♪ >> from our studios in new york city, this is "charlie rose." here, hejohn carlin is is stepping down as chief of the justice department's national security division october 15. he oversaw the prosecution of cyber criminals and 110 people on terrorism related charges. his prominent cases are prosecuted -- prosecutions involving chinese military and espionage. the u.s. is weighing in response to russia after accusing it of hacking the dnc and leaking

files in an attempt to influence the election. i am pleased to have john carlin at the table. mr. carlin: thanks, charlie. charlie: why are you leaving? like alin: it seemed natural break point. it has been nearly 20 years with the justice department. i had there. charlie: tremendously influenced by 9/11? mr. carlin: i am a new yorker, my family was in new york that day. i remember my father was underneath the world trade center in the subway on his way downtown. my brother-in-law was right across the street, looking out. charlie: he saw people jumping out? mr. carlin: he did. he got called up as one of the people helping to clean up the site afterwards, and i remember the feeling, as many do come out of wondering if your family members are safe and trying to call frantically to reach them. we were lucky that day.

many others were not. charlie: have we learned the lesson? mr. carlin: i think we have learned important lessons from that day, what it -- which is to forget not what -- never forget what happened. was created i lead as post-9/11 reform because of a failure to share information. charlie: from cia to fbi to nsa and others? mr. carlin: we weren't structured that way at the time. there were legal and cultural barriers. we now have the prosecutors sitting next to the intelligence lawyers, and it caused a change in mindset. success is no longer going to be measured by the successful prosecution of a terrorist after-the-fact. when families have lost loved ones. iscession is -- success measured by preventing the attack. you have to know what they know, and be creative, look across the

full set of legal tools so you are not wedded, if you were a prosecutor, to just doing prosecutions. let's think about everything we can do to keep terrorists from accomplishing their goal of killing people. charlie: what would be in the toolbox? mr. carlin: it could be a criminal prosecution, it could be diplomacy, could be a military strike or the use of treasury department sanctions to from gettingoups the finances they need. it could be using the commerce department to say, this company is doing this -- business with terrorists. have to be as nimble as the threat is and keep looking across the toolkit. charlie: who had the job before you? mr. carlin: lisa monaco. she is now the president's homeland terrorism advisor. formerly beenad

chief of staff for robert mueller, fbi director. mr. carlin: it was amazing. no one i have worked with is like him in terms of being dedicated to the task at hand. it gives -- makes him uniquely qualified. charlie: how did we determine the russians were behind the hack of the dnc, and perhaps john podesta as well? mr. carlin: thinking about this case, i go back to my first encounter with the obama administration, when i was at the fbi working with the director. we briefed both campaigns. we briefed the mccain campaign and the obama campaign, and the obama campaign sent dennis mcdonough, who became his chief of staff, and a guy who became the ambassador to south korea. we told both campaigns, you have been breached i china. your e-mails have been

compromised. we did so at the time and it was declassified later. i think how far we have come since then and the threat has changed. charlie: they didn't know they had been breached. mr. carlin: we knew, and we went to tell them. charlie: how did you know? mr. carlin: using sensitive sources and methods to collect the information. we couldn't tell them at the time how we knew, but we could tell them they had been breached and defensive steps they could take. at the time, we had known for a in particularna was committing economic espionage, and we were not saying that publicly. indidn't use the word china relation to the threat. that came later. it was treated as an intelligence problem, a secret issue. as it has for years when it came to spy versus spy. was, i wase, china

at the fbi, and i saw was on the intel side of the house. i had to do this as a prosecutor on the criminal side. that is plenty to do on side. i worked with a squad of agents, and occasionally, one of the agents would switch over to the intel side and the intel side ,as literally behind a locked secured door. agent would disappear behind the door and i would never see him again. it wasn't like i was banging on the door to get in, because there was plenty to do on the criminal side. when i came to the fbi, i opened the door and saw what was on the intelligence side of the house. it was amazing. atworked on getting better collecting intelligence, and we created a system where you could watch and a jumbotron screen into a actors hack university, hopped from the university into a company, then you would watch the data x filtrate out of the united states.

we were seeing intelligence, but we were losing billions of dollars in intellectual property, trade secrets. how have weear, changed since 9/11? we were not applying some of the changes we applied against the terrorists threat when it came to cyber. when i went to the department of justice, we still hadn't opened the door. we weren't sharing the intelligence with law enforcement, with victims to see how we could disrupt. to take a massive transformation in the justice department's approach to national security, cyber threats. charlie: that is how we know the russians were hacking the dnc and john podesta? mr. carlin: that is what led to , an approach where hundreds of prosecutors across the country were retrained and started working day in, day out, with the fbi agents and there were four major threat actors we were

up against. russia, china, north korea, iran. this is what the fbi said. once we started the new approach, the first one we used that we went after to do and investigation attribution and see what we could make public was china. that was a case that led to the first indictments of their kind in 2014, year after we did the transformation. we indicted five members of the people's liberation army. they were not doing traditional spy craft. what they were doing is, they were going into nuclear, solar, steel, going inside the company and stealing things like, one company was about to do a joint venture with a chinese company a bigger going to lease a pipe. right before the least the pipe, we watched members of the people's liberation army go into their systems and steal the design specifications for the pipe, or with solar, we watched

them go in and they stole the pricing information from the solar company so they could price.. thehey could price dump. uniformed members of the pla stole their litigation strategy when they sued. let's talk about that. in fact, what happened is that the united states came, basically said to china, you have to stop helping private companies have an advantage with respect to american companies. the chinese have agreed to do that? mr. carlin: that's right. the only reason is because we did a new approach that said number one, we can figure out who did it, so you think it is anonymous, you are wrong. number two, we made it public. in this case, in the form of an indictment. we showed we can impose consequences, we can figure out by name and face. the consequences in this case came in the form of a criminal indictment that led to an amazing experience where, right

before president obama was going to meet with the chinese president, they believed we were about to use a new executive order on sanctions. we got a call that the personal emissary of the president wanted to come to the united states, and he came with a crew of 35 people, and we hammered out over 4-5 days of negotiations, a so-called five-point agreement, one of which was for the first time, the chinese president said, it is wrong to use your military intelligence for this purpose. is some aspect, i was trying to get an interview with the chinese president at the time, there was a threat that maybe you wouldn't come if we couldn't work something out. if there would be sanctions imposed. can't tell you what fully motivated them to come and ve this president-setting new agreement, but they clearly were very concerned, and otherwise they wouldn't have sent over a

high-level delegation and made the agreement. because of the agreement, you saw the g-20 adopted as the new norm. the most recent or the earlier g-20? mr. carlin: the earlier g-20. it was not in china that year. this year, it was. .yberspace is the wild west if we will bring law to this new frontier, it will take agreements like that. that is one of the reasons we brought the case. charlie: when we say the russians are behind this, the u.s. government is pretty clear and pretty sure? that that is the fact? mr. carlin: they wouldn't say it unless we are highly, highly confident that it is so. that is the investigation attribute. --rlie: should we inspect and an indictment of russian individuals? mr. carlin: that is the part of the tools approach. it is important to figure out who did it, and number two, to

make it public. you have seen us do that here and say, it is the russians. if you are going to be able to deter, you have to make sure the world knows we can figure out who did it. third, to be public about the fact that there will be consequences. what the consequences are have buried depending on the threat -- have buried depending on the threat. it will be at the time and place of our choosing. you may be seeing different things. to talk about what happened, it was a surprise case with the north korean hack into sony. you will see an example of that approach. charlie: we were sure that the north koreans did it, they hacked into sony? mr. carlin: exactly. it was an amazing feat of intelligence and law enforcement. in less than 28 days, we reached a high level of confidence. that is because sony did the right thing and within 24 hours, had a team of the ei on site and

were working very closely -- fbi on site and were working very closely. we were trying in new approach. we got a call a national security. i have been doing this for a while. it would lookat like if a rogue nuclear-armed donation attacked the united states through cyber means. we never figured it would be a "the interview" about a bunch of pot smokers. mr. carlin: you had to brief -- charlie: you had to brief the president about the movie? mr. carlin: it is not easy to do, if you have seen the movie. charlie: levick affected go back to this. with respect to the russians, you know about the motivation of the north koreans. they were unhappy about a movie that they thought had smeared their leader. what is the motivation of the russians? mr. carlin: the china case was

to make money. they wanted to steal trade secrets. charlie: their companies are in competition with american companies. mr. carlin: exactly. they thought it would be cheaper to steal their research and development. with sony, they wanted to, in their society, you don't have political free expression. they didn't like what somebody said, so they wanted to prevent them from being able to say it by intimidating people out of saying what they think. it was an attack on our fundamental values. a third case, the third actor is iran, their attack on our financial institutions, which you can guess the motive, irani and actives -- actors wanted to hack an american institution for a political purpose. the russians, what we are seeing is, they want to undermine confidence in our

public election. that would be consistent with what we have seen them try to do in germany, in other parts of the world. charlie: how does the strategy work for them? is, canin: one question it work if you call it out? once people know they are trying to do it, it becomes harder for them to secretly try to influence an election or cause uncertainty. this is a country who, under its current leadership, is anti-democratic, fundamentally opposed to the idea of democracy. that is why it is important, if you try to undermine the election, that we publicly confronted and impose consequences. charlie: john podesta, whose werels work hacked -- hacked and released by wikileaks, what is the connection between russia's hackers and wikileaks? mr. carlin: i will not address the specific outside the

statement the director of national intelligence and homeland security put out. but i think what we do in terms of looking at the frame is, there will be a lot of mischievous that actors, ranging from those who want to undermine confidence in an election to terrorist groups who attack private companies to steal names to create kill lists, which is an actual case. important foris those in private industry, here is a case that looks like it is a routine criminal hack. companies everyday have intruders go into their system and it looks very unsophisticated. they steal names and addresses to make a buck. in this case, they stole a relatively small amount, and the vast majority of companies wouldn't reported to anybody. in this case, they reported it and the guy steals the names, then bribes and tries to blackmail the company and says give me $500 through

bitcoin or i will embarrass you by releasing the names. the vast majority of companies either would pay the $500 or decide to set -- handle it on their own. but they should report it. because they reported it and we worked together, it turns out on the back and it is not the low-level criminal that it looks like. instead of a crook, it is a kosovo extremist who has moved to malaysia and in conspiracy with other folks of -- in kosovo, he is responsible with hacking the u.s. trusted retail company. who is aup with a guy british-born terrorist who has raqqa.o rocca, syria -- the headquarters of isil. list ofthrough the stolen names to make a kill list, then he uses twitter, and now, whichat we face

is more complex than it ever has been, using twitter, american technology, he sends the kill list back to the united states and says, kill these people by name, by address, government employees, kill them. because we worked together, although it involves people of five nationalities and moves at the speed of ciber, we were able to take effective action. the suspect got arrested in malaysia and was brought to the u.s. he was sentenced to 20 years in prison. was living in the ungoverned space in syria was killed in a military strike. they didn't say whether it was by drone or airplane. is interesting is, you call this a blended threat. we are seeing more

of an overlap between criminal activity and what looks like criminal activity -- charlie: but it is something else. mr. carlin: either a national security threat or a terrorist group, which is concerning as we look forward. charlie: back to the russians. looking at your toolkit and saying you have a proportionate response, what are the possibilities? mr. carlin: we have publicly to find this approach on some we have used, we have used criminal indictments. charlie: and the names of individuals? mr. carlin: it requires names of individuals. in some cases, we have apprehended the individuals, a guy who was a chinese individual who traveled to canada, was in conspiracy with two people's liberation army members to hack extradition,fights comes to the u.s., is sentenced to over four years in prison in

california. these are real charges. another is the use of sanctions. we saw that with north korea. sitting when we were around the situation room table when it came to north korea, we realized a good thing in some respects is that it is north korea. we don't have an executive order to sanction individuals and companies the way we do those who would proliferate weapons of mass destruction. later that year, the president signed an executive order. that is another tool that is available now. chinese man,f the there's a company he worked with, and in addition to him being criminally prosecuted, the commerce department said, you can't do business with the company if you are in the u.s. without getting a special license. that is another tool that causes economic harm. charlie: does intelligence believe that in the russian case, they wanted to upset the american political system and confidence in a d? they denied it.

the foreign minister gave an --erview to cnn and say said, we would never do this. the other thing that is interesting is, whether it was connected to the highest leadership in russia. iran, orlican guard in does it go all the way to putin? charlie: i think -- mr. carlin: i think you will continue to see the intelligence assessment. charlie: with a dual without the approval -- mr. carlin: you can tell from our response, which is to be public, and to say that there will be consequences, though we believe the russian leadership is accountable for this activity. charlie: what happens if there warfare, and who is bold? one of the problems with cyber, you may not know the address of who your attacker is. correct? mr. carlin: that is true. but i also think we are much

better at investigation attribution of people. before we brought the china case, people said he would never be able to do it. it is too hard in cyber. and we showed that not only we could do it, but we showed activity like, their conduct started to increase at 9:00 a.m. in the morning beijing time, then it spiked from 9:00 until from 12:00decreased until 1:00 beijing time, lunch break. it went back up again from 1:00-six :00 and decreased overnight. luckily, they don't work the same hours as their u.s. counterparts, but it is their day job. that is evidence. ideas that they are doing it on a nine to 5:00 beijing time. it is not all bits and bytes. in the north korea-sony attack, it is one of the first time we brought in the same guys i work with when i did homicide and serial rapists. the behavioral analysts, the

specialists at the fbi who work at quantico, these profilers. they applied their tradecraft where they study psychology, but they also have someone who is a cyber expert, one of the first times they used him. they looked at, when the north koreans went into the sony system, if you think about it like a murder, there is malware you need to turn the computers into bricks. and to use that. i also did, -- they also did, they staged a crime scene. like serial killers will stage a they want 11 impact on those walk into the room. ae north korean hackers did splash screen, where they put up messages designed to intimidate those who were watching before the screens turned into bricks. that is a clue. use that skill set, combined with things like

actual analysis of the malware, to reach the high confidence conclusion that it was north korea. ♪

♪ at, if ithen you look is us versus them, are we especially vulnerable because so much of the united states is, for the lack of a better word, digitized? mr. carlin: we as a society move

from 25, 30 years ago, everything was paper. is not only electronic, it is digital and we are connected to the internet. we did so without, we systematically across the board are using a medium, the internet, that was not designed with security in mind. we systematically underestimated the risks, be it from crooks, terrorists, or spies. as a society, not just in the u.s., although we did it the fastest, the world is playing catch-up. and may be reconsidering. in one case, someone had their personal e-mail compromised, the ceo of a fortune 100 company said, i am putting a fax machine back in my office. so when it comes to, and we are just, think about it. in government time, we started this new approach of figuring

out to did it, making it public and imposing consequences in 2014, just a couple years ago. we have just reached the point now with russia where you -- we have named our major adversaries. -- are just beginning to bring deterrents to bear. as we do it, to your point, it would be a mistake to say they had us are cyber, so the only way we can respond is through cyber. that is where it comes to us choosing how we respond. charlie: economic and military. mr. carlin: and diplomatic tools,e, criminal, all ded to what works for the adversary. charlie: so you are trying to send a clear message, we know who you are and we have ways to respond that you will not like. so you continue to do this, we will then respond appropriately

and proportionally to make sure you stop? mr. carlin: that's right. that is important. each time we do it with a particular bad guy, whether it is iranian or chinese or north korean or russian, it is important not just to them but as we try to set up a world that we all want to live in, every time we do one of these actions, it sends a message to other states who are figuring out, what can i get away with in cyberspace? charlie: we know terrorists and extremists are using technology. we know they use it to recruit, we know they are sophisticated about it in terms of trying to keep their own phone conversations from being discovered. they are aware. what is the likelihood that they have the potential to seriously engage in hacking? mr. carlin: we have to take that seriously. just like, prior to september

11, they have told us they have the intent and we need to listen. dating back now five years ago, al qaeda, the head of al qaeda at the times called upon their adherence to call us -- causes much damage as they can. isolate is trying to do that, cause as much damage and fear as they can. what i worry about in terms of capabilities, we have right now system ofded echoes crime -- in ecosystem of crime. if you go on what's called the dark web -- charlie: describe it for the audience. mr. carlin: if you think about what you access on the web, it has an address that is locatable. if you google it, it shows up. the ip addresses, you can see them. you have to know where to look

that is not mapped. in the dark web, you have things like criminal groups who create essentially cyber weapons of mass destruction, like a bot net. under the thousands of compromised computers that a bad guy can turn into a weapon by hitting a command. what they do sometimes, that is how they did the attack on 46 financial institutions linked to iran. they launched a so-called denial of service attack, where they bombard your website was so much information, it becomes useless to hundreds of thousands of customers. tens ofost 10 min -- millions of dollars. the other way they can use it, there is a case, a criminal case, one of the groups created use the fact they that they had access to computers to put it malware in there.pto-locker it encrypts your files and they ,se that to blackmail you to

you can't access your files unless you pay money. in the case of a hospital, it is like or death. on the dark web, it looks on most like amazon or a commercial-level platform here. you can literally shop, like, i want to buy stolen credit cards or launch a denial of service attack. when i say it is like amazon, it has customer reviews. i bought from this crook, i found that these stolen ids were useful. another one might say, don't use it. when you think about, it doesn't take much imagination to think, what happens if terrorists get what the criminals have built? that is where i think we are in a race against time to improve our defenses and continue to try to deny and disrupt the ability

to do that. charlie: tell me more about the race against time. mr. carlin: if you think about the capacity of a sophisticated , the intent of terrorists to cause as much destruction as they can, if a terrorist can encrypt a hospital's records, they will not say, give me $10,000, they will do it to try to cause loss of life. we are to move faster than they can before they get the capability to pardon our defenses, which might mean not connecting things to the internet, and we need to, just like we tried to deny them other weapons of mass destruction, deny them the ability to get the use of those tools. charlie: you said it's about prevention. we are on the cusp of a major societal transformation. as it was when we digitized information, we are moving towards the internet of things. think about cars. this will be a big of transformation as going from a

horse and buggy to a car. cartyou go from a driven with driverless car, the estimates are 70% of the cars on the road in 2020 will be computers on wheels. hackie: and if you can that computer, you can send that car anywhere you wanted to go. mr. carlin: think about one ce.rorist in one truck in ni make the same mistake when we moved our information from analog to digital, where we were playing catch-up. when it comes to cars and trucks and missiles, planes, drones, the internet of things, ,acemakers in people's bodies we have to build security on the front end by design. charlie: if they can attack your pacemaker, they can kill you. mr. carlin: it is good people trying to do the right thing in the beginning. a lot of these companies are

focused on making it work. they are not thinking about, what if someone intentionally tried to abuse at? the crook or the terrorists. that is a mindset we need to change. charlie: you said at one point, and maybe this is what you're talking about, the question of cyber is security versus security. mr. carlin: i do believe that. by that i mean, when we think through the higher issues, like can you, is there certain information you ought to be able to obtain by a court order, and what should a company's responsibility be in making its information accessible to the court order, i sympathize with, we strongly preach the benefits of encryption. we want to keep information secure. we wouldn't want even the government without proper legal process to go in. designing a system so that it is secure both from the bad guys

who want to steal or destroy your information, and secure as in a safe place to keep terrorists from abusing it to keep -- two commit terrorist acts. charlie: can you design a system that will give law enforcement access? can they design a system, i mean silicon valley? that would give law enforcement time,, and at the same not destroy all of the concerns that so -- that silicon valley has articulated in the conflict. mr. carlin: i am optimistic when you think about the amazing -- charlie: optimistic that you can? mr. carlin: that we can innovate our way out of this. when you think about, right now, this is a strange analogy but i grew up in new york and i remember the old "saturday night live" skit. there is a guy on the subway,

and he gets stabbed as he is being interviewed and the radio guy is like, you have been stabbed. did you make eye contact? yes. what do you expect? it is new york. was.is the way it that was our expectation. now, it is laughable because it has changed. we see -- we feel safe on the streets. in ciber, if you get hacked, the first question people ask, what did the company do wrong? canlie: people say, if they get john podesta and john brennan and the u.s. government and the pentagon, they can get me. mr. carlin: that is true. .ffense outstrips defense a criminal group can get into an internet connected system if they want to. it may take persistence, but they can get in. your information is fundamentally not going to be safe on an internet-connected system it you are relying on buy tool that you can

keep someone from getting inside. that doesn't mean we don't want theaise the cost so only most sophisticated actors can do it. you want to keep the low-level guys out. 80% of the breaches we are use known people patches, they could've prevented. we are trying to increase customer safety that way, but at the same time, you have to make some fundamental decisions right now, which is, should it be on a internet connected system at all ? if it is, assuming someone can get in, let's say you are a company and your intellectual property, if you know that a dedicated bad guy can get in, maybe i don't put it in my system in a folder called "crown jewels." i will put them somewhere else where you have to have an insider to know how to access it. crown jewels, maybe i will put something that doesn't work in there. go steal it, waste money, and

that is another way of increasing the cost to try to decrease this behavior. charlie: how much do you fear that there may be other snowdons at the nsa? that there is someone else being questioned within the nsa who came from a consulting firm? mr. carlin:6 the insider threat is something we have to take seriously in government, because defending against those that you trust is going to be the hardest challenge, and it is also something that private business and industry need to be concerned about, which means monitoring in some instance, changes in behavior that might be a tip that someone is an insider. also, building your systems in such a way that one individual doesn't have access to anything, so they are -- there are extra controls. it is a challenge. something that brings forth the journalistic question,

what do you lose sleep over? what worries you the most today? mr. carlin: we are in an unprecedented terrorist threat. again, this is new technology, adversary, new technology. they have effectively crowd sourced terrorism. when i was doing the al qaeda threat, and don't get me wrong, al qaeda is still determined to attack onex threat the scale of september 11, centrally directed. they are still trying to do that. charlie: how? plot and planey with trained, embedded operatives overseas, and are looking for space to do that, whether it is yemen and the arabian peninsula, or syria or afghanistan. we have seen the crowdsourcing , 4014, 2015. the islamic state in the labonte

started to exploit social media -- in the levant started explaining social media and putting up massive amounts of propaganda that looks as slick as a commercially produced advertisement. it is easy to do that. they used distribution platforms of they can use for free, twitter, google, and they blasted the message targeting our young people, targeting unstable,are mentally and tried to turn them in to human weapons. these are not people who really understand the ideology. vulnerable, so what we are seeing inside the u.s., since they switched to the crowdsourcing of terrorism, our division has coordinated cases across the country, brought over 110 terrorism-linked cases in 35 different u.s. attorneys offices , and we have open investigations in all 50 states.

it is not confined to one geographic area or ethnic group. the common factor in a most every case is, number one, they involve social media, and number to come at the age of the defendant. over half are 25 or younger. are 21 or younger. that has never been the case for a terrorism defendant. ♪

♪ we been at all successful in trying to counter the argument on the internet that causes those people who might be susceptible to act? mr. carlin: i think there is, we are not done. we need to continue to come up with new approaches until we do. one of those is to call upon the private sector. i had a strange conference at nationalwith a security guy. we hosted hollywood producers, madison avenue types, internet service providers and to nonprofits. we walked them through the threats. we were there to convene and educate. since then, you have seen companies like facebook launch initiatives like here to hear, that are encouraging college -- eer encouraging college

students to create content that will counter this. it has to come from communities and from voices that are trusted. i will not be a great messenger to the 21-year-old or younger who is disaffected and they are aiming to target. two things. three things. tactically, we have to keep working hard, because it is difficult work to ring these cases so innocent lives are lost. strategically, we have to beat them where they are, working with the coalition to defeat them so they lose territory in syria and iraq. number three, we have to figure out a way, because look. fundamentally, once you get over there, they are raping people and murdering people with impunity. a are selling women and children into slavery. it is a war of ideas we should be able to win. charlie: james comey says he

worries about the diaspora of terrorism as isis loses power and territory. major battles are looming in raqqa.ll -- mosul and figure sending them wherever passports will allow them to go. how big of a thread -- threat is that? foreignin: when it was terrorist fighters, before they said, kill where you live, one of our chief concerns has been those who grew up in our culture to kill,oad, learning learning to make bombs, and are sent back to the u.s. if we are successful, and we need to be over there, to deny syria, we have to be watchful of people flowing back in. charlie: another term, domestic antiterrorist government agents.

what does that mean? mr. carlin: generally, we have to worry about terror wrist -- terrorists regardless of their motivation. in this job, one of the things that is hardest that also keeps you motivated is, i attend a lot of memorial service. when i went to two years ago was the 20th memial of the oklahoma city bombing. charlie: that was clearly domestic terrorism. motivation was grievances right here inside the united states. you are with those families, and they bombed a day care center. it feels, sll, so raw to those lost children on that day. we cannot allow that to happen sure, and we have to make that, as serious as the international terrorism threat is, and it is, that we also address those who might have a different set of motivations.

there was a group that was going to look at these issues that was actually set up post-oklahoma city that was supposed to meet the morning of september 11. they didn't meet that day. a domestic terrorism executive council. one thing we have done is make sure that group starts meeting again, and have someone who is a coordinator who can take a look at the patterns and lessons we can learn. the sense was, from the u.s. attorneys offices across the country, and from the fbi and others looking at this threat, that it is on the rise. we need to make sure we adapt quickly. republic sent critics of the administration try to make a lot of the timing of the iran ransom payment and the release of prisoners. it is said that you appreciated the optics of that and argued against it. mr. carlin: one thing i think it ,s -- i think is important

regardless of the issue, is that , what i have found inside the executive branch, they have a bunch of people who are serious about confronting the same threats, and they want to do it in different ways. we have frank discussions, and in those discussions, you have a bunch of viewpoints. in general, my view is the one that prevails. sometimes it isn't, but i think it is important that we do not lose the ability to have those conversations, and in the long run, it leads to the right decisions. this is one of the reasons i will not talk about confrontations -- conversations i have. thatie: it was reported you were against the timing of the ransom payment. talking about the clinton investigation, which didn't get to the justice department, because the fbi director chose not to recommend prosecution in

that case. i realize you can't speak to that, but you can speak to the idea that we have been talking about. why were clinton aides granted immunity? will not talk about that investigation. as a general rule, either we have immunity, when we bring prosecution, we bring the prosecution, and if we don't, we move on and don't talk about it. that is the approach i will apply to any investigation over the years. charlie: even though i was , when you law school grant somebody immunity, you are saying we will not prosecute because we hope you will tell the truth? mr. carlin: there are lots of types of immunity. is type that gets, that called the active production immunity, you give over a , and the fact that you gave the document can't be

used against you. it is not immunity from prosecution. there is testimonial immunity, where if you provide information, then the information that you provide, if it's truthful, can't be used against you, but it doesn't general immunity. i think it is important to keep straight what it might be in the different types of cases. charlie: this respect, you said that if someone hacks -- wants to hack somebody, they can do it. if they want to hack hillary clinton server, they could've done it? mr. carlin: a sophisticated nationstate could've done it. charlie: would there be evidence if they did it? , therelin: that is where are different ways.

you are good, charlie. i will not talk about it or speculate about the investigation. let me tell you more generally. we talked a lot about september 11. there is a lot of distress these days of institutions generally, one thing that has been an incredible opportunity for which i feel grateful is to work day in and day out, if you remember the feeling, as terrible as it was, right after september 11 in the weeks and months to come, we felt as a country, so unified. we knew the enemy was. it was the terrorists who were trying to kill us. the world was unified. charlie: they were clear, that is what they wanted to do. mr. carlin: they were attacking us because of who we were. it brought us together and we put aside a lot of petty differences. in the national security division, with the people we work with with the fbi and other parts of the community, everyday

is like that. there is nothing that focuses your mind more than when you , a literalhere are group, and you say it so literally, they are using, they are recruiting people using rape as a means to get them to join the group. they are burning people alive. they are beheading people slowly. they are selling women and children into slavery, and trying to kill us. that focuses you. the group i work with day in and true careery are professionals and what motivates them is protecting their families and the families who don't know what they are doing from groups like that. that is what is motivating them when they work. they could care less about politics or any of the other, not as though that's not important -- charlie: -- the investigation into sex -- secretary clinton -- mr. carlin: i'm not going to

talk about -- charlie: my question was, if you had been hacked, would you know? would they be so sophisticated that they could hold it for a different time? mr. carlin: i think we are a lot better -- charlie: talking about capabilities. mr. carlin: we are a lot better at investigation of attributes than people think. that is true when we work together, business, victims, private victims, and government put our information together. that allowed us to get china, north korea, iran, russia. you had to have high confidence that they did it before you publicly said so. if you didn't want to make a mistake. you have to be right. or your judgment will be called into question. mr. carlin: when we bring a

criminal charge, we have to believe that we can prove it beyond a reasonable doubt in front of a jury, which is higher than high confidence, given the right figure. charlie: several things before we close. number one, you were chief of staff or robert miller. what did you learn from him? he was a man of integrity and respect. mr. carlin: every day, i think of different lessons that i learned from him, which would embarrass him. one thing about him was, he had a tremendous confidence to make decisions after careful study of an issue. he also had a humility about his role, and he thought constantly about, i may have an opinion about something, but i am the director of the f ei. the fbi. is this appropriate for me to weigh in on? he had respect for the fact that sometimes, on these policy decisions, a decision can be made that is different from where he was and his job was to

execute it as long as it was a lawful decision. ♪

mark: i'm mark halperin. john: and i'm john heilemann. and "with all due respect" to rudy giuliani, you're not the world's best headline writer, but you aren't the worst. >> front page of "the times" -- hillary clinton admits she is a liar. subtext for $250,000. >> it's the end of the world we know it, but it's a little long. the doomsday falls flat as citizens spend a fine evening in the park. ♪