>> from our studios in new york city, this is "charlie rose." charlie: the cyberattack targeting the d.n.c. appears to have been more extensive than first believed. russian hackers have allegedly breached a number of accounts. the original leak in july forced d.n.c. chairwoman debbie wasserman schultz to resign. questions remain as to whether the hacks are part of a larger effort to influence the american presidential election. joining me now is adam siegel on the council of foreign relations. author of "the hacked world order." he served as general counsel at

the national security agency. he currently leads a global cybersecurity practice at the mayer-brown law firm. and michael riley covers cybersecurity. from cambridge. david sanger of "the new york times." i'm pleased to have all of them here. david, since you've been with me so many times, tell me where we are. david: i think year at a predictable place in the course of this because what we knew a year, year and a half ago, though the government didn't announce it as such, is the russians have gotten inside the state department's unclass fayed -- unclassified email systems. the white house unclassified email systems, part of the systems in the joint chiefs of staff, then we discover that the f.s.b., the successor to the k.g.b., more than a year ago got into the democratic national committee's systems. followed by another russian intelligence agency, the g.r.u., the military intelligence agency, which probably didn't

even know the f.s.b. was there, going into the same d.n.c. system. when you go into these system, you follow the bread crumbs out. so it wouldn't be surprising to me if one of those hacked emails or individuals who the f.b.i. is looking at was either the one that led these agencies into the d.n.c. or from the d.n.c. went out to them. because that's simply how you do this you just follow the string as it proceeds in and out of the networks. charlie: tell me also what role wiki leaks plays in this, david. david: wiki leaks was the recipient of a number of the documents. but they were not the primary recipient. initially after the d.n.c. hack was discovered and the firm crowd strife turned out a report pointing back to two russian actor, they didn't quite call them the intelligence agencies

but made clear they were sophisticated, state-run actors, after that we began to see some of these documents surface on the web. from somebody who i think we talked about, charlie a few weeks ago who identified himself as goosifer 2. the name is after another hacker who was actually in jail. and it looks like that was probably a construct. that that probably -- probably there's no individual, but probably a committee of russian hackers. but whoever it is, they published this tefrl themselves and they didn't get very much news bounce out of it. i think it's after that that it ended up in the hands of wikileeks. we still don't understand much about the transmission of how it got from the people who hacked this to the people who published it. charlie: but is julian asaung saying he's got a lot more and he's going to dribble it out

like the did other stuff? david: he hinted he has more. he's hint head has no particular love for hillary clinton but in an odd way, the contents of what was in these leaks, apart from the fact that the d.n.c. was favoring hillary clinton, over bernie sanders, which i think -- which i don't think was probably the best kept secret in washington, the fact of the hack and the concept that the russian mace be inserting themselves into an american election is far more news worthy than what we've seen out of these emails. charlie: any doubt the russians did this? >> i don't think there's any doubt the russians are behind it, given the publicly revealed information and the information that most u.s. intelligence believes with a high degree of confidence that the russians are behind it. i think the big question still is, was this primarily directed at espionage, so we know as david said the russian farce

long time have been interested in u.s. government agency servers and networks. the chinese have been long interested. we think the chinese were behind the hack of the mccain and obama campaigns in 2008. was it primarily espionage or did they in fact intend to insert themselves into the election? or did they make the decision after they were caught, did they decide to dump the documents and make the best of a bad situation. charlie: have we seen the tip of the iceberg? should we expect there's much more? >> i would exps there's much more this einteresting point is this appears to be much more than espionage operation but something like an information warfare operation. on some level, that shouldn't surprise us. the russians have been running these kinds of operations in europe for a couple of years. they have done it in ukraine , in eastern europe. they hacked a television station in paris and claimed to be the islamic state. where they seem to have changed tactics here, or uped the game so to speak is they decided to

intervene in a very contentious election in the u.s. and i think there's no doubt that they have a lot of information with which to do that. they, the -- so far the attacks that have come out, the victims that have come out are part of a small subset of a marge larger set of people who were at least targeted. a security firm said they tracked almost 4,000 emails from the g.r.e. intelligence unit and they crossed a whole bunch of categories. there are lawyer, lobbyist, foundations, basically going to every corner of the washington power structure. they include nato officers, military stuff, defense contractors, a lot of those are personal emails so it combines gossipy stuff personal stuff with things that they managed to get that people just talk about on a personal email. my guess is there's a lot of stuff out there. the question is two things. one, do they -- how much have

they already given to wikileaks or other people to release? do they plan to do this all the way up to the election? and is there any response the u.s. could make that might curtail this or change the calculus the russians are making? >> i'm sure senior officials right now are debating that exact question. the complexity involved, a host of factors. first, publicly attributing something to a nation state is far different than privately doing swosme saw u.s. government made significant strides when the sony hack was attributed to the government of north korea. i think officials now are seeing more and more the public benefit and need, frankly, for attribution to hold hostile actors accountable. charlie: so how do we do that? how do we hold north korea accountable? how might we hold russia account snble >> there's a range of tools at the government's disposal, everything from diplomatic action. we've seen diplomatic approach

with the chinese in the wake of a numb of chinese hacking activities, to criminal indictments as we saw with several p.l.e. actors. to economic sanctions as we saw in the case of novert korea. so there's a host of options all of which have various advantages and disadvantages in term os both actual practical impact and public messaging to the adversary. charlie: the question often comes up with respect to hillary clinton's server do, we assume that the people who did these hackings wanted to hack hillary clinton's server they could? or was her server so secure it would have been much more difficult to penetrate? >> it's a question we've been asking a lot about. what we've heard from the f.b.i. director so far is he said that there was no direct evidence that anybody had gotten inside hillary clinton's server.

he went on to say that the actors, state-run actors are usually so good that they might not leave any evidence that raises the obvious question, if they're so good, why was it so easy in the case of the d.n.c. hack? and the answer to that may well be that there was more than one hacker inside the d.n.c. it could've been that the f.s.d. and g.r.u. were there and others were there too. in fact , in sign eric it's not uncommon once somebody gets caught for them to sort of leave the door open quite deliberately to other hackers so that the crime scene gets polluted. so there are

>> it seems like that is fascinating. they may see it as payback as you and i have discussed for what vladimir putin views is an

effort by secretary clinton, who was secretary of state to do or partly rigged fraudulent parliamentary shetion in russia where said some things bruton views as having encouraged protests. important point. we have spent the past few years thinking about the cyber pearl that is bringing down the power grid. that is something to worry about . what we are seeing here in sony and the dnc hack is more common and below the threshold of an act of war. futurere that may be the

of where cyber war is going. along with the kinds of attacks the u.s. and israel did against the iranian nuclear program, which is an act of sabotage. all of these are acts that are short of what could prompt an armed response. termse: where are we in of the race between people who had and want to resist hacking? >> the people who hack are far ahead. it is much easier to play offense than defense. one of the things the dnc hacks have shown us, there are interesting tactics being used effectively. you can hack personal e-mails by on ang a decent malware computer at home, getting credentials to an e-mail and that can get you all sorts of

information that can have surprising sensitivity. who based on e-mails persona and others, the russians were reading his e-mail from 2012 on. he was talking to: powell and wesley clark. of the way people use information and go back between secure e-mail accounts and personal accounts, we haven't figured out a way to counter that. charlie: that would have given accountability if they wanted to find out more about those e-mails that were deleted. there was someone at the receiving end of those e-mails.

>> absolutely. the state department has released e-mails that have gone through and released them. deleted,ls that were the fbi was able to reconstruct some part of that. in terms of the fragments and the data they had. but the clinton campaign has been clear, that was a process. our lawyer sat down and went through everything that was in the account and the only thing that was left out where personal e-mails that didn't have anything to do with state department business. suggested there may be another hand the russians could play if they did hack in the they could present that themselves. it presents the possibility of an interesting surprise between now and november.

♪

charlie: within the legal framework are we going to see a series of things? in reference to meetings you may have been tin. i know there are lots of conferences around cyber

security. terms of theen in focus of the u.s. government and within the military. what do we need now? >> i think there is a series of hard decisions president obama is going to have to confront. he doesn't have an investigation report to act upon. the fbi is still looking at this . it is continuing to spread. he's probably feeling pressure to be able to send an official message to the russians before the election happens. there is always the possibility this could be the beginning of a toad and complex attempt

tinker with the election itself. we have no evidence they are in the election systems that there are vulnerabilities in the systems of many of the states. he would want to issue some kind of warning to the russians to keep their hands off of the american elections from the votes and the counts. can you set some norms for all of this, we have had success with that with the chinese. indicationseen any of success with that with the russians. charlie: because they are different? >> less interested in the commercial data and intellectual property the chinese have focused on. more interested in the espionage information warfare. and the traditional military secrets.

the u.s. doesn't want to set any norms that would cut into its ability to conduct espionage against the russian military, or some of the financial institutions and its political institutions. people are going to be saying before you cut that deal, think about what the u.s. espionage activities you may be affecting. >> we've had a little success with the russians with the group of government experts at the you win. 20 experts. they agreed there are some basic rules of behavior in cyberspace that international law applies, that state should not attack the infrastructure of state steering piece time. how do you did fine critical structure? -- how do you define critical structure?

things the of the obama administration is going to do is send a signal that we will consider critical infrastructures including the voting system, that there is a line there. charlie: so they should say to the russians stop this because we have more we can do. >> there are certain behaviors that are going to be outside and some repercussions. charlie: what would be the repercussions? >> mostly will not see. already we are engaged in some disruption in russia. are we disrupting whatever the russian spies are doing themselves? are we sending signals through our own cyber operations that we could respond if we need to? given the interests we have with the russians now in syria, we are unlikely to use sanctions or other punitive measures.

noting they may have played some cards already that we haven't yet seen. there's a lot we don't know about how this evolves. we don't know exactly how the dnc figured out it had been hacked by the russians. it is possible they could have got a heads up. saying you guys should look at that. firm thatd in an ir was quick to put out the message it was russia. they called in other firms to confirm that and quickly the narrative became what's in the e-mails but who is doing it and why. that may be an effective counter to an operations to influence it. there's a possibility it has come back, there is scrutiny on donald trump and connections to russia.

there are some complex things. charlie: what do we know about donald trump and his connections to russia? >> people will point out a couple of things. strong business connections. , his campaign manager spent several years in the ukraine working for the president of the ukraine who once he was ejected from the , went ton the protests russia and is there now. that is a close relationship between man of fort -- paul manafort and connections to the kremlin. people are like what does this add up to the russians are trying to interfere in the u.s. elections on one side and not the other? >> there's been some good work on this and looked at some money that has flowed between russian

'sigarchs and some of trump financial interest. interestrect financial that coincide with the russian thatrchs or vladimir putin would explain why they are doing what they are doing. a better explanation might be that the russians looked at the field and don't have any love for hillary clinton and may have just decided and information operation like this is a way to confront the west, specifically the west without much the u.s. can do about it. >> that is an important part. a lot of operations are not a specific outcome. as long as you can create trust in undermine information, that is a positive

outcome. it may not be they thought we want trump to win. it may be enough to throw the election into chaos. that they would see that as a positive outcome. believe theyou russians are trying to influence the result of the american presidential election? >> the one big open question, the relationship between the hack and the leak. intelligence officials are trying to think through that. that is an important step in policy consequences and is there a direct attempt to influence an election? clearly this highlights for the american public importance of preserving the integrity of our electoral process from cyber think now they all have the spotlight. charlie: we just don't know. twice i don't think we know

publicly that critical link. in line with the other comments made it would not be unusual in the tradition of russian information operations for this activity to be undertaken but i think the jury is still out on this and you shouldn't leap to that conclusion until we know more. >> i agree. the evidence that there were russian actors and almost certainly linked to or part of the intelligence agencies who did the hack is very strong. the transmission of that making these public, who made that decision, who was in control, whether they may have been others who leaked the material, that is i think unclear at least to me and the people i have talked to. , this isoader question something the u.s. government is

going to have to act on pretty quickly in the next 90 days. it's a very decentralized system. every state does it differently. some are going to be more vulnerable than others. it is not as if some hacker could it around and come up with a way to manipulate the vote in the united states. they would have to go state-by-state and locality by locality. that would be different. charlie: thank you so much. thank you. pleasure to have you here. thank you. we'll be right back. stay with us. ♪

11, 19: on september terrorists use jetliners and guided missiles to kill 2977 people. that changed this nation's approach to national security. the u.s. has spent $1 trillion to prevent terrorist attacks. a new article by steven brill answers the question are we any safer? it is the cover story for the september story of "the atlantic." what made you pursue this? steven: i was curious to

document and see how we had done. i did a book in 2003 about the immediate aftermath and the standing of the department of homeland security. as a citizen i had not paid much attention to it. we had spent a timeout money -- timeout money. but the record might be interesting and mixed. the record is next. charlie: but it is clear we are safer. steven: we are stronger. we have more defenses because of the men and women who work at it every day. charlie: why doesn't that make us stronger? >> there are two things in the equation. offense. the offense has multiplied. it is much more diffuse.

we went into iraq and cause turmoil in that part of the world. many more threats, different kinds of threats and we haven't even completely responded to the threats we faced on 9/11. after the attacks there were the anthrax attacks. we haven't made progress we need in dealing with bioterrorism. charlie: but what happened in iraq was not the reason saddam -- osama bin laden attacked on us. >> that is the point. raising ofgratuitous the threats against us. justified asit not a response to 9/11 but it was counterproductive. charlie: because? >> it unleashed and destabilized

forces in the region. we face them in paris. you could argue because of the internet and medications we face them in san bernardino and orlando. getvidual loan wolves inspired. charlie: let's stay with that idea. 9/11, osamang, take bin laden wanted to lash out. a planned attack by him. one of the principal people in captivity. in terms of iraq, destabilize , because that war had the destabilizing effect it had it allowed terrorism to grow. of provided a bigger series people who wished us bad as well

as what else? steven: they also had a target. suddenly the americans were invading an islamic country. greatest dreams is to have the war with western civilization. charlie: with a have happened if we had not been to -- gone to iraq? steven: i don't know. terroristsal of the is the same. withre us into a war western civilization and the muslim religion. charlie: which is the argument of why we should respond to this . if we engage them in a land warfare we would play into their hands. >> if we even say we are at war with a religion, that is what they want us to say. president bush didn't take the

bait. president obama didn't take the bait. donald trump declares that war. charlie: and other people as well. steven: but he is running for president. charlie: there's been a divide between republicans and democrats. >> not national security republicans per se. my point is to understand whether you can make a distinction between not saying it is a war against islam and recognizing that you are fighting in most cases a radical extremist islam. steven: that is the exactly the distinction we have to make, that you just made. the distinction is in that the terrorists want to make. they want to declare war. int is what inspires people their basement somewhere.

the great satan west is declaring war on this religion. i'm one to show i'm joining the battle, i'm going to shoot up a nightclub. the answer to your first question, are we safer, no. , we aredone a lot stronger, we are tougher. you can't hijack airplanes. we have learned a lot of the lessons. there are now these new lessons to learn and some we can't prevent. we can't prevent them if we let anyone who wants to walk into a gun store and buy an assault rifle. that would help if we would do something about that. ,n the world in which our enemy the soviet union was deterred. we had missiles, they had missiles. we decided not to kill each other.

if your enemy is the people trying to kill you don't care if they die and can't be deterred and take glory in the notion they made time, if they have access to assault weapons, we are going to have more of the attacks we have seen lately. one of the things the president has tried to do is get the tontry to adjust to that, understand that and say it is not the end of the war -- world. we are doing everything we can to prevent it but in this world that is going to happen. the cliché was never again. say thet bush used to terrorists only have to be right once. we have to be right 100% of the time. you can't be right 100% of the time. charlie: most are surprised there have not been -- hasn't been an attack.

they point out there have been a number of times in which they were stopped. steven: i'm less surprise now that i'm looking at this and saying everything this administration and the bush administration have done to fortify our defenses. they have done a good job. charlie: you talked to james comey. you talked to a range of people. threat, terrorist organizations having weapons of mass destruction. steven: correct. lots of different weapons. terrorism, young can have a weapon that doesn't destroy masses of people but scares masses of people. that is what the dirty bomb i wrote about is. it is a standard explosive you lace with enough radiological material, which you can get at

any hospital in this city. it's not well secured. you mixing with a standard explosive. when police show up after a bomb goes off, in the middle of the town or washington radiation levels that they get is going to show that there is contamination. your definition of lethal? dc,ould show in washington they did a test, unless you evacuated all of downtown washington from the library of , oneess to the smithsonian person for every 10,000 people would die of cancer over the

next 5-10 years. that sounds pretty awful. person out of every 10 people. that sounds terrible except that if you do the math, if you have half a million people living around washington dc that adds to 50 extra deaths. i could prevent those deaths if i went into an office building and got people to quit smoking. the essence of a dirty bomb is everybody gets scared and says this is as dangerous as a superfund site. be the natural impulse. , if you look at it rationally we should not be that scared of it. one of the places i fault the

administrations, they have never had that discussion with the american people. this isn't as bad as it seems discussion is the afternoon after a dirty bomb goes off. that's not going to be credible. if you do it beforehand and get experts out there explaining it, that takes that weapon away from the terrorists. don't worry about that. you have an october surprise if you take it that the terrorists would like to have a donald trump presidency. because he's going to declare war on them which is what they want. in a logical step is they may want to disrupt the election. so trump is more favored. the way to do that is to scare more people. steven: it would work to the advantage of a truck candidacy? pungentthat is what the

-- pungendits seem to say. you should be scared and vote for me because secretary clinton is weak. the moment i take office, isis is gone. charlie: did you see today, president obama is a founder of isis? steven: who could explain that? i can't wait to hear him asked about it. is wee: my assumption withdrew from iraq, isis grew out of what we used to be al qaeda, iraq. steven: that is true. if we had never gone in there in the first place it would have started. that would be his argument. a lot of things happen.

let me stay with two notions. why do you think they haven't been able to explode a dirty bomb. how difficult is it to do it? steven: it's not that hard. it takes more expertise than getting an assault weapon and shooting of a nightclub. that is the one thing in all the reporting i did, what is the thing that hasn't happened you can understand why, the dirty bomb was the first thing everybody brought up. the answer is i don't know either but i don't feel comfortable that the past is prologue here. makeie: they would arguments about intelligence, more vigilant in terms to understand who it is. not the jobwe are when it comes to protecting radiological material. agencies in the

department and the obama administration. the nuclear regulatory commission regulates anyone who has any radiological material. they prescribed a security requirement. suggestencies, they counter proliferation methods people with this material to use. are 10 timesions as strong as the nrc regulations. they go around trying to persuade hospitals and logging companies, put locks on your doors, have alarms, but the nrc doesn't require any of it. charlie: why not? they are aause captive of the industry. ought toy saying you

do this and the agency that , literallythem says quoted in the article as saying we like to make suggestions, we don't like to be prescriptive. he's a regulatory authority. so we should be more safe and secure with respect to radioactive materials. we have not done that. charlie: therefore they are not as secure. they can get their hands on it. -- that ison is easy. is other thing is you can -- it easier to learn how to make a dirty bomb? steven: it is really not

complicated. i'm oversimplifying this a little bit but not much. you have an explosive. a standard explosive. you put this material in the same box. when it goes off it will disperse. it is not hard. it is hard to make a nuclear weapon. charlie: has anyone use a dirty bomb? steven: it has been tried. i don't know what the result was. done,ere have been tests tabletop exercises where they have mapped out contamination. contamination, the headline would be we are living on the superfund site. be, there isould more radiation out there but

it's not lethal to any significant number of people. charlie: the point you were making, the president was sensitive to this, this idea of not making this a war against islam. the president does this by not using the word war against islam . steven: correct. charlie: he also has said to a range of people we have a mindset here that you can't go out and explain more people are killed in other areas than terrorism. you can't do that and political dialogue. steven: he addresses that the article. there's a different sense of the year about this danger. i asked, why is there a

difference between someone who is mentally ill and goes to a gun store and buys an assault school, that is one kind of tragic event. the people against gun control except that as a fact of life in the united states. if the same person gets an assault rifle and as he is shooting yells out something in arabic, it becomes this apocalyptic event. it isesident says irrational but true. charlie: he also said you have to worry about the marginal stupid people. they motivate you. there are people trying to kill us. you have to worry about that. bouncing those threats is a challenge today. steven: that comes back to my

answer to your first question. are we safer? answer, we are not safer. as well as we have done, as much as we should credit all of those who are doing it, the kinds of threats of multiplied. we were thinking about shooting up a community service center in an bernardino and claiming terrorist group. charlie: some may or may not have had contact. steven: the person who shot president reagan was inspired by a moving. people were inspired by

terrorism. day, it isof the hard to tell the difference. i started just about a year ago, reading reports and testimony. charlie: you talked to the president. steven: i exchanged e-mails with the president. i talked to everybody. charlie: a whole range of people. is there a consensus? steven: twofold. there are certain things we haven't done enough to deal with and people are surprised we have not suffered from it. is thematic consensus threats of multiplied because somebody acting alone who is communicationline

or reading propaganda, that is that you cannot prevent and the pretension to that potential to scare us because when you do it the intent oface messageo send the nobody is safe, it can happen anywhere. bernardino was the game changer because it was such a random place. it was and any place. ♪ any place.n ♪

>> i am donnie deutsch. mark: i am mark halperin. -- the boy out of queens. >> go home to mama. go home to mama. and your mother is voting for trump. >> well now you brought my mother into it. ♪ mark: happy friday. the end of the week could not have come sooner for donald trump. it has been one of the worst in his presidential campaign, although maybe we are just saying that because we are members of the mainstream media.