The Forever Virus
A Strategy for the Long Fight Against COVID-19
Foreign election interference must be bad if spy agencies are making public service announcements. Two weeks ago, Director of National Intelligence (DNI) John Ratcliffe and FBI Director Christopher Wray held a press conference warning that Russia and Iran have been acquiring voter registration data and waging influence operations to sow division and tilt the election. And earlier in October, counterintelligence chief William Evanina and General Paul Nakasone—who heads both the Pentagon’s cyberwarriors and the supersnoopers of the National Security Agency—participated in a video alert designed to reassure Americans that the threats are real but they are on the job.
What these officials said is important. But the fact that they said it is pathbreaking.
Intelligence agencies have never operated so publicly before, and doing so doesn’t come naturally. The 17 spy agencies of the U.S. intelligence community are hardwired for a secret world, in which Washington officials with security clearances transmit information in locked bags and read it in guarded rooms. Secrecy is in their DNA. The National Security Agency was once so hidden that for years nobody would acknowledge its existence—insiders joked that NSA stood for “no such agency.” The Central Intelligence Agency has “neither confirmed nor denied” public reports of its activities since an agency lawyer first came up with that phrase in the 1970s.
Cyberthreats and other emerging technologies are transforming this secret world, and intelligence agencies have to adapt fast—not least by reimagining who counts as a decision-maker.
Historically, intelligence agencies have served Washington officials. The work of intelligence was to give presidents, generals, and others in government “decision advantage,” by providing them faster and better insight than their adversaries possessed about global trends and threats. National security policy was the province of government.
That assumption no longer holds. Today’s important decision-makers increasingly live worlds apart from Washington—and they make policy choices that affect the nation in boardrooms and living rooms, not just the White House Situation Room.
Tech company leaders may want no part of American national security policy or global politics, but their decisions unavoidably affect both. Vulnerabilities in software enable cyberattacks with global reach. Online search algorithms skew the news that readers see and share. Social media platforms are becoming disinformation superhighways that undermine democracies. Business executives are making consequential decisions that influence elections as well as everyday life, including what speech is acceptable, what personal data can be collected and shared with others, whether and when political ads get placed, and what voter manipulation remains fair game.
In the cyber-era, business is not just business: tech policy is public policy. But tech company executives are not public servants. Rather, they bring a mix of missions and motives to their decision-making, including defending free speech, defeating malign actors, and delivering profits to global shareholders. To navigate this new world successfully, leaders in both Silicon Valley and Washington need intelligence about how the threat landscape shapes the development and use of new technologies and how new technologies shape the threat landscape.
In the cyber-era, tech policy is public policy.
Citizens, too, are decision-makers who need insight they may not have required in the past. In today’s globalized information environment, voters are vulnerable to foreign influence operations that move at speeds and scales unimaginable even a decade ago. Deception operations in the old days aimed mainly at government leaders: Japan’s surprise strike on Pearl Harbor, the Allies’ Normandy landing on D-Day, and the Soviet Union’s nuclear gambit in the 1962 Cuban missile crisis all depended on trickery that deceived the military and political leaders of the opposing side.
Global connectivity has brought deception to the mass market. Foreign intelligence services, their proxies, and domestic actors seek to “flood the zone” with divisive messaging and disinformation designed to go viral. Some operations use fake online personas that look like real Americans. Others actually are real Americans. Operations can amplify messages through state-run foreign media, bots, fringe American media, or unwitting mainstream American media. The content can be real, false, speculative, or a toxic mix. Americans spreading these messages can be witting or unwitting. The intent is to generate distrust, drive polarization, and degrade American democracy.
The danger of influence operations is especially acute during elections. In the past, election meddling required physical effort. State laws defended against nefarious election activities with provisions about how ballots were handled and what activity was and wasn’t allowed near polling places. Now bad guys don’t need to stand ten feet away from polling booths. They can electioneer, intimidate, and manipulate voters on cell phones anytime, anywhere—even standing in line at the polls. Ordinary Americans occupy the frontlines of this new battlefield, and they need intelligence about who is trying to influence them, with what motives and tactics.
These threats will not disappear when the 2020 election concludes. Cyber-enabled influence operations will continue. Technology is changing. Deepfakes powered by artificial intelligence are growing more sophisticated. Russia’s playbook is evolving. And Russia is not the only player anymore. Disinformation peddling and democracy meddling are just getting started. As more malign actors use emerging technologies to divide and deceive, American citizens will need intelligence even more.
Producing intelligence for a broader audience will require the U.S. intelligence community to make a monumental shift. Secretive agencies will have to adopt radically different mindsets, new capabilities, new products, and new communications skills. Simply declassifying more and doing things the old way won’t be enough.
In the 2016 election cycle, intelligence officials became so alarmed by Russian election interference that they decided to warn the public. The director of national intelligence and the secretary of the Department of Homeland Security issued a statement—but it was short, dry, and written in intelligence-speak:
“The U.S. Intelligence Community (USIC) is confident that the Russian Government directed the recent compromises of e-mails from US persons and institutions, including from US political organizations,” the press release began. “The recent disclosures of alleged hacked e-mails on sites like DCLeaks.com and WikiLeaks and by the Guccifer 2.0 online persona are consistent with the methods and motivations of Russian-directed efforts.”
To intelligence insiders, the warning was serious and clear. To everyone else, not so much. The same day, the infamous Access Hollywood tape—in which Republican nominee Donald Trump boasted about how easy it was for him to sexually assault women—hit the news. There is little mystery which got more media attention.
Producing intelligence for a broader audience will require a monumental shift.
This year, intelligence officials have been more active and creative. Wray, Evanina, and Nakasone have released videos and given interviews to the news media. In addition, Christopher Krebs, who heads the Department of Homeland Security’s new Cybersecurity and Infrastructure Security Agency, has waged a major public service campaign to protect the 2020 election, including with a webpage dedicated to “rumor control.”
These steps are important but insufficient. The October 6 video announcement featuring four agency leaders has so far received just 21,000 views on YouTube. Krebs’s Twitter account, with the tag line “Keep Calm and Vote On,” has just 13,500 followers. By contrast, RT, the Russian state-run propaganda machine, has three million.
The more the information environment is politicized, the harder intelligence officials will have to work to inform the public. DNI Ratcliffe is both a symptom and a cause of this problem. Ratcliffe is the least experienced spy chief in U.S. history. His chief qualification for the job appears to have been his willingness to attack Special Counsel Robert Mueller’s election interference investigation during televised congressional hearings. His first nomination was scuttled over concerns that he couldn’t tell the truth about his own résumé, didn’t understand intelligence, and didn’t care. The second time around, Ratcliffe was confirmed anyway.
Since then, the DNI has been turning secrets into partisan weapons and hawking suspected Russian disinformation as Trump campaign talking points. Many career intelligence officials are horrified. Ordinary citizens are left to wonder whether intelligence can be trusted or is just another political tool.
Intelligence agencies aren’t always right, but citizens need to have faith that their spy chiefs are searching for truths on behalf of the nation, not publicizing unverified reports and cherry-picking secrets to advance a partisan agenda. Earning the public’s trust will require depoliticizing intelligence, and that starts with a DNI who embraces the intelligence community’s core value: speaking truth to power.
Intelligence agencies will also need to become adept at gathering, analyzing, and communicating findings for decision-makers outside government as well as within it. This shift in mission will require the intelligence community to undertake fundamental reform. Open-source intelligence should lead the collection process, rather than coming in only occasionally at its end. Officials will need new training if they are to write and speak so that ordinary citizens can engage with the information they present. And they must be rewarded for making these efforts, particularly because speaking openly about their craft does not come naturally.
Success also requires rethinking risk. Until now, intelligence agencies have operated in secret because greater openness posed unacceptable risks to protecting sources and methods and securing advantage. But that calculus is shifting. Today, secrecy also invites significant risks. Chief among these are the possibilities that without good intelligence, tech companies will make decisions that make the nation less safe, and voters will be unprepared to resist foreign influence operations.
How Artificial Intelligence and Autonomous Systems Will Transform Espionage