity.

 

Posted on

NSI Podcast: Cyber Deterrence

The National Security Institute published its first podcast which analyzed cyber deterrence.  This podcast featured NSI Fellow Bryson Bort, NSI Senior Fellow and Assistant Director of Cybersecurity Megan Brown, Jason Healey of Columbia’s School of International and Public Affairs, and NSI Senior Fellow and Assistant Director of Emerging Technologies Dr. Andrea Little Limbago.  Moderated by NSI Senior Fellow Lester Munson, the wide-ranging conversation addressed topics such as the National Cyber Strategy, the role of the private sector in cyber deterrence, and the evolution of norms in cyberspace.

To hear more conversations like this, follow us on SoundCloud and to stay up to date with the latest news and insights from NSI follow us on Twitter.

Posted on

NSI Policy Paper – Cyber Imperative: Preserve and Strengthen Public-Private Partnerships

This White Paper:

  • Examines the importance of public-private partnerships (PPPs) to United States cybersecurity policy and law
  • Explains the benefits of collaboration and partnership – domestically and abroad – over regulation and mandates
  • Describes challenges to cooperation, such as limitations in current law, the overlap in government cyber activities, and fear of post-hoc recrimination
  • Urges policymakers to strengthen partnership and collaboration through creative solutions that change the culture around private cyber risk and incidents

Click here to read the complete paper.

About the author:

Megan Brown is an NSI Senior Fellow and Associate Director for Cybersecurity Programs.  She is also a Partner at Wiley Rein LLP.  Prior to joining Wiley, Ms. Brown served in the Department of Justice as Counsel to two U.S. Attorneys General. 

Posted on

National Cyber Strategy

This afternoon, President Trump released the National Cyber Strategy. Below, NSI experts offer their commentary.

September 20, 2018

Dmitri Alperovitch – NSI Visiting Fellow; Co-Founder/CTO, CrowdStrike

“I am very pleased to see the new National Cyber Strategy formally establish the precedent to make routine the ‘work with like-minded partners to attribute and deter malicious cyber activities’. This is a key and necessary step that has been lacking in US cyber policy for many years.”

Bryson Bort – NSI Fellow; Founder & CEO SCYTHE

“This is the most comprehensive cybersecurity strategy document ever published—firmly stating a vision of the United States as ensuring a secure Internet by cooperation or force…The message appears to be: you will see an American Flag planted on your scorched computer(s).

This is the most comprehensive cybersecurity strategy document ever published—firmly stating a vision of the United States as ensuring a secure Internet by cooperation or force. It reads like a response to former NSA Director Admiral Mike Rogers’ February Congressional testimony where he acknowledged current constraints in responding to the active threat landscape the US faces.

The ambitious scope is easily reflected in a just few stand out items: replacing social security numbers for identify management; addressing IOT security through the full lifecycle, although not post-deployment; a global “Cyber Deterrence Initiative” to strength partner law enforcement and information sharing capabilities; and the promise of “swift and transparent consequences” to deter attacks.

The message appears to be: you will see an American Flag planted on your scorched computer(s).”

Megan Brown – NSI Senior Fellow; Partner, Wiley Rein LLP

It is heartening to have a new cyber strategy committed to paper, for the private sector and the government.  There is a lot to like in here, and a lot of unanswered questions.  Big picture, this document lays out a muscular role for government as it relates to the private sector.

This strategy doubles down on the contracting community, with hints of some intrusive new requirements on the way.  This is notable because contractors have already been the “tip of the spear” on cyber regulatory obligations.

Not surprisingly, it tackles IT and telecom supply chain issues—hopefully the Administration can bring some clarity to the many overlapping federal efforts on this.

It puts DHS’ role on steroids and confirms the government’s commitment to nudging the private sector along, whether or not the industry wants help.  From trying to shape the market for “secure” products to encouraging manufacturers to test security and differentiate products based on security features, the government sends a message that it will take an active role.  Its emphasis on transparency and the roll out of secure next-generation telecom and IT infrastructure will affect technology companies and the broader economy.

The bottom line: industry needs to prepare for additional expectations and obligations, and get ready to interact with the government in a variety of settings.

Cameron Burks – NSI Visiting Fellow; Deputy Chief Security Officer, Chevron Corporation

“The Administration’s focus on protecting critical infrastructure against cyber attacks and providing risk-reduction activities across key sectors and the maritime space is a critical element of the new strategy. It reflects a clear understanding that enhanced government-to-private sector engagement is a vital imperative to the country’s national security.”

 

Jamil N. Jaffer – Founder, National Security Institute

“While the current administration’s national security apparatus may face significant challenges from within, the fact is, the President and his team got this one right: ignoring the costs of malicious cyber activity, including destructive attacks and efforts to undermine our core economic base through IP theft and extortion, is a recipe for disaster.

We must make clear to our enemies in cyberspace, including Russia, China, Iran, and North Korea, that they will no longer be free to conduct destructive or disabling attacks on U.S. soil or against American companies, our government, or our allies, whether in Central Europe, Asia, or the Middle East.  Nor must they think it is acceptable to pillage our American industry of the very technology that is at the core of our economic vitality, undermine our democratic institutions, or pre-position assets to use against us in a future conflict.

The administration’s new strategy–with its discussion of deterrence and consequences—is thus a step in the right direction.

But more must be done immediately.  The time for mere words has passed. We must respond swiftly and surely to cyber activities that threaten our national security.  To that end, the new strategy’s promise of ‘swift and transparent consequences,’ is exactly spot on, and we must now deliver on this promise when challenged in cyberspace.”

Andy Keiser – NSI Fellow; Former Senior Advisor, U.S. House Permanent Select Committee on Intelligence

“The National Cyber Strategy announced by President Trump today is an important step in not only identifying the threats to the United States in cyberspace, but the opportunities and solutions. The strategy touches on typical areas of hardening federal systems, while introducing newer concepts such as an international deterrence model in cyber.

After 15 years of multiple Administrations admiring the problem, the Trump Administration should be given credit for conducting a full interagency review grown out of the National Security Strategy process to get this critical policy in place which has a direct impact on our economy and security. Though it is surely not the end all be all for what needs to happen in cyber, the new NCS will help guide a whole-of-government response to the threats against and openings for the U.S. in cyber.”

 

Dr. Andrea Little Limbago – NSI Senior Fellow; Chief Social Scientist, Endgame

“In many ways, this strategy is the first articulation of a whole-of-nation approach to the range of digital state and non-state threats. The NCS prioritizes the integration of cyber with other elements of national power, focusing on fostering diplomatic norms, countering disinformation, deterring and disrupting malicious activity, and enabling economic prosperity. The private sector also plays a prominent role in this strategy, with everything from incentivizing robust risk management and incident response to augmenting mechanisms for greater information sharing.

The promotion of a free and open internet is at the core of the NCS, and reaffirms American leadership in shaping a democratic, multi-stakeholder model of internet governance. In contrast to the authoritarian model of censorship, data localization, and digital protectionism, the NCS reasserts American commitment to an open internet as a core feature of protecting democracy. While several other recent strategies and policies have emphasized offensive cyber capabilities, that same verbiage of continuous engagement and defending forward is surprisingly minimal. In fact, the NCS emphasizes that efforts to counter malign activities will continue to respect and preserve democratic values.”

Harold Moss – NSI Visiting Fellow; Senior Director Strategy, Akamai Technologies

“The rapid pace at which technology and cyber threats are evolving, warrants the need for a combined public and private response as highlighted in the newly released cybersecurity strategy update.

The first step to a sustainable cyber strategy is enabling future cyber talent and leveraging existing public sector talent to buttress existing cybersecurity deficiencies. The acknowledgement that we must expand our cyber talent pool, is significant and meaningful.  In absence of concrete and detailed steps, one has to remain cautiously optimistic.  I for one look forward to additional context related to building the necessary foundation for such an endeavor. “

Megan Stifel – NSI Visiting Fellow; Former Director for International Cyber Policy, National Security Council
“The White House strategy released importantly recognizes the opportunities of interconnected technologies as well as the risks and vulnerabilities created. The announcement today builds upon ongoing efforts to protect and defend United States information infrastructure in the new era. By bringing these ongoing efforts together into a cohesive document, today’s Strategy sends a strong signal not only that cybersecurity remains a priority to the United States, but also that it is a whole of nation effort—that the government plays an important but not independent role in sustaining the Internet ecosystem for the future.Among the key priorities identified by the Strategy are that the government must lead by example, including through workforce training and development and supply chain risk management. Expanding from the government as an enterprise risk management organization, the Strategy prioritizes building and supporting technical and policy relationships to sustain United States economic and security interests for the future. The Strategy highlights the critical role U.S., partner, and ally information and communications technologies and networks play in maintaining secure and resilient economies and the need to continue efforts to support the development of norms, multistakeholder internet governance, and internet freedom, in particular by continuing capacity building efforts to achieve these objectives.”

Dave Weinstein – NSI Visiting Fellow; Vice President of Threat Research, Claroty, Inc.

“Until now the United States has not formally adopted an international approach to cyber deterrence.  The Cyber Deterrence Initiative, which would formally strengthen collaboration with other countries on incident response and attribution, is a promising concept. Successful implementation will depend on what countries participate and their level of commitment.  In this respect, geographical diversity is key to establishing and maintaining the credibility of such a body.  The east versus west I would expect the “Five Eyes” and other NATO member-states to be among the first recruits for the coalition, but it would be worth exploring the private sector’s role in such a construct.
It’s encouraging to critical infrastructure risk management featured so prominently in the Strategy, but the substance is a bit lackluster.  More creativity is needed for government to maximize its contributions to what is largely a private sector problem.  Some of the best ways for government to “secure critical infrastructure” is to incentive investment in technology, people, and training; share actionable threat intelligence; and deter activities that hold infrastructure assets (and the citizens they serve) at risk.”
Posted on

Call for Presentations: Hack the Capitol

Hack the Capitol is an two day event in Washington, DC on September 26th and 27th to provide hands-on education and awareness to Congressional Staffers, Think Tanks, and Press. Talks, workshops, hands-on exhibits, and demos should be tailored toward a non-technical audience. Please consider this with your submission. This kind of event has never been done before and will have significant value in raising awareness of our Nation’s challenges with critical infrastructure and constructively providing kinesthetic learning at multiple levels.

To submit a presentation, click here.

Posted on

Helsinki Summit: Experts Weigh In

Early this morning, President Donald Trump met with Russian President Vladimir Putin in three back-to-back meeting sessions.  Below, NSI experts weigh in on the outcome of the meetings and what they mean for future U.S. – Russia relations. 

July 16, 2018

Andrew Borene – NSI Visiting Fellow; Former Associate Deputy General Counsel, U.S. Department of Defense

“We definitely need to wait and see what gets said on the record and what specific action items come out of the meeting, before we can make reliable assessments about it.

It is not clear what, if any, defined outcomes are being sought by The White House in Helsinki with Putin. President Trump himself says he has “low expectations.” This meeting also comes right on the heels of conflicting White House messages about the US commitment to the NATO alliance, which is the Russian Federation’s most significant geopolitical counterweight. 
In the background of President Trump’s Russia summit will be a continuing tension between the President and the US Justice Department’s work on Russian meddling in the 2016 Presidential election. Special Counsel Robert Mueller’s Friday the 13th surprise indictment of Russian intelligence operatives for hacking during the 2016 election was probably not on President Trump’s initially planned agenda.”

Jamie Fly – NSI Visiting Fellow; Former Foreign Policy Advisor to Senator Marco Rubio

“President Trump’s performance at a press conference earlier today with Russian President Vladimir Putin was nothing short of disgraceful.  He turned an opportunity to send a strong deterrent message against future Russian interference in American democracy into an attack on American institutions that only empowers our enemies.Instead of pushing back against the long trail of death and destruction that Vladimir Putin has left around the globe, President Trump lowered America to Putin’s level.  It was “Russia First” at its worst.Luckily, beyond the press conference, it appears as of now, that the damage was limited.  There were few signs of progress on arms control, Syria, or other issues.  American and Russian interests are fundamentally opposed on many of these key challenges and hopefully Trump administration officials realize that as they follow up with their Russian counterparts after this meeting, even if the President they work for clearly does not.”

Matthew R. A. Heiman – NSI Visiting Fellow; Former Lawyer, National Security Division, U.S. Department of Justice and the Coalition Provisional Authority, Baghdad, Iraq

“Absent Putin reversing himself on his foreign policy agenda, the best result for President Trump is a summit that yields no significant deals.  That’s because there are very few opportunities for agreement between the U.S. and Russia.  Rather, President Trump should articulate U.S positions in the same blunt style of speaking we saw from him during his meetings with NATO members and Prime Minister Theresa May of the United Kingdom. Trump should make clear that the U.S. opposes and will continue to take strong action against interference in U.S. elections.  Trump should say that the U.S. will remain in Syria, we will not tolerate an Iranian beachhead there, and we will support Israel’s campaign of attacking the Iranian backed militias in Syria.  Trump should make clear that the U.S. stands with a Ukraine that is democratic and peaceful and enjoys territorial integrity.  The chill in U.S.-Russia relations is because Putin is a bad actor on the world stage, and it took the U.S. far too long to realize it.  Hopefully, President Trump recognizes that the best deal to be had is no deal.

Andrew Keiser – NSI Visiting Fellow; Former Senior Advisor, U.S. House Permanent Select Committee on Intelligence

“Similar to the past three occupants of the Oval Office, President Trump has long maintained a desire to improve U.S. relations with Russia. Though I believe it demonstrates a naivety of Russia’s decades-long work against the United States at every turn, there is nothing wrong with this desire in and of itself.

However, despite overwhelming evidence to the contrary from his own intelligence services, President Trump seems to dismiss Russia’s meddling in the 2016 U.S. elections and their consistent, aggressive undermining of U.S. interests around the world. Russia, the GRU and President Vladimir Putin do not respond to nuance and mixed messages, they only respond to direct, unified voices typically coupled with the credible threat of military force.

Though I was heartened to see President Trump raise the issue of Russia’s unacceptable American election interference, he went on to undermine his own government’s position with our top geopolitical foe standing by his side.

With moral equivalency offered between U.S. and Russian actions around the world, it seems Russia has been given a green light to nakedly pursue its’ own interests in Ukraine and Syria, by silencing dissent by any means necessary and by creating trouble all over the globe from Venezuela and Cuba to Moldova and Georgia to North Korea and the Arctic.

How the Russians balance the friendly rhetoric from the President of the United States, with the tough policies his Administration has put forward on sanctions, lethal arms to Ukraine, an aggressive posture in Syria and kicking out Russian intelligence officers from the U.S. remains an open question.” 

Dr. Andrea LimbagoNSI Visiting Fellow; Chief Social Scientist, Endgame

“The summit takes place at a time of increased tensions between Russia and the United States. Friday’s indictment details yet again that Russian election interference extends well beyond the DNC breach. It also includes a compromise into state board of elections websites, the data theft of half a million voters, and county-level reconnaissance of election websites, not to mention the bots and trolls leveraged throughout social media to amplify their messaging. Importantly, election interference is only one part of the playbook for Russian interference operations. Russian interference extends well beyond the 2016 election to undermine U.S. national and economic security and should have been the core topic discussed at today’s summit.

Russian interference operations extend well beyond elections, and include compromise and/or reconnaissance of U.S. critical infrastructure, underwater cables that are core to trillions of dollars of transactions and communications, a global campaign targeting routers, not to mention the NotPetya attack which caused over a billion dollars in damage globally or the onslaught of similar attacks on NATO and our European allies. This is the behavior by Russia that is deteriorating the relationship. Attending this Summit without prioritizing Russian interference operations is not only dangerous to our national, physical, and economic security, but it also provides the green light to the growing range of global actors who are increasingly adopting Russia’s interference tactics, knowing they can do so with impunity.”

Lester Munson – NSI Visiting Fellow; Former Staff Director, Senate Committee on Foreign Relations

““It would appear that this meeting was a missed opportunity at best. President Trump needs real achievements on Syria, North Korea, Russian cyber attacks on our elections and Russia pulling out of Ukraine. Thankfully, the president must defer to Congress on many of the matters discussed today.  He has little flexibility on lifting sanctions on Russia absent real progress on these issues. Congress, particularly the Senate, should step up its direct involvement in policy-making for the betterment of our national security.”

Posted on

NATO Summit: NSI Experts Weigh In

Early this morning, President Donald Trump met with European leaders at NATO’s annual summit in Brussels.  Below, NSI experts weigh in on the outcome of the summit and what it means for stability in Europe and U.S.-European relations. 

July 11, 2018

Jamie Fly – NSI Visiting Fellow; Former Foreign Policy Advisor to Senator Marco Rubio

“NATO is the world’s most successful security alliance.  Yet NATO allies cannot rest on their laurels.  President Trump’s admonitions regarding burden sharing have produced significant results yet more needs to be done.  After almost seventeen years of war, Americans across the political spectrum expect U.S. allies to pull their own weight.  The summit declaration approved today by NATO leaders appears to do just that as the alliance works together to tackle traditional and emerging challenges to allied security.  Transatlantic security would be best served by more focus on the reality of what NATO is doing on a daily basis to protect its members’ citizens instead of theatrics and personal attacks on allies.” 

Matthew R. A. Heiman – NSI Visiting Fellow; Former Lawyer, National Security Division, U.S. Department of Justice and the Coalition Provisional Authority, Baghdad, Iraq

“President Trump believes Europe takes advantage of the U.S. by enjoying NATO’s security guarantees without paying enough for the benefit.  His belief is not unreasonable.  In 2014, NATO members pledged to spend 2 percent of their GDP on their militaries.  While only the U.S., the U.K., Estonia, and Greece meet that target today, pressure from the U.S. has contributed to Poland, Lithuania, Latvia, and Romania being on target to reach the threshold this year and others reaching this goal in the coming years.  It’s important that friends hold each other to account, and blunt talk amongst allies should not threaten the future of NATO.  Rather, NATO’s future depends on both financial contributions to military spending by each member and clear plans that ensure NATO resources match the strategic threats posed by Russian hybrid-wars, cyber attacks, and expansionism; instability in the Middle East and North Africa; and the continued risk of radical Islamic terrorism.  Hopefully, attendees at the NATO summit this week recognize that the future of the alliance depends on words being matched with deeds.” 

Andrew Keiser – NSI Visiting Fellow; Former Senior Advisor, U.S. House Permanent Select Committee on Intelligence

“Since 1949, NATO has been the foundation for transatlantic security.  The strength of NATO helped lead to unprecedented stability and prosperity for the West.  That said, it  has been a long-standing concern of the United States that NATO allies were not doing their fair share to maintain a deterrent against aggressors of the alliance.  

Though difficult conversations among friends are probably best held behind closed doors, those quiet conversations rarely led to meaningful reforms in decades past.  Perhaps a different approach will lead to a different result that ultimately could be a stronger NATO and a more effective check on Russian President Vladimir Putin’s expansionist intentions” 

Dr. Andrea LimbagoNSI Visiting Fellow; Chief Social Scientist, Endgame

“The NATO Summit is traditionally a time to celebrate one of the most successful alliances in history. Instead, this year’s Summit is preoccupied with defense spending and achieving the 2% of GDP target by 2024. Clearly, member-state contributions are essential, but for the most part member-state spending has been increasing over the past four years. This tunnel vision on defense spending is an unhelpful distraction away from the constructive dialogue required to address the core national security threats to the U.S. and its NATO allies.

The member-states are simultaneously defending threats at home and abroad. The collective security alliance must continue to evolve and strengthen to counter the twenty-first century threat landscape. This includes domestic and international terrorist groups, countering disinformation, clarifying the cyber component of Article V, and of course the range of authoritarian regimes who are undermining stability across the globe.

NATO remains extremely relevant to safeguard democratic principles internationally and support U.S. national security. In fact, yesterday the U.S. Senate reaffirmed NATO’s relevance in a 97-2 vote in favor of supporting the U.S. commitment to NATO. Unfortunately, the current unnecessary and self-inflicted internal tensions and divisions within NATO play right into the hands of state and non-state adversaries.” 

Lester Munson – NSI Visiting Fellow; Former Staff Director, Senate Committee on Foreign Relations

“It is a good thing, not a bad thing, to urge our European allies to contribute more substantially to NATO’s defense. Similarly, it is good to urge Germany to untie itself from Russia’s energy predations.  The manner of delivery may be awkward and off-putting, but the substance of the president’s message today is sound.”  

Posted on

NSI Advisory Board Member Matthew Olsen and Visiting Fellow Andy Keiser testify before the House Small Business Committee

On June 27th, Advisory Board Member Matthew Olsen and Visiting Fellow Andy Keiser testified before the House Small Business Committee.  Their testimony focused on the threat ZTE poses to American small businesses.  They also gave recommendations for how to protect small businesses and American citizens from the dangers presented by ZTE and other illicit Chinese backed enterprise.

Posted on

NSI Advisory Board Member Ellen McCarthy Nominated to Serve as Assistant Secretary of State for Intelligence and Research

April 30, 2018
Contact: Garrett Ventry
[email protected]
716-628-4593 (cell)

National Security Institute Advisory Board Member Ellen McCarthy Nominated to Serve as Assistant Secretary of State for Intelligence and Research

Arlington, VA – On June 12, 2018, the White House announced the nomination of NSI Advisory Board member Ellen McCarthy to serve as Assistant Secretary of State for Intelligence and Research (INR).  Ms. McCarthy has served as President of Noblis NSP since 2016 and also previously served as Chief Operating Officer of the National Geospatial Intelligence Agency (NGA), where she oversaw NGA’s daily business activities and advised the Director of NGA on a range of issues, including strategic planning and corporate governance.  Before joining NGA, Ms. McCarthy served as President of the Intelligence and National Security Alliance (INSA), where she currently serves on the Board of Directors.  Ms. McCarthy also previously served as Director of the Human Capital Management Office and the Acting Director of Security within the Office of the Under Secretary of Defense for Intelligence, where she developed and deployed the Defense Civilian Intelligence Personnel System (DCIPS), as well as in multiple intelligence roles in the United States Navy (USN) and U.S. Coast Guard (USCG), including as Director of Intelligence Operations, Strategy and Policy for the USCG.

“Ellen McCarthy has long been a leader and innovator in the intelligence community, serving our nation with distinction and honor both in government and the private sector, and she is an inspired pick for this critically important position,” said Jamil N. Jaffer, NSI Founder.  “Indeed, Ellen brings a unique skillset to this nomination, having served on the leadership team that reshaped NGA from the inside and having led an effort to transform Noblis NSP into a truly unified operation.”

INR is a bureau of the Department of State and a member of the Intelligence Community, whose primary mission is to harness intelligence to serve U.S. diplomacy.  INR is a direct descendant of the Office of Strategic Services Research Department and is the oldest civilian intelligence element in the U.S. Government.  INR provides independent analysis of events to State Department policymakers and ensures that intelligence activities support foreign policy and national security purposes.

Ms. McCarthy’s bio can be found here.  More information on INR can be found here.

About the National Security Institute
The National Security Institute serves as a platform for research, teaching, scholarship, and policy development that incorporates a realistic assessment of the threats facing the United States and its allies, as well as an appreciation of the legal and practical challenges facing U.S. intelligence, defense, law enforcement, homeland security, and cybersecurity communities.  NSI draws on the experience of its visiting fellows, as well as its highly distinguished advisory board and faculty, to produce timely research and policy materials that deliver insightful analysis and actionable recommendations to senior policymakers in the White House and key departments and agencies, as well as those on Capitol Hill.

About George Mason
George Mason University is Virginia’s largest public research university. Located near Washington, D.C., Mason enrolls more than 33,000 students from 130 countries and all 50 states.  Mason has grown rapidly over the past half-century and is recognized for its innovation and entrepreneurship, remarkable diversity, and commitment to accessibility.

About the Scalia Law School
The Antonin Scalia Law School at George Mason University is defined by three words: Learn. Challenge. Lead. Students receive an outstanding legal education (Learn), are taught to critically evaluate prevailing orthodoxy and pursue new ideas (Challenge), and, ultimately, are well prepared to distinguish themselves in their chosen fields (Lead).  It has been one of America’s top-ranked law schools for the last fifteen years.

Posted on

North Korea Summit: NSI Experts Weigh In

Early this morning, President Donald Trump and Kim Jong Un concluded a much anticipated summit. Below, NSI experts consider how this summit and the agreement coming out of it will impact regional stability and U.S. foreign relations.

June 12, 2018

Andrew BoreneNSI Visiting Fellow; Former Associate Deputy General Counsel, U.S. Department of Defense

“Cautious optimism and a ‘trust but verify’ attitude are advised toward the Trump-Kim Summit as a whole.

A bona fide agreement to denuclearize the North Korean regime would be an excellent first step on the path to reducing the many dangers presented by a hostile, bellicose dictatorship. After the fanfare of this week in Singapore has subsided, the hard work will be in the follow-up next year, through access, verification and inspection processes in order to ensure that North Korea honestly follows through with any agreements.

At the same time that America and our allies should celebrate initial progress on nuclear and missile technology issues, none can afford to lose sight of the Kim family regime’s longstanding human rights abuses, flouting of international law through criminal cyber attacks, overseas assassinations, and the long-suffering it has sadly imposed upon innocent North Koreans under a brutally enforced family dictatorship.”

Jamie Fly – NSI Visiting Fellow; Former Foreign Policy Advisor to Senator Marco Rubio

“President Trump inherited a failed North Korea policy that across multiple administrations of both parties allowed North Korea to obtain nuclear weapons and develop missiles that put the United States within reach.  Yet that does not relieve President Trump of his responsibility to ensure that the mistakes of the past with Pyongyang are not repeated.  There appears to be little in the summit statement that has not been said before.  In some cases, the pledges appear to be weaker than those made in the past.  Unilateral U.S. concessions for more of the same from Kim Jong Un is not a change from the past, it is repeating the mistakes of the past.  If American security interests are to be achieved in the long run, fundamental change will have to happen in North Korea.  That is why an approach that celebrates the world’s most brutal dictator, an overseer of modern day gulags, is likely to end no differently than the failed negotiations tried by President Trump’s predecessors which left the United States and our allies less safe.”

Matthew R. A. Heiman – NSI Visiting Fellow; Former Lawyer, National Security Division, U.S. Department of Justice and the Coalition Provisional Authority, Baghdad, Iraq

“The just concluded summit between the U.S. and North Korea did not deliver any substantive steps towards North Korean denuclearization.  While a historic event, It should be considered a confidence building measure and not much more.  The U.S. agreed to suspend military exercises with its treaty partner, South Korea, as a show of good faith.  North Korea must make the next move, and going forward, the U.S. should insist that North Korea take the first step in further rounds of negotiation because North Korea has a long track record of matching U.S. gestures of good faith with duplicity.  North Korea’s geopolitical credit score is 0.  The only way North Korea can improve its standing is for it to do three things: agree in word and deed to complete, verifiable, and irreversible denuclearization; end its threatening behavior to the U.S. and its allies, as well as the weapons systems that support such threats; and address what may be the world’s worst human rights record.  Businesses don’t extend credit to customers that fail to honor their commitments.  The U.S. should treat North Korea the same way.”

Jamil N. Jaffer – Founder, National Security Institute; Former Chief Counsel, U.S. Senate Foreign Relations Committee

“While today’s U.S.-North Korea Summit began with high hopes, like many prior negotiations between our two nations, the Singapore summit ended with limited, if any, progress on the key issues at stake.  North Korea once again committed—in theory—to denuclearization of the Korean Peninsula, a commitment it has made no less than three times over the past 25 years and one that it has broken over and over again.  We cannot allow North Korea to continue to play a game of Lucy and Charlie Brown with the football with the United States, where we agree to concessions like freezing our legitimate military exercises with our ally, South Korea, while North Korea agrees to freeze its illegitimate nuclear activities, only to back off that and other commitments when it has gotten what it wants from the United States.  While the President has successfully brought Kim Jong Un to the table, a unique opportunity for which he rightly deserves credit, we must now ensure that any agreement the United States makes going forward ensures the complete, verifiable, and irreversible denuclearization of the Korean Peninsula, halts North Korea’s illicit WMD proliferation and cyber activities directed at our nation and its allies, and addresses the atrocious human rights record of the Kim regime.”

Omario Kanji – NSI Visiting Fellow; Assistant Academic Director, Temple University

“Watching closest will be China because it stands to gain most from any positive outcomes of the Trump-Kim Summit. A liberalized economy at China’s doorstep can only help facilitate their economic and diplomatic maneuvers in the future. That said, China is an astute observer of the global order; erratic moves by both sides leading up to (and possibly after) the Trump-Kim Summit have only reinforced China’s free-rider status in this new chapter of relations in Asia.”

 

 

Andrew Keiser – NSI Visiting Fellow; Former Senior Advisor, U.S. House Permanent Select Committee on Intelligence

“While the language of today’s joint statement is encouraging, we know from decades and agreements past, that the promises of the murderous, dictatorial regime in Pyongyang are often hollow.

Past American Presidents’ conventional approach to dealing with North Korea always led us to the same place: deception and defiance by the North. President Trump’s unconventional approach has led to some real accomplishments thus far including unconditional release of three American hostages, halt of nuclear and missile testing and a pledge to work toward a denuclearized Korean peninsula

The historic summit in Singapore was an important step, but the real substance of the negotiation now begins, secure in Secretary of State Mike Pompeo’s able hands to hold the Kim regime’s feet to the fire. We have taken the first few steps in what would be a marathon effort to finally bring North Korea into the community of nations by a complete, verifiable and irreversible denuclearization – and that’s assuming North Korea’s continued compliance which history tells us is a very shaky assumption.

Nonetheless, the alternative was an escalating rhetoric that could lead down the path of military conflict, the potential consequences of which are almost unthinkable. No matter what your political stripes, each of us should be hopeful for making progress on the North Korea problem that has vexed the world for nearly 70 years.”

Dr. Andrea LimbagoNSI Visiting Fellow; Chief Social Scientist, Endgame

“By focusing less on diplomatic substance and more on diplomatic theater, the summit represents a missed opportunity. It is a return to the status quo that existed before the recent rhetoric as there are distinct similarities with previous agreements. However, in contrast to previous discussions, the details of denuclearization are now even more vague and ill-defined so it is unclear whether North Korea made any concessions at all. Based on previous behavior, North Korean promises – even vague ones – must be taken with a grain of salt. Whether this summit proves to be the anomaly as opposed to a continuation of decades of unfulfilled promises is yet to be seen. Importantly, while everyone is focused on the nuclear issue, North Korea continues to escalate cyberattacks uninhibited. As the repercussions of the summit evolve over the following months, it will be important to keep an eye on both North Korean nuclear and cyber behavior. Each are core components of North Korea’s interlinked strategy focused on regime survival, and have the potential to contribute greatly to international instability.”

Lester Munson – NSI Visiting Fellow; Former Staff Director, Senate Committee on Foreign Relations

“President Trump is to be commended for his diplomatic outreach to North Korea.  It should be matched by tough measures from Congress: a new suite of sanctions on Pyongyang and Beijing ready to move in the event – perhaps the likely event – that Kim Jong Un’s promises prove empty.  Congress should also clearly state its staunch support for human rights in North Korea and remind the South Korean people that America stands shoulder-to-shoulder with them against North Korean hostility.

The administration has much work to do.  While seeking the toughest deal possible with North Korea, President Trump’s team must ensure that our allies Japan and South Korea work in concert with our efforts.  It would be calamitous if our opening to North Korea were interpreted by Seoul or Tokyo as a softening of American resolve.

Ultimately, the success of this effort depends on Chinese cooperation.  China’s support of Kim Jong Un is what enables his regime’s nuclear program, its hostile acts against its neighbors, and its massive human rights abuses against the North Korean people themselves. President Trump must bolster his tough line on China.”

Bryan Smith – NSI Visiting Fellow; Vice President & Technical Advisor, Beacon Global Strategies

“The Little Rocket Man and the Deranged Dotard actually held a hastily-arranged summit without a blow-up.  It was a good day for the U.S., a good day for Asia, and a great day for Kim and North Korea.  The U.S. came away with a somewhat vague North Korean commitment to complete denuclearization, while holding firm on sanctions. And in the span of a mere photo session, a callow, cruel, isolated tyrant (with a bad haircut) was transformed into a legitimate international figure, whom the leader of the earth’s sole Superpower was “honored” to meet.  On top of that, the U.S. took its first major step towards military disengagement from the Korean Peninsula – it will halt exercises, which though thoroughly defensive, the President termed “provocative”.  After all, if U.S.-ROK exercises are provocative, why are not 35,000 permanently stationed US troops incendiary?

Even so, yesterday produced at least a real chance for a peaceful end to the Seventy Year War.  What made yesterday possible, and why might now be different from 1994, 2002, 2012?  A unique brew of demonstrated strength (on both sides) and unquestionable vulnerability on Kim’s part.   Kim led his country’s shockingly rapid demonstration of an ICBM that could threaten the entire United States.  In response, the “America-first” Trump, unlike every other President, surely came to the terrible, but inescapable, conclusion that the war risk of tens (or even hundreds of thousands) of South Korean civilian dead was preferable to the risk of tens of million civilian dead in the US.  And just as likely, his team had clearly communicated that grim calculus to Kim, as well as America’s ability to deliver on it.  Kim faced this prospect in a window of vulnerability before his ICBM could be fully tested and weaponized.  Add to all that, the bite of unprecedentedly-strong sanctions, the allure of capital infusion, and Trump’s willingness to tear up the Iran nuclear deal, foreclosing the prospect of a weak agreement for Kim.”

Dan WagnerNSI Visiting Fellow; Legislative Liaison, U.S. Special Operations Command

“The intelligence value from engaging with North Korea is worth the United States Government’s efforts.  Having limited intelligence on North Korea, it will take engagement to begin to develop a decent intelligence picture.  Building out a human intelligence (HUMINT) network takes time, numerous engagements and a series of sticks and carrots.  High level political engagement is often an impetus for intelligence gathering through contact reports and incidental collection.  A HUMINT network foothold has potential to lead to other intelligence inroads and these high level engagements are necessary since we are technically still at war with North Korea (Armistice). 

This summit engagement will be the first in a series of high level engagements that may take time and will encounter progress and setbacks along the way.  At the end of the day, the intelligence to be gained from more open dialogue is a tremendous benefit as the U.S. develops a roadmap towards Complete, Verifiable, and Irreversible Disarmament (CVID) of North Korea nuclear weapons. “

Posted on

GDPR Roundtable

700 13th St. NW, Suite 1150
Washington, DC
Wednesday, May 23, 2018 | 12pm-1:30pm

NSI and Symantec teamed up to host an expert roundtable discussion on the EU’s new General Data Protection Regulation (GDPR), its implementation, and its implications for both governments and the private sector.

The event featured a range of experts, including:

  • David Bray, Executive Director, People Centered Internet and former FCC CIO
  • Ilias Chantzos, Senior Director of Government Affairs for Europe, Middle East & Africa, and Asia-Pacific, Japan, Symantec
  • Peter Fatelnig, Minister-Counsellor for the Digital Economy Policy, Delegation of the EU to the United States
  • Jamil Jaffer, Founder, National Security Institute