you a company should be looking to the industry standards that can be very valuable and that would be certainly one factor that we would examine invoking. >> you make the point that the fact the breach occurs is something they violated the law and they need not have perfect security yet we have been told it is not likely any companies such as the standard that suffers the breach would be found to be 100% compliant at the time of the breach. while they provide an admirable push to keep the companies vigilant would there be problems with making the federal statement enforced by the ftc if it is setting up the business is to fail because it results in possible fines and violations of the standards? ..

suggests that companies do need to do more in this area. >> i yield back. >> thank you. at this time we recognize the gentleman from florida, mr. bilirakis, for five minutes. >> thank you, mr. chairman. i appreciate very much and they thank the panel for their testimony. this is for the entire panel. data often those without respect to borders, as you know. mr. russo notes in his testimony that championing stronger law enforcement efforts worldwide

can improve payment data security. mr. noonan, in your testimony mention successful cooperation with law enforcement into these investigations into these cyber crimes. would you as well as mr. zelvin expand on what you believe congress can do to enhance those international efforts going forward? is there a role for examination of this issue in future trade discussion such as the transatlantic trade and investment partnership? >> i would recommend the continued support for our efforts in our international field offices, as well as the other working groups in which we are placing strategically around the world. we've had a lot of great success in some of those eastern european countries within the last two years. we've had some great successes. we've had an extradition of a

romanian citizen from romania to the united states based on the collaboration that we have made here between romanian authorities and u.s. authorities. a big part of that is the relationships that the doj has also expanded in those different countries. the computer crimes, intellectual property section as was the office of international affairs have helped us in strategically working with those different countries to bring criminals are affecting us here domestically to justice. >> thank you. mr. zelvin. >> yes, sir. my organization is not a law enforcement or an intelligence organization. we are purely civilian and we have a relationship with over 200 around the world. so it's a technical to technical exchange. last week i was in tel aviv and in london, and i got to see firsthand what our counterparts are. they're making extraordinary

progress but in many cases we are leading the way, special and governments role in cybersecurity. so i think a continued engagement because as mr. noonan had said, many of these threats are coming from overseas. many come from with their own country but it would be far better if we could engage whether international partners and ask them to use their legal means to go after these threats. and then also provide the ability to cooperate with the such as when we find an attrition in the country to get them to shut it down if they have the legal ability. >> anyone else would like to comment on that? >> just briefly come in for me. i think international cooperation is a very important dimension. this issue, and we engage in international counterparts in all of the enforcement work that we do. this would be among them. >> thank you. thank you very much. next question for chairwoman ramirez. i represent the 12th

congressional district. while more and more seniors are becoming technologically adept, how would you recommend notifying seniors of a data data breach in a to time and then if they're not reachable by e-mail? >> -- in a timely manner. i think it's an issue we're happy to work with you on. i think seniors are becoming more adept at the know but, of course, e-mail is not an option, e-mail notification would be appropriate. but we are happy to work with the committee on addressing this and other issues. we do look and have recently held a workshop on issues relating to senior id theft and understand that this population can be particularly vulnerable to the set of issues. i think mail notification would be one option but there may be other ideas and would be happy to discuss those with you. >> i'd like to work with you on that. thank you very much. i yield back. >> at this time the gentleman from west virginia is recognized

for five minutes. >> thank you, mr. chairman. i think we're going to have to go through an awful lot of information that has been shared today, so want to switch horses. i think we've got something that we can chew on for a little bit. i want to switch horses a little bit to understand about what's happening with the data security with the affordable care act. if i could. so mr. noonan, mr. zelvin, if you to participate with us, maybe you can help me. in december the hhs has report that there were 30 to security incidents, maybe you could say slashed breaches have occurred with obamacare. worthy individuals notified? do know whether not the individuals were notified? >> congressman, i apologize, i'm not familiar with that. we can get back to you. >> if you would please.

mr. noonan, do you know anything about those breaches that occurred with obama there? >> the same with me. i don't have any knowledge of those breaches. >> if they were, given the standard that we have proposed on the private sector, should they, should individuals be notified if there are breaches within the federal health care? >> yes, sir. if there are breaches they should be reported and people should have the opportuniopportuni ty to know about that and also take adequate precautions. >> mr. noonan? >> i would concur as well. >> there's also a report that came out that some of the software that was developed for the obamacare, was developed in belarus, and there are reports that there may be some concern for my where being included in that -- malware. where are we in that a violation? because obviously the people are

still signing up and meet -- and we may have something is condemning our system. can any of you share with us was going on international? >> i can do what i know from last night and this morning. things may change but the intelligence products that was on that report has been withdrawn and is being reevaluated. i believe the white house did statement saying that there's no evidence, that there's been any validation software development in hhs but hhs is looking at this carefully and verifying that. so i believe that's where we are right now. >> so it may have been someone just -- >> there was someone who did report that is being reevaluated and so i think there is some more investigation to be done before we reach conclusions. >> can you get back to us on that and as to whether or not there is any? i didn't understand why we had any of our software developed in belarus anyway. if there's something to cheer i would sure like to understand that. >> absolutely. to the best of my notes there was no software that was developed in belarus and hhs is

looking at it carefully. >> illinois, i can see her name tag here on the thing but could you -- is the state of illinois ever had a data breach? >> yes. and, in fact, in our law there is a requirement that state agencies notify individuals when their personal information has been compromised. >> i do use some kind of encryption extensively? do you have someone continue use for your data? >> different agencies will handle it different ways, but they are -- there are requirements in terms of how data is handled for state agencies. >> thank you very much. i yield back. >> no other members are here, therefore, that ends panel number one. i do want to follow-up. so the talk about the criminal syndicate, there was a story that there was an 18 year-old russian boy that developed in

his basement this malware. is that accurate? >> don't believe everything you see in the media. [laughter] >> i learned that, too. thank you. the first panel is dismissed, and we thank you. we may have questions submitted to you. we'll have those to you within about 14 days, if there are any come in we would appreciate about a 14 day turnaround in answers. thank you. we will give a few minutes break year so we can water, get some water or something and then we'll be ready for our panel, second panel. [inaudible conversations]

>> welcome. if everyone is seated, let's go. so i apologize. i was hopeful that that first panel would not last this long, but it did. so thank you, and i hope it doesn't impact your rest of the schedule for the day. but appreciate you staying around. so, our second panel of the day is the nongovernment panel. we have michael kingston, senior vice president and chief information officer of neiman marcus group.

been john mulligan, executive vice president and chief financial officer, target brands, incorporated. bob russo, general manager of pci security standards council. and then philip smith, senior vice president for trust way. thank you all for being here today. as we did with the first panel we were going from my left. so mr. mulligan, you will start and you will have eyed minutes. >> good morning, chairman kerry, ranking member, and members of the subcommittee. my name is john mulligan and an executive vice president and chief financial officer of target. i appreciate the opportunity to hear today to discuss important issues surrounding data breaches and cybercrime. as you know target recently spent a data breach resulted from a criminal attack on our systems. to begin with let me set deeply sorry we are for the impact this incident has had on our guests, your constituents. we know this breaches shaken their confidence in target and

we are determined to work hard to earn it back. at dark we take are responsibly to our guests very seriously. this attack is like strengthened our resolve. we will learn from this incident and as a result we'll to make target and our industry more secure for consumers in the future. i went down like a splendid its of the breach as i currently understand them. please recognize i may not be able to provide specifics on certain matters because the criminal and forensic investigations remain active and ongoing. we are working closely with the secret service and department of justice to help them bring to justice the criminals who committed this wide skill attack on target, american businesses and consumers. on the evening of december 12, we were notified by the justice department of suspicious activity involving payment cards used at target stores. we started an internal investigation. on december 13, we met with the justice department and secret service. on december 14, we hired an

independent team of experts to lead a thorough forensics investigation. on december 15, we confirmed that criminals had infiltrated our system, had installed malware honor point is a network and a potentially stoned guest payment card data. that same day we removed the malware from virtually all registers in our u.s. stores. over the next two days would begin notifying the payment processors and card networks preparing to notify our guests and equipping our call centers and stores with the necessary information and resources to address the concerns of our guests. our actions an outdoor public announcement on december 19, and since, have been guided by the principle of serving our guests and we be moving as good as possible to share accurate and actionable information with the public. what we know today is that the breach affected two types of data here payment card data which affected approximately 40 million, and certain personal data which affected up to 70 million guests to we believe the payment card data was accesseaccessed through malwaree

are point-of-sale registers. the malware was designed to capture the payment card data that resides o on the magnetic strip on our to its encryption within our systems. from the outset our response to the breach has been focused on supporting our guests and strengthening our security. in addition to the immediate steps i described, we are taking the following concrete actions. first, we are undertaking and ended in forensic review of our entire network and will make security enhancements as appropriate. second, we increased fraud detection for our target red carcard guess. today we're not seeing any fraud on our proprietary credit and debit cards due to this breach. we've only seen a very low amount of additional fraud on our target visa card. third, we are reissuing target and debit and credit cards immediately to any guests who request one. forth, we are offering one year of free credit monitoring and identity theft protection to anyone who's ever shopped in our u.s. target stores. fifth, we informed i guess they

have zero liability for any fraudulent charges on the cards are rising from this incident. six, target is accelerating our chip technology for target red d cards and are stored point-of-sale terminals. for many years party has invested significant capital and resources in security technology, personnel. we've placed multiple layers of protection including firewall, malware detection, intrusion detection and prevention capabilities and data loss prevention tools. the unfortunate reality is that we suffered a breach. all businesses and their customers are facing increasingly sophisticated threats from cyber criminals. news reports have indicate indit several of the companies have been subjected to similar attacks. to prevent this and happening again, none of us can go it alone. we need to work together. updating payment card technology and strengthening protections for american consumers is a shared responsibility and requires a collective and coordinated response. on behalf of target i am

committing we will be an active part of the solution. members of the subcommittee, i want to once again reiterate how sorry we are for the impact of this incident has had on your constituents, our guests, and how committed we are to making it right. thank you for your time today. >> thank you. mr. kingston, you are not recognized for five minutes. >> chairman kerry, ranking member schakowsky, members of the subcommittee. good morning. my name is michael kingston and i'm chief information officer at neiman marcus group. i want to thank you for your invitation to appear today to share with you our expenses regarding the recent criminal cybersecurity incident at our company. i have submitted a longer written statement and appreciate the opportunity to make some brief opening remarks. we are in the midst of an ongoing forensic investigation that has revealed a cyber attack using very sophisticated malware. from the moment i learned there might be a compromise of payment card information involving our company, i have personally led the effort to ensure that we are

acting swiftly, thoroughly, and responsibly to determine whether such a compromise had occurred, to protect our customers and the security of our systems, and to assist law enforcement and capturing the criminals. because our investigation is ongoing i may be limited in my ability to speak definitively or with specificity on some issues, and there may be some questions to which i do not have the answers. nevertheless, it is important to us as a company to make ourselves available to you to provide whatever information we can to assist you in your important work. our company was founded 107 years ago. one of our founding principles is based on delivering exceptional service to our customers in building long lasting relationships with them at a stand of generations. we take this commitment to our customers very seriously. it is part of who we are and what we do daily to distinguish ourselves from other retailers. we have never before been subjected to any sort of

significant cybersecurity intrusion so we have been particularly disturbed by this incident. through our ongoing forensic investigation we've learned that the malware which penetrated our system was exceedingly sophisticated, a conclusion that the secret service has confirmed. a recent report prepared by the secret service crystallized the problem when they concluded that a specific type of malware, comparable and perhaps even less sophisticated than one in our case, according to our investigators had a 0% detection rate and antivirus software. the malware was evidently able to capture payment card data in real-time after a card was swiped and has sophisticated features that made it particularly difficult to detect, including some that were specifically customized to fit our multilayered security architecture that provided strong protection of our systems and customer data. because of the malware's specific dated anti-detection devices we did not learn we had

an actual problem in our computer system into january 2 and it was not until january 6 when the malware and its outputs have been disassembled and decrypted enough that we are able to determine that it was able to operate in our systems. then disabling it to ensure it was not so operating took until january 10 year that day we sent our first notices to customers potentially affected and made widely reported public statements describing what we knew at that point about this incident. simply put, prior to genuine second despite our immediate efforts to have two separate firms of forensic investigators dig into our systems in an attempt to find any data security compromise, no data security compromise in our systems have been identified. based on the current state of evidence in the ongoing investigation, one, it now appears that the customer information that was potentially exposed to the malware was payment card information and transactions and 77 of our 85

stores between july 15 and october 30, 2013, at different periods of time within this date range in each store. number two, the number of payment cards used at all stores during this period is approximately 1.1 million. this is the maximum number of accounts potentially exposed to the malware. although the actual number of peers to be lower since the malware was not active every day at every store during this period. three, we have no identification that transactions on a website or at a restaurant where compromise. number four, india was not compromised as we do not have been dads and we did not request 10. and five, there is no indication that social sturdy numbers or other personal information were exposed in any way. we have also offered to any customer who shops -- shop with us at the last year in neiman marcus stores website, whether card was exposed to the malware

or not, one year of free credit monitoring and dignity theft insurance. we will continue to provide the excellent service to our customers that is our hallmark, and they know that the way we responded to the situation is consistent with that commitment. thank you for your invitation to testify today, and i look forward to answering your questions. >> this derisive, you are recognized for five minutes. >> my name is bob russo and the general manager of pci speeds can you pull the microphone a little closer to you? >> it's on now. spent and a little closer. >> my name is bob russo and on the general manager of the pci security standards council, global industry initiative and membership organization focused on securing payment card data. out approach to an effective security program combines people, process and technology as key parts of payment card data protection. we believe the development of standards to protect payment card data is something the

private sector and in particular pci is uniquely qualified to do. the global reach, expertise, flexibility of pci make it extremely effective. our community of over 1000 of the world businesses is tackling data security challenges from simple issues like password, in fact, password is still the most commonly used passwords out there to really complicated issues like proper encryption. we understand consumers are upset when their payment card data is put at risk, and we know the harm caused by data breaches. the council was created to proactively protect consumers payment card data. our standards represent a solid foundation for a multilayered security approach. with focus on removing card data, if it is no longer needed. simply put, e.g. don't need it, don't store it. if it is needed, then protected

and reduced incentive for criminals to steal it. let me tell you how we do that. that it is the duty standard is built on 12 principles. capturing everything from physical security to logical security. this standard is updated regularly through feedback from our global community. in addition, we have developed other standards that cover software, point of sale devices, secure manufacturing of cars, and much, much more. we work on technologies like tokenization and point-to-point encryption. tokenization and point-to-point encryption work in concert with pci standards to offer additional protections. another technology, env chip is an extremely effective method of reducing card fraud in a face-to-face environment. that's why the council supports its adoption in the u.s. through organizations such as the emb migration forum and our standards support emv today and of the worldwide market. however, it is only one piece of

the puzzle. to move the emv and to do no more would not solve this problem. additional controls are needed to protect the integrity of payment, online and in other challenges but these include encryption, tamper resistant devices, malware protection, network marketin monitoring and, much more. these are all addressed in the pci standards. used together, emv chip and pc i can provide strong protections for payment card data. but effective security requires more than just standards. standards without supporting programs are only tools and not solutions. the council training and certification programs have educated tens of thousands of individuals and make it easy for businesses to choose products that have been lab tested and certified as secure. finally, we conduct global campaigns to raise awareness of

payment card security. we welcome the committee's attention to this critical issue. the recent compromises underscore the importance of a multilayered approach to payment card security, and there are clear ways in which we think the government can help. for example, leading stronger law enforcement efforts worldwide by encouraging stiff penalties for these crimes. promoting information sharing between the public and private sector also merits attention. the council is an active collaborator with government. we worked with dhs, with many government organizations. we are ready and willing to do much more. the recent breaches underscore the complex nature of the payment card security, a multifaceted program not be solved by a single technology, standard, mandate or regulation. it cannot be solved by a single sector of society. we must work together to protect the financial and privacy

interests of consumers. today, as this committee focuses on recent breaches, we know that the criminals are focusing on inventing the next attack. there's no time to waste. and pci security standards council and business must continue to provide a multilayered security protection while congress leads the efforts to combat global cyber crimes that threaten us. we thank the committee for taking the leadership role in seeking solutions to one of the largest security concerns of our time. >> thank you. mr. smith, you are now recognized for five minutes. >> good morning, chairman terry, ranking member schakowsky, ladies and gentlemen, do what you think for the opportunity a path of trust way to provide witness testimony on this important issue related to data breaches. my law enforcement experience in this includes investigation prosecution of criminal, credit

card fraud, access device fraud and counterfeiting. i left the justice department in 2000 to join trust wave in compliance services and technology company. i couldn't reserve on trust wave's executive team as senior vice president and general counsel for 12 years. business and government agencies higher trust way to fight cyber crime, protected and reduce risk. trust with its customers ranging from the world's largest multinational companies to small and medium-sized businesses in 96 country. we specialize in the following areas. compliance and risk management, manage and cloud-based secure the services of the threat intelligence, ethical hacking, security research and we also trained law enforcement to investigate network intrusion and data breach cases. today i would offer our observations and the conditions related to data breach and broader information security trends. it's important as the company we do not comment or speculate on specific data breaches and assets will not be offering testimony today related to

companies involved in the latest string of data breaches. a believer companies experience in investigating thousands of data breaches over the past several years ou are advanced security research and intelligence gleaned from our footprint will be a value to you and the industry as a whole. my submitted written testimony discusses how hard it is on, and why businesses must go beyond pci for increased security and technologies and processes that can help your what i don't have time to discuss each topic in depth i would like to highlight a few items. each year our company published statistics and observations from real-world data breach investigations. the focus of the report is around cybercrime. states -- most of them follow patterns as described by citizens. 2013 global security report highlights data, our experts and lesser more than 450 data breach incidents response investigation locations, thousands of penetration test, millions of

websites, tens of billions of events. the report states the retail industry was a top target in 2012 making up 45% of our investigation. food and beverage industry was second followed by the hospitality industry. those did not change in 2013. cardholder data was the primary target. mobile malware increased 400% in 2012. 73% of the victims were located in the united states. almost all of the point is a breach investigations involve targeted malware. to this is an average of 210 days to detect a breach. most took more than 90 days. 5% took more than three years. only 24% detected the intrusion himself. most were informed by law enforcement. web applications emerged the most popular attack sector. e-commerce sites being the most targeted asset. weak passwords with password one

being the most password a choice. i'm running out of time where i talk about many different security airs as part of a defense in depth strategy where i can recommend multiple layers of defense, response and ongoing training. would however make the following observation. pci data security standard plays a critical role as it is increased awareness around security data, securing did in the payment industry. the threat landscape is more complex than ever and keeping up with complying with the standards simply isn't enough. common misperception at pci was designed to be a catchall for secure. we believe it serves as a good baseline for security giving businesses guidelines for basic security controls to protect cardholder data. we've heard discussions today about chip and pin and end-to-end encryption and other technologies and these are all good but there's no silver bullet. a multilayered approach to security involves people, process, technology and innovation. i would take these few minutes to highlight three particular once.

business template and incident response plan includes advanced production techniques, containment strategies and response technology. web applications are high-value target for attackers because they are easily accessible over the net. web applications are often at businesses front door and often connected to systems that contain private data while monitoring more than 2000 website our researches and 16,000 attacks occur on web applications per day. this is why businesses need to adopt protections that include the ability to detect vulnerability and prevent web applications. obviously, and i malware is a big issue here and what companies need to do is to defend against this is to deploy gateways. and i stress this is not antivirus technology. this is the we specifically to help protect business in real-time from threats like malware and data loss. i want to thank the chairman and ranking member schakowsky for the opportunity to be here, and happy to answer any questions. >> think you, mr. smith.

and that does conclude the testimony of our panel, and now it's time for us to ask you questions. and i get to go first so i recognize myself for five minutes. mr. smith, based on your professional opinion in this industry, aren't we, the united states, suffering and increased onslaught of data breaches and attacks? or is it just simply we are paying more attention in the media? >> we are suffering more attacks, that's for sure. >> can you quantify that in any way? you know how many speed was a number? i can only speak for our company and how many we are involved in each year, which involves a number of different investigations as well as multinational locations within -- >> do you have an opinion why that's increased, the number of attacks have increased? >> i think anytime there something of value, and the web

now, gives the ability for these multinational attacks to occur from anywhere in the world. so as the technology increases, so will the attacks. so will the value of that data that people are after. >> appreciate that. thank you. and for mr. mulligan and mr. kingston, i appreciate that you accepted our invitation. you think people should know that you don't have to accept that invitation. you don't have to be here. but you agreed to be here. and i think that speaks well for both of the companies that you work for, and your respect for the consumer to go on the record about what occurred and what you are offering to customers. i want to thank you for that. doesn't mean we don't ask you tough questions. so let me start off the same question to both mr. mulligan and mr. kingston. both of you suffered point of

sale attacks. and at least with target, there was a portion of that that was uncredited and you were able to get the information in plain language. plain text. is that a shortcoming? is that standard lacks how much of a surprise to you, or not surprise, that there was definitelthatone of the other p, mr. mulligan? >> mr. chairman, we no -- >> polar microphone a little closer. >> we know today in the u.s. that credit card information, payment card information comes into point-of-sale systems from the magnetic strip unencrypted. in our case that data was captured prior to us encrypting it. we have seen in other geographies around the world where chip and pin or chip enabled technology has been deployed. the fraud related through credit cards is come down dramatically and that is why we been supporters of that technology over a very long period of time.

>> mr. kingston. >> what we've learned in our investigation, mr. chairman, is that the information was scraped at a time immediately following the swipe as well. and basically -- >> so in essence go mingle the data so it was undetectable? >> really milliseconds before it hit titles to their processor for authorization. >> wow. back to mr. mulligan. have you been able to determine how they were able to get into the system and placed the malware at that very sensitive point? >> it's my standpoint access was a compromise set of vendor credentials or logon id and password. beyond that we have an end-to-end review, forensic review of all of our systems to understand that particular question. it's one we share with you. >> so is that a process very?

>> we don't understand that today. at the completion of our investigation we're looking forward to getting the facts about what transpired. transpired. >> mr. kingston spent at this point in our investigation we have not yet found any evidence of how attackers were able to infiltrate our network. >> a lot of discussion on breach notification. tell us, first of all, we want to make sure that the consumer, whose data, weather was their financial or personal identifiable information, is notified in a timely manner. there is a perception that perhaps you discover breach and you should push sand for notification. does he really work that way? how much time is a reasonable amount of time he for you notice the consumer of a breach? mr. mulligan. >> our focus was on providing certainly speed and getting noticed quickly. we think is important. bouncing back, the lives we were looking through was for our guests, providing contact information to understand what went on, and then actionable information.

what did he do about it. in addition given a negative of for enterprise we knew we would get significant requests from our guests and we want to be prepared with staffing of our call centers, having our stores with a proper resources to respond to the requested i think all that is how we approached this from a notification -- >> how many days from the time you told of the breach versus when you're able to send them notice? >> from the time we found the breach, we found the malware honor system to the time when notified was four days. >> mr. kingston, same questions. >> we also at neiman marcus believe that a prompt and specific notification is the best course of action. i think there are two important things that need to be establish in order for that to happen, and happen in a reasonable way. the first is understanding you actually do have a breach. or some sort of risk of attack, and so in our case we learned

that on january 6. i think the second important thing is to protect customers from any potential further harm, to make sure that you have contained, in our case, the malware that was discovered in our system. it took us four days to do that, and at that time on january 10 we immediately began notifying customers. >> all right, four days for each of you. thank you, now recognize the ranking member, jan schakowsky from eleanor. >> thank you. just a quick question to mr. russo. i think you do good work but you aren't suggesting that we shouldn't act as a congress, are you, in order to set some standards to? know. i think the are plenty things that can be done, not the least of which is law enforcement and information sharing. >> i understand the i'm asking really a yes or no question. are you suggesting that it is inappropriate or unnecessary for congress to act on standards, et cetera? >> not at all. i have no opinion in that area.

>> i want to ask you, mr. kingston, you discovered the breach in turn? >> -- >> we live the rest of the string to go live to the pentagon for a press briefing with defense secretary chuck hagel. you can see the rest of this briefing, this hearing on line at c-span.org. this began just a couple of minutes ago. >> national recognized strategic thinker, practitioner on national security. as well as budgeting, technology, military affairs. retired marine corps officer, he's an admired and tested leader. until recently served as you know as the undersecretary of the navy. those responsibilities included day-to-day management of the department of the navy. he has also leadership position with important defense policy think tanks including his current position as ceo of the center for a new american

security. bob's distinct career of public service, his ability and his experience and knowledge at dod make him uniquely qualified for this position it and if confirmed to bring the essential qualities required to help lead our national defense enterprise at a very, very challenging time. the president and i both appreciate bob's was to serve his country once again. and return to the department of defense. i'm looking forward to bob getting here and working closely with them. we come together and the team here, intend to continue to strengthen this department, our military, and our national security. as you also know, christine fox has been serving these past few months as the acting secretary of defense. this department and i have greatly benefited from her wise counsel, her vast knowledge and

experience, and the innovative thinking as we have moved forward with shaping the utes future spending plans. i want to thank christine. i want to thank her for her willingness to stay on in this position until bob is confirmed by the u.s. senate. i also want to mention three other important presidential nominees. christian warm with a was nominated to serve as the next undersecretary of defense for policy. most of you know christine, work with her. brian mcewen, now me to serve as the principal deputy undersecretary of defense for policy but most of you know ryan as you worked with him at the white house, on capitol hill. mike mccord are you all know, nominated to serve as dod's next comptroller. all of these very experienced, highly regarded and capable individuals will bring tremendous expertise and leadership to these positions. like bob, their exceptional

professionals. these individuals are four of the most experienced national security professionals that dod has had in these positions at any one time. they bring a depth of experience and knowledge and expertise that is as impressive as we've seen here at dod. and i'm grateful that they've agreed to serve in these positions. i'm proud to serve with them. in times of great change and challenge, our country must have the right kind of people interested positions of leadership. i appreciate the senate armed services committee proud action to schedule hearings for these nominees, all this month. if these nominees are confirmed, and if the senate acts on other senior department nominees, now before it, and most of the senate confirm pentagon jobs will be filled. i also have one additional personnel announcement to make,

regarding one of our combatant commanders. today, the president nominated air force general paul to service command of u.s. transportation command. he currently leads air mobility command and he is commanded at the squadron group wing and headquarters levels. if confirmed he will be an outstanding successor to general fraser who has been an exemplary, effective transcom command and we will miss him and we appreciate his tremendous service to this country. i have high expectations for all these leaders. dod and our country will rely on them and they will rely on their integrity and their leadership. i know this country is grateful to these men and women at inr country is grateful for all the men and women who serve our nation is on intelligence. and i'm proud of them, the president is proud of you. we are proud of their families,

and i'm proud to serve with you. they've earned the respect and admiration of the american people and our allies and partners all over the world. but some of our people are falling short of these high standards and expectations. ethics and character are absolute values that we cannot take for granted. it must be constantly reinforc reinforced. it is the responsibility of all of us, all of us to ask for the trust and confidence of the american people to ensure these values are imbued in all our people, and we all live up to them. i met this week with service secretaries chairman dempsey and the joint chiefs. we address this problem. we are going to continue to address it, and we're going to fix it. confidence and character are not mutually exclusive. they are woven together. they must be. and an undercover vice and culture of accountability must exist at every level of command.

that must be practiced and emphasized by leadership at every level. like in all institutions, it starts at the top. ethics and character are the foundation of an institution and a society. they must be constantly emphasized at every level of command, training, curriculum, in all phases of dod in both the officer and enlisted corps. top to bottom. over the next few weeks chairman dempsey and i will be announcing actions that all of our services are taking to deal with this problem. i will assign to my senior staff a general officer who are report directly to me on issues related to military ethics, character and leadership. and work directly with the service secretaries and the service chiefs. this officer will coordinate the actions of our services on this issue, work every day with all of our services and we will meet

weekly so i can receive reports from dod senior leadership, including both officer and enlisted leadership on the progress we are making. this will be an absolute top priority of the service secretaries, the service chiefs, general dempsey any. thank you, and be glad to take some questions. >> a quick follow-up on what you just said about the ethics and the question. do you think that all this time at war is sorted that one of the root causes of some of this increased behavior or was it just overlooked i guess during the war? and things are just come to light that were happening all along. but my second question on afghanistan community top leaders from afghanistan this week. do you see a specific drawdown of troops for the summer? >> what goals you think you want

to get to for the number of troops in afghanistan over the summer? and visit -- you think there will be no bsa a lease before the election? >> regarding your first question, i don't think there is one simple answer to the issue of ethics, values, a lapse in some of those areas that we do know about. that's why we are taking a hard look at this. i think we need to find out, is there a deep, wide problem. if there is, then what's the scope of the problem, how did this occur? was a constant focus of 12 years on too long land wars? taking our emphasis off some of

these other areas? i don't know. we intend to find out. this is an interservice issue. this is an issue that cuts across all lines and all commands. and that's why i am putting this as a number one priority for this institution. general dempsey feels exactly the same way. our leaders and/or service secretary, our chiefs feel the same way. and that's what we will do. but i don't think it's as simple as just one thing or two things. but we intend to find out. on afghanistan, as you noted, we met with the president this week, a very good first assessment. the president received on where we are, on retrograde and all the other dimensions of what's going on in afghanistan. it was an honest exchange between his commanders and

himself about the future. you know our position has not changed in that we've continued to encourage president karzai to sign the bsa. incidentally, a document that he negotiated in its finale and agreed to, a document that was overwhelmingly supported, that he brought together. a document as far as we can tell from every measurement of the people of afghanistan supported by the people of afghanistan. so we continue to hope and believe that that will be signed. we will continue to plan and work with our nato and isaf commander's for a post 2014 mission. you know that we've identified that as trained, assist, advice,

and counters and. i'll be going to brussels as you all know in two or three weeks which obviously this will be gone the agenda. >> if we could stay in afghanistan for a second, we're told by general million communism to 385,000 afghan troops and police now come and visit fighting -- [inaudible] i know the president stated been said if the bsa signed there could be u.s. troops there after 2014. i wonder if you could explain, given how well the afghans are doing, why does there have to be any troops can use troops in afghanistan after 2014? most americans are again, why can't all use troops to sleep at the end of the year? >> well again, let's examine the nation. the president has stated very clearly, and we are proceeding on this as you know first, the

combat mission of our role in afghanistan has changed. that lead combat mission has been turned over to the afghanistan's. again, a post 2014 presence of the united states and our eyes have partners would be about continuing to train, assist and advise. we did all of the world with partners and allies. as well as continue our counterterrorism efforts which i think most everyone supports, it's clearly in our interest. so the mission would change as it is changing now dramatically because that mission would be changing and would be different, you don't need obviously near as many troops but you need some. you need force protection. you need support, train, assist, advice spend what would happen if there were no u.s. troops in

2015, do you think? >> i'm not going to speculate, except to say, as you noted, the afghan army has performed pretty well the last few years, and further, problems, still needs help. they are still in the process of institution building. remember, 12 years ago there weren't any institutions at all in afghanistan. and a continuation of investing and helping them interest in their own future, in their own institutions to give them the capability to which we are doing all over the world, capacity building with partners and allies. different in different places. i don't think it's too far out of the mission of what we've been trying to do, but the point being is, if it would work where we are invited in by the afghan people, and if that be as a sign that the president has made clear, then i think there is a very appropriate role to help continue to help the afghan

people build their own institutions of self-government, self-defense, capability that they've already made tremendous progress on. >> if you're going to continue a character's omission, you're going to need drones. with the possibility of no u.s. troops thing after 2014 and the lease expiring in the middle of the summer, where in the region would you base your drone program, if those come to pass? or are you considering halting drone strikes? >> well, as you all know i don't get into the specifics what our plans are on intelligence and drone strikes. other issues like that. but i will say this, that we are constantly assessing threats to the united states, our interests all over the world with partners, and we have threats coming from different parts of the world. and we address those threats.

so you're constantly assessing your assets and was required. and we are planning, as i said, for a post 2014 role in afghanistan. >> i'm sorry, i didn't know -- >> go ahead if you want. >> but we consider you don't have an option of a drone base in afghanistan, if you don't have troops, if you don't have the bsa, would you consider basing drones in india, for instance? >> well, we have to consider everything, as we are. that's my point about your constantly updating and changing and looking at possibilities strategic interest, where you posture those assets, where the threats are, most significant, where you have allies that are willing to work with you, capacity building. you are in a constant review process on all these. and so if that would be the case we would have to be, we are

looking at different options. you have to do that. that's not anything unique to afghanistan. spent i wanted take you back too ethics. he called it the number one priority which i think -- >> i said i'm number one priority. a high priority i think is what i said. >> my apologies. >> we have a lot of priorities. >> in regard to just in general officers, generals and admirals who serve there, you have cases of drinking on the job, gambling, a salt, multiple core friends caching multiple girlfriends. you've been in a military. small numbers don't may be, how hard is it to do the right thing? and what are your concerns that as the enlisted ranks look at this and look at scandals and their own rate? people are going to be unsettled, lose confidence. what should the american people think when they hear you speaking about concerns whether the u.s. military has moral

courage and is ethical? sounds pretty serious. >> well, i didn't say i don't believe a question whether the u.s. military has moral courage or ethical. in fact, if you recall what i said in my statement, i complemented most all the people in this institution because they do have integrity and they live by that. there are some where we have some problems. we know that. but, you know, there's only one way to deal with an issue, album, is you take it on. you don't apologize for it. you don't hide it. you don't run the other way. you say it straight the. i don't know of an institution in the world that does that better than this institution. it is this department of defense that puts the problems up in front with the press, when we find we have a problem somewhere. we opened it. we let you know about it. we let -- the american people

need to know about it, the congress. so we are not afraid of that. but the issue then is how do you fix it? what do you do about it? and as i said, i don't know all of the depth of the work with this. we know we have issues. you all report on it. we are not trying to back away from that. so let's go, let's go figure it out whether it's sexual assault or what it is but we are going to fix it. we are going to be honest about and transparent about it, and i get this institution tremendous credit in that. and we will get to whatever we need to get to, to assure as much as we can, you said it, i used it in my language, trust and confidence, complete trust and confidence the american people have in this institution. i think most people have that today, but as i said, you heard me say this often, there is no margin of their in a lot of this. if you choose this profession,

there's an expectation that goes with this expectation. and a standard. but that's your choice. that you must live with that expectation and standard. >> you brought up a couple times mr. works qualification. as you prepare and rule out the 2015 budget, you had to cut about $41 billion from the level, pentagon plan for last year for 2015 and with a bipartisan budget agreement capped calls for. are you going in the area of cutting capability, cutting capacity? those two baskets from the skimmer that you cut back in july. >> well, i think you offered i think you all heard me address this in some detail and i will be addressing it in more detail as we get closer to budget time. las..

>> there going to be adjustments as the board? of course. but you must preserve readiness and modernization and the capability and capacity in order to do the job of protecting this country. within the framework of the resources you have. we'll do that. i think the plan that we lay out in the budget, the narrative that goes with those numbers do that. so without getting into the specifics of the numbers or the projects or what is in that, i

think i would just once again etch size that -- emphasize that it is a holistic approach. and then you have to also not think just about fiscal year 2015, that budget that will be presenting, but as you know, we do a fife-year plan -- five-year and on out, ten years. you think about the sustainability of a commitment to large weapons systems whether they're ships or planes or anything else, can you sustain those and all that goes with that. so it's an immense amount of thinking, of strategic planning within the scope of your resources. i, i'm satisfied that we have done that effectively. i think it's a very good plan. i think it's an effective plan. i look forward to presenting it to the the congress after the president rolls his budget out on march 4th, and i look very much forward to not just explaining it, but going into some detail on why we think this makes sense.

we're going to need the congress as our partner on this. >> [inaudible] where the 41 billion's coming from, you seem to suggest it's going to come across all equal portions of the operations and maintenance force structure and modernization. >> well, tony, you don't take 41 billion out of one basket. that's my point. you assess the strategic interest and guidance and the mission to defend your country, what it's going to take to do that, and then you start working through that. and so you examine finish you mentioned the skimmer, that's one of the reasons i asked to do the skimmer so that we have an inventory of what do we have, what are our resources and what are we obligated for? and so you assess every weapons system. you assess every force posture, you assess every component of this institution. and then you guide that along the path of what are your strategic interests and how do you fulfill those.

so it isn't a simple take 41 billion out of this pocket or -- it's a balance. i mean, that is the word, balance. you have to balance your budget not just ledger wise, but it's got to be balanced in the interests of our country to defend this country. phil? >> getting back to your senior ethics officer that you're appointing, what can you tell us about that person, their rank or name. and also on afghanistan just for a moment, i know that you said that the united states wants an agreement as soon as possible, but was there a consensus or a feeling at the meeting with the president that a meeting -- you may go to brussels without one and that you may be able to wait for the election, you'll probably wait for the election to pass without a bsa? was there an acceptance of that? >> well, we are dealing with the war we're dealing with, and so with that in mind, you plan, you

think through. one of the reasons the president asked to have his commanders in was to talk through this face to to face. he spent a huge amount of time on this. every time general dempsey and i i talked to him on -- talk to him on tuesday, we talk about this. we talk about it with him on other occasions. he's been putting a lot of his own time into this, thinking it through, our commanders have. as you all know, general dempsey and i do -- [inaudible] with general dunford and general austin once a week, sometimes two and three times a week. so we're assessing all of this as to going into nato ministerial with or without a signed bsa. i don't know what we'll have, what we won't have. but we've still got to plan for the future, make decisions. those decisions are based on all the factors that you're aware

of, commitments, and that planning is not easy, it takes time. every one of our partners, isaf partners -- you all know this -- i listened to a number of them in munich last week, many of them i met with in the pentagon the last two months have said the same thing. we have parliaments, we have budgets, we have planning. we just can't wait here on an indefinite basis as to what we're going to do either. so all these factors are part of it. we have to plan for all possibilities here. and you had -- >> [inaudible conversations] >> ethics officer, first, i don't have a name to give you. i will give you that name shortly. we're not going to met this go very long -- let this go very long. this'll be very soon. as i said in my remarks, it will be a general officer. it will be a very senior level.

it will be an individual who is experienced in not just this building, but i want someone who understands the outside, who understands the pressures of combat, the pressures of curriculums and testing and who has a good, well-rounded background in command. and we have some ideas, but i'll make that a decision shortly. because we have another meeting this week coming up, and as i've already said, we're going to have weekly meetings. this position will be in place very soon, and i'll let you know. >> thanks, everybody, appreciate it. >> thank you. >> if you missed any of what secretary hagel had to say, it is available on the c-span video

library. go to c-span.org. coming up shortly, a hearing on iraq -- excuse me, al-qaeda in iraq. but first, a portion of remarks from earlier today by new homeland security secretary jeh johnson at the woodrow wilson center. he outlined the threat of al-qaeda affiliates across the world and syria becoming arect matter of homeland security here in the u.s.. >> put another way, with the creation of dhs, a terrorists, a searching for backnesses along our air -- weaknesses along our air, land or seaboarders or ports of entry is now met with e one federal response from me. preventing terrorist attacks on the homeland is and shoulderro remain the cornerstone of homeland security. through our government'sity. counterterrorism efforts in both the bush and obamah administrations, we have put al-qaeda's core leadership on the path to defeat. but the threat has evolved.

since about 2009 we saw the rise of al-qaeda affiliates such as al-qaeda in the arabian peninsula which has mades, repeated efforts to exportave terrorism to our homeland. our government, working with others, must continually deny these affiliates a safe haven, a place to hide, train and fromve, which to launch terrorist attacks. we are very focused on foreign fighters heading to syria right now. based on our work and the work of our international partners, we know individuals from the u.s., canada and europe are traveling to syria to fight in the conflict. at the same time, extremists are actively trying to recruit westerners, indoctrinate them and see them return to their home countries with an extremis mission.ntri last night i returned from poland where the attorney general and i met with my six

counterparts from the u.k., france, germany, italy and poland. syria was the number one topic of conversation for them and for us. syria has become a matter of homeland security. dhs, the fbi and the intelligence community will continue to work closely to identify those foreign fighters that represent a threat to the homeland.t to we face threats from those who self-radicalize to violence, the so-called lone wolf who did not train overseas or became part oe an enemy force, but who may be inspired by radical, violent ideology to do harm too do americans. in many respects, this is the terrorist threat to the homeland, illustrated last year by the boston marathon bombing that i worry about the most. it may be the hard to detect, involves independent actors living within our midst withves

easy access to things that in wt the wrong hands become tools of mass violence.ass we must remain vigilant in detecting and countering all these threats. at the department of defense, in was witness to the extraordinary efforts of our military and thea other national security and intelligence components of our government in countering terrorist threats from overseas. here at home given the evolving and increasingly diffuse and decentralized threat, i believe it is critical over the next evo several years that dhs continuey to build relationships with state and local governments ando the first responders in those governments. we must also continue toso encourage public participation in our efforts on their behalf through the nationwide suspicious activity reporting initiative and campaigns such ad if you see something, say something. which was on prominent display at airports and even at the

super bowl five days ago. the homeland security is a team effort. >> homeland security secretary jeh johnson. you can see all he had to say earlier today tonight beginning at 9 eastern. it will be on c-span. it's also available for viewing anytime in the c-span video library. go to c-span.org. coming up next, we have more about al-qaeda and iraq with testimony from the deputy assistant secretary of state for iraq and iran, brett mcgurk. he appeared before the house foreign affairs committee on the rising threat of al-qaeda in iraq. mr. mcgurk also provided an update on the u.s. response earths in the us -- efforts specifically in the cities of fallujah and ramadi. al-qaeda's central leadership this week announced it was cutting ties with the islamic state of iraq. >> this hearing will come to

order. this morning we consider al-qaeda's resurgence in iraq, an unfortunate reality is that al-qaeda in iraq -- now known as the islamic state of iraq and the levant or isis as you see it in the papers -- is growing steadily in size, it's growing steadily in power and influence, and its militant ranks have blossomed. last summer isis carried out attacks on two different prisons in iraq, and in those attacks freed hundreds of experienced al-qaeda fighters and leaders. the group is now able to carry out approximately 40 mass casualty attacks every month. multiple car bombings struck the capital this morning. the nearly 9,000 deaths in iraq

last year made it the bloodiest since u.s. forces departed in 2011. the civil war many neighboring syria only -- in neighboring syria only further strengthens this group. militants are able to flow freely between iraq and syria, providing isis an advantage as it works to advance its regional vision of a radical islamist state. their gains have been dramatic. last month these fighters took advantage of a security vacuum in ann bar province -- anbar province, entering the cities of fallujah and ramadi in columns of trucks mounted with heavy machine guns and raising the black flag over government buildings. of course, anbar province is where u.s. marines fought so hard to push out al-qaeda. in recognizing those and other great sacrifices, i should note that this committee benefits from the firsthand experiences

of mr. kissinger, mr. cotton, mr. perry, mr. desantes, mr. collins and ms. gabbard, all of whom served with distinction in iraq. this threat is evolving. earlier this week al-qaeda's central leadership declared that those operating in western iraq and syria were no longer an affiliated group. we will see how this power struggle develops, but isis' independence is a reflection of its unprecedented resources including weapons and personnel and cash and its resulting operational strength. this is a threat to iraq but also to us. isis has reportedly been actively recruiting individuals capable of traveling to the u.s. to carry out attacks here. while al-qaeda in iraq has been powered by prison breaks

and by the syrian civil war, it has also been fueled by the alienation of much of the sunni population from the shia's dominated government in baghdad. al-qaeda has become very skilled at exploiting this sectarian rift, and maliki's power grab has given them much ammunition. this is a point that ranking member elliott engel and myself raised and underscored with president maliki when he visited washington last fall. this committee will play a central role as the united states moves to send military equipment to help the iraqis fight these terrorists. appropriate intelligence can be shared as well, but iraqis should know that their relations with iran and the slow pace of political reconciliation with

minority groups raise serious congressional concerns. while we may not be -- while -- as head of state while he may not be up to it, maliki must take steps to lead iraq to a post-sectarian era. the iraqi government is far from perfect, and only the iraqis can control their future. but if we don't want to see an iraq with large swaths of territory under militant control -- and we should not -- then we must be willing to lend an appropriate hand, and i'll now turn to the ranking member, mr. engel, for any opening comments. mr. engel from new york. >> thank you very much, mr. chairman. thank you for holding this important hearing on al-qaeda's resurgence in iraq and the threat this poses to u.s. security interests. i appreciate the close collaboration that we have working on this and so many other issues on this committee. last month al-qaeda extremists

occupied the city of fallujah and parts of ramadi in iraq sunni-dominated anbar province. to be sure, this has serious implications for iraq's security, but it also has a deeper, symbolic meaning for americans. as all of us know, u.s. marines fought two bloody battles to secure fallujah during the iraq war. i want to acknowledge our brave men and women in uniform who lost their lives as well as their families who continue to grieve their losses every day. it breaks my heart when i see what's happening in iraq today. iraq continues to be ravaged by sectarian violence, and the situation's getting worse. last year more than 8500 iraqis were killed in bombings, shootings and other violent acts. the most since 2008. i should note that on monday of this week the senior leadership of al-qaeda excommunicated and disowned their affiliate, the islamic state of iraq in syria,

isis. for the purpose of in this hearing, isis remains a threat to stability in fallujah, other areas of anbar province and the whole of iraq. some may argue that the lack of an enduring u.s. troop presence in iraq has contributed to the resurgence of violence, especially sunni terrorism related to al-qaeda. but let's be honest, the dire security situation in anbar province is much more about iraqi politics than it is about the united states. in any case, the direct use of u.s. military force in iraq is virtually unthinkable at this point. we've withdrawn from iraq, and we aren't going back. although we no longer have boots on the ground, however, the u.s. does maintain a huge stake in iraq's security, and i believe we should continue to provide appropriate assistance to the iraqi military in their fight against isis. but we must also recognize that the current situation in anbar cannot be resolved through

military means alone. an all-out assault reinforces the perception among sunnis that they have been victimized by prime minister maliki's shia-led government. the iraqi government must take a page out of our playbook from the iraq war and enlist moderate sunni tribes in the fight. i understand that vice president biden recently discussed this issue with prime minister be maliki, encouraging him to incorporate tribal militias fighting isis into iraqi security forces and to compensate those injured and killed in battle. by taking these step, i am hopeful that maliki can begin to bridge the widening sectarian gulf in iraq. the deterioration of iraq's control over an war is also linked to larger regional dynamics. we saw how al-qaeda in iraq expanded its franchise into syria, and we now see violence

from that brutal war spilling back into iraq. this has strengthened isis and served as a recruitment vehicle for thousands of foreign fighters. the slow bleed in syria has been a clear hindrance to progress in iraq. iran's nefarious influence in the region also contributed to instability. it is well known that a some senior iraqi officials have a very cozy relationship with iran, and iraq has not done nearly enough to prevent iranian overflights that deliver weapons to hezbollah and the assad regime in syria. in order to stabilize iraq, the iraqi government will need to be a more responsible actor in the region. chairman royce and i made that, emphasized that point when we met with mr. maliki several months ago. the discussion today is important to understand how we can encourage a political solution in iraq that will give sunnis a meaningful stake in the future of their country. this is the only viable way to build a safer future for iraq

while helping to curb iranian influence and, hopefully, reducing the violence in syria. i'd like to thank deputy assistant secretary brett mcgurk, one of the foremost experts on iraq, for being here today to address these issues with us. mr. mcgurk, i look forward to your testimony and our discussion. i yield back, mr. chairman. >> thank you, mr. engel. we'll hear for a minute from ileana ros-lehtinen, chair of the middle east subcommittee, followed by mr. ted deutch who is the ranking member of that subcommittee. >> thank you very much, mr. chairman. and in addition to the biggest issue which is that we don't have al-qaeda on the run, there are two issues which can i continue to be very concerned about. first is the safety of the residents of camp liberty. they still have very little protection. when last you testified, mr. mcgurk, 192 t-walls were up, then the big progress supposedly is that 43 are now up

in addition. this is out of 17,500 t-walls. they save lives, put them up. number two, the iraqi jewish archives, other members are very concerned, don't want them to be shipped back. the iraqi government incorrectly states that these papers are theirs. that is not true, and we hope that you continue to work on that. and the bigger issue that brings us together is that, obviously, since the departure of our troops al-qaeda's reemergence has caused iraq to take a very worrisome turn for the worse. we've sacrificed so much blood and treasure there to watch it descend into full sectarian violence and an al-qaeda safe haven, so we've got to rebuild our influence there. thank you, mr. chairman, for calling this hearing. >> thank you, ms. ros-lehtinen. we'll go to mr. deutsche of florida. >> thank you, mr. chairman, and ranking member engel, for holding this extremely timely

hearing. emboldened by the syrian conflict, the number of al-qaeda affiliated fighters in iraq has now reached levels not seen since 2006. al-qaeda in iraq's offshoot, the islamic state of iraq in syria, is now the primary perpetrator of the worst violence. as my colleagues have noted, al-qaeda has disavowed the islamic state of iraq in syria for its use of tactics deemed to be too violent. al-qaeda, one of the world's worst and most brutal terrorist groups, has disowned this group for being too extreme. i fear the siege of anbar and fallujah in january has definitively turned the page from labeling this spillover from the syrian conflict to a full scale resurgence of terror in iraq. the number killed in january were close to a thousand and particularly concerned for the 140,000 who fled their homes. the security risks posed are too great to know, and i hope today

you'll be able to shed light on what level of assistance we'll be able to provide iraqis to prevent the growth of the security threat, and i look forward to that testimony, and i yield back, mr. chairman. >> thank you. now, lastly we'll go to judge ted poe of texas, chairman of the terrorism subcommittee, follows by brad sherman for a minute of california who's the ranking member of that subcommittee. >> al-qaeda in iraq is back, certainly not on its last willings. the united states has paid a high price to help liberate iraq from the menace of al-qaeda. it is frustrating that al-qaeda is gaining ground back in iraq. al-qaeda's resurgence is directly related to prime minister maliki's mishandling of his government. incompetence and corruption seem to be the norm. he centralized power, alienated the sunnis and brought back shia hit squads. he has allowed iranian-supported

operate i haves to kill m -- operatives to kill dissidents now on seven occasions without consequences. the last time you were here, mr. mcgurk, you testified before my subcommittee and ileana ros-lehtinen's subcommittee. i predicted that there would be another attack. seven days after you testified in december, camp liberty was attacked again. all this chaos has created an environment ripe for al-qaeda. al-qaeda's reestablishing a safe haven to plan and launch attacks outside the region. that is totally unacceptable trend. the question is, what is the united states going to do? and i yield back the remainder of my time. >> in the 1940s we occupied countries. no one doubted our right to occupy. we took our time, we created new governments, and those governments created new societies. at various other times we've invaded countries, achieved

military objectives or as much as could be achieved at reasonable cost, and we left. the first example of that was thomas jefferson's military intervention in libya. in iraq and afghanistan, we established a bad example. the world and even some in the united states doubted our right to occupy, so we hastily installed karzai in afghanistan, and in iraq we installed a structure which is now presided over by mr. maliki. it is not surprising that afghanistan and iraq continue to be problems since we have -- since we hastily handed over governance to those who were ill prepared. iraq is not the most important arab state streamingically. it does not become -- strategically. it does not become more important in the future because we made a mistake in the past that cost us dearly in blood and treasure. we should not compound that mistake. on the other hand, iraq is important in part because of its proximity to iran which i believe is one of the greatest

threats to our national security. finally, i agree with several of the prior speakers that we need to, with regard to camp liberty and the t-walls, and i yield back. >> thank you, mr. sherman. this morning we're pleased to be joined by deputy assistant secretary for iraq and iran, mr. brett mcgurk. prior to this current assignment, mr. mcgurk served as a special adviser to the national security staff and as senior adviser to ambassadors ryan crocker, chris hill and james jeffrey in baghdad. he also served as a lead negotiator and coordinator during bilateral talks with the iraqi government back in 2008. without objection, by the way, your full prepared statement will be made part of the record, and the members here will have five days to submit any statements or questions or any other extraneous material for the record. and, mr. mcgurk, if you would,

please, summarize your remarks, and then we'll go to questions. >> thank you. good morning, chairman royce, ranking member engel and members of this committee. thank you for inviting many me to discuss the situation in iraq with a focus on al-qaeda's primary offshoot, isil. my brief statement will discuss the current state and how we intend to combat it. the former incarnation was the focus of u.s. and iraqi curt efforts over many years beginning with the rise of its first leader more than a decade ago. its current leader is a designated global terrorist under u.s. law and we believe is currently based in syria. his mission is colorly stated in his own -- clearly stated in his own statements. the syria conflict over the past two years provide a platform for isil to gain resources, recruits

and safe havens while the precise number of isil fighters is unknown, director of national intelligence james clapper last week testified that there are likely 26,000 extremist fighters in syria including 7,000 foreign fighters. many of these fighters are affiliated with isil. isil in its earlier incarnation inflicted mass casualty attacks in iraq. over the years 2011 and 2012. but it was not until early last year that we began to see a significant increase in its attacks, most notably suicide and vehicle bombs. suicide attacks, we assess, are nearly all attributable to isil, and nearly all bombers are foreign fighters who enter iraq through syria. to give one notable statistic, in november 2012 iraq saw three suicide attacks throughout the country. in november 2013 it saw 50. isil is now striking in iraq along three main lines of operations. first, it is attacking shia civilian areas in an effort to rekindle a civil war. these are the vast majority of

attacks. second, it is attacking sunni areas to eliminate rivals and govern territory. in one 30-day period between september and october, for example,isil suicide bombers attacked three small towns in anbar province. third, isil is now attacking the curds in northern -- the kurds in northern iraq. isil likely stage and plan many of these attacks at remote encampments in western iraq. the iraqis began to spot these camps but proved unable to target them effectively due to lack of necessary ct equipment which is needed to deny terrorists safe haven. today, thanks to close cooperation from this committee and the congress, we've begun to address this problem as i'll discuss in more detail. by the end of last year, signature isil attacks, vehicle and suicide poms, matched levels not seen since the summer of 2007. overall, violence remains far lower, but the risks of

reprisals rise as isil attacks rise. also over the course of 2013 political instability and continuous unrest in sunni areas enabled but did not cause esil's rise. there was a protest movement that began after a number of bodyguards were detained by iraqi security forces. these protests placed on the national agenda a number of legitimate demands such as ending the process of debaathification and ensuring criminal due process. we supported these demands, and we worked with all parties to shape a package of legislation to address them which is now pending in the iraqi parliament. ongoing violence, however, has made it difficult for shia and kurdish blocs to support this legislation absent concessions for their own constituencies. over the course of spring and summer, the protest movement became more militant with al-qaeda flags spotted in protest squares. this accelerated a vicious cycle. isil exploited unaddressed

grievances with long overdue reforms further out of reach. this brings us to where we are today and how we intend to help the iraqis fight back. on january 1, 2014, convoys of up to 100 trucks with mounted heavy machine guns and anti-aircraft guns flying the black flag of al-qaeda entered the cities of fallujah and ramadi. they destroyed most police stations and secured vital crossways. the police in both cities nearly disintegrated. the domination of these central cities was a culmination of isil's strategy to establish seventh century islamic world. isil declared fallujah part of an islamic call faith. in rah dad my -- caliphate. the goth responded -- government responded with money, weapons and assurances that tribal fighters would enjoy full benefits of any soldier in the

iraqi army. i have been to iraq twice since the new year. in meetings with prime minister maliki and other iraqi leaders, i have pressed upon hem the urgent necessity of mobilizing the population against isil. i have also discussed the situation directly with tribal and local leaders in anbar province. these coordinated efforts have begun to produce results. fighting continues in ramadi's outskirt, but the central city is increasingly secure with tribal fighters working in coordination with local leaders. the iraqi army has remained outside helping to secure populated areas. the situation of fallujah is more serious. with hardened isil fighters and former insurgents in control of the streets. one week ago isil fighters captured a group of iraqi soldiers, paraded them around the city and then executed them. further complicating the situation, we assess that some tribes in and around fallujah are supporting isil while others are fighting and other many others remain on the finance. the hardened fighters inside the

city are seeking to draw the army into a direct confrontation. thus far the army has not taken the bait, focusing its efforts on the outskirts and keeping tribal fighters in the lead. but make no mistake, the government of iraq working in full coordination with local leaders and the local population has a responsibility to secure fallujah. under a plan that is now being developed as explained to us by local and national leaders late last week, tribal fighters will lead the effort with the army in support when needed. the united states is prepared to offer advice, make recommendations and share lessons learned based on our deep experience in these areas. general austin, in a visit to baghdad last week, had a series of candid conversations with iraqi officials and commanders about the importance of patience and planning. isil is also planning to consolidate control of flew ya and -- fallujah and move to baghdad. isil's leader directed his fighters, quote: to be on the front lines against the she ya and march -- shia and march

towards baghdad. were there any doubts of potential risk to the united states, he added a direct message to americans. quote: soon we will be in direct confrontation, so watch for us for we are with you watching, end quote. we take such threats seriously, and through cooperation with this committee and the congress, we intend to help the iraqis in their efforts to defeat isil over the long term. here's how. first, we are pressing the national leadership from the highest possible levels to develop to holistic security and economic strategy to isolate the extremists. this means supporting tribal fighters, incorporating them into the security services and committing to april elections to be held on time. second, we're sporting the iraqi security forces through accelerated foreign military sales, training and information sharing. the iraqis have now equipped an aircraft, for example, to fire hellfire missiles, thereby denying safe haven in the

western desert. such assistance is offered pursuant to a holistic strategy, and we've made clear that security operations -- while a necessary condition for defeating isil -- are not sufficient. third, we are actively encouraging an aggressive economic component to mobilize the sunni population against isil. in the five weeks since isil 13wr-d ramadi and fallujah, over $35 million has been allocated in assistance and payments to fighters. throughout our message to all iraqi leaders is firm, despite your difference cans across a host of issues, you must find a way to work together when it comes to isil, an organization that threatens all iraqis. this is particularly true for prime minister maliki who, as the head of state, must take extra measures to reap out to sunni leaders and draw critical mass of local population into the fight. i want to thank you again for allowing me to address this most important topic. look forward to working closely with you in the months ahead to protect u.s. vests in the iraq -- interests in iraq and

throughout the region, and i look forward to your questions. thank you. >> thank you, mr. mcgurk. the first question i was going to ask you related to something that happened last summer, there were militant camps and training grounds spotted in western iraq, so we could see this brewing. and yesterday we heard the cia director note before congress that there are camps inside of both iraq and syria that are, in his words, used by al-qaeda to develop capabilities that are applicable both in theater as well as beyond. so you noted that the iraqi government could spot these camps but did not have the ability to to target effectively. leaving safe havens just miles from populated areas, in your words. if these al-qaeda camps present a direct threat to our interests and the iraqis can't deal with it, then why weren't we doing more against these camps?

you know, how would this gap that iraqi capabilities obviously can't meet be closed? how can you effectively move on this? >> thank you, mr. chairman. let me kind of walk through the last four or five months. really late last summer the iraqis spotted some of these camps, and they tried to target them. they flew bell 104 helicopters out there. the helicopters were shot up by pkc machine guns. they tried to send the army out there. the army was ied'd on the roads which are heavily booby trapped, so it was pretty clear that despite a strong iraqi security force capability, they were not able to target camps in these remoat areas -- remote areas. and that is when we began to accelerate some of our foreign military assistance programs and also information sharing to get a better intelligence picture. so two notable developments over recent months. first, the iraqis have become

very effective with the hellfire missile strikes through their care a van -- caravans. and second, we believe as we've had many good discussions with this committee that apache helicopter platforms are critical for denying safe haven in these areas over the long term. i want to thank this committee for helping us with that sale which was recently approved. this won't be immediate, it won't be until later this year until the first leased helicopters get into the country and are operational, but that is a long-term solution to this problem. >> the other question i was going to ask you was in your testimony you called suicide bombers a key data point we track and noted that these suicide bombers operating in iraq are, in fact, foreign fighters that have come in. where are these foreign fighters coming from? we've seen reports that close to a thousand have come from europe, some from the u.s.. i was going to ask you how do you assess the threat to u.s.

personnel, not only that threat to personnel and our interests this the region, but also here in the united states. >> mr. chairman, the foreign fighters in syria are coming from all over the world. this is a problem we faced in the years 2006 to 2008 when foreign fighters were coming into syria and also making their way into iraq through what was then the al-qaeda in iraq network. they're coming mainly from the region. but we do assess from our best intelligence assessments that the suicide become we -- bombers are foreign fighters. right now they do not oppose a direct threat to us or our personnel, but they pose a direct threat to iraq. about five to ten a month over 2011-2012, now about 30-40 a month, it has a pernicious effect on the political discourse in the country. car bombs, the iraqis have been able to protect against car bombs. you don't see mass casualty attacks like you used to see.

casualties are lower. it's the suicide bombers that are able to get into funerals, mosques, populated areas and cause mass casualties which has just a devastating effect on the country. so it's a very serious, serious problem and a regional problem. >> and the last, the last question i'll ask in my remaining moments, you were just in baghdad meeting with iraqi officials, and you state that you detected for the first time acknowledgment that government of iraq missteps may have head made the problem worse. and as i noted in my statement, this is not the feeling that ranking member engel and i received when we, when we raised this issue. with the president of iraq in our meeting. so that was a few months ago. i am somewhat encouraged by this, but how encouraged should we be? because our concern has long

been that this lack of reconciliation is come pounding the problem seriously -- compounding the problem seriously. >> i have found, frankly, mr. chairman, an attitude among the iraqis that was similar to the tactics that we used in the early part of the war, that the security problem was simply a security problem and not a problem that was fused with politics and economics. and we had a series of conversations over the course of the last year as the isil attacks increased in which iraqis saw this mainly as a security problem. all i can say is that i have been there twice this month since the entry of isil into flew ya and -- fallujah and ramadi, and i have heard across the board from the prime minister on down that unless you enlist local sunnis in those areas, you will never defeat and ice hate isil. and we have seen that now manifested in a commitment the iraqi cabinet has passed a number of resolutions saying tribal fighters will be given full benefits of the state. and most significantly, prime minister maliki has made a

commitment that tribal fighters who oust isil will be incorporated into the formal security services of the state, the police and the army. that did not happen with the awakening fighters that we worked with in 2006-2008, so that is a very significant commitment. we now need to stay on the iraqis to make sure they follow through. >> thank you. we'll go to mr. engel. >> thank you, mr. chairman. mr. mcgurk, let me ask you about al-qaeda in iraq. it's been reported that al-zawahiri, the head of al-qaeda, has disowned the islamic state of iraq in syria. if that's true, what does that mean for al-qaeda's presence in iraq, what are the repercussions for isis operating without the al-qaeda umbrella, and how will this affect the rebel in the-fight -- in-fighting in syria now that al-nusra has the blessing of al-qaeda? >> well, both isil and al-nusra both came out of al-qaeda in

the iraq. iisil is basically al-qaeda in iraq. us in rah was a bit of an offshoot and is focused more on syria. as you said, or there's now this message which seems saying that isil is no longer affiliated with al-qaeda central. i would defer to my intelligence colleagues on the long-term effects, but what we have found is that isil has such a media presence, such a propaganda presence and is able to self-sustain itself by controlling facilities in eastern syria including oil facilities and also through extortion rackets in cities in western iraq that it'll be able to maintain its cycle of operations. in terms of those who are recruited and come into isil, it's really -- their message goes all the way back to zarqawi ten years ago, it's very perniciously sectarian, that shia muslims in particular simply don't have a right to live, and they should be killed. and those who believe that tend to gravitate towards isil.

nusra is more of al-qaeda central-like message and also including a threat to us. but i think despite this new statement we've seen, i think is il is going to maintain its pace of operations and continue to be a very serious threat. >> thank you. i'd like to ask you some questions about iraq and iran and the relationship. when i look back at the war in iraq, what really breaks my heart is that we lost so many americans, so much american blood, and now it's almost as if we didn't do anything. nothing we did was positive. it's all been eroded, and it really just breaks my heart for people who lost loved ones there. we're the ones responsible, in

my opinion, for making iran the hegemonic power in the region, because iran and iraq for years fought wars, checked each other, and once we blew up concern not that saddam hussein was worth anything, but once we blew up the minority sunni regime in iraq, it seems to me it was only obvious that the shias in iraq would gravitate to the shias in iran. and the sad thing is that iran has more influence, in my opinion, in iraq now than we have. so there are reports, and chairman royce and i raised this with mr. mall the key when he was -- maliki when he was in washington, that iraq's allowing iran overflights as iran seeks to arm hezbollah. hezbollah, obviously, is now fighting the war this in syria on assad's side. it's helping hezbollah expand its presence in syria, defending the assad regime.

so can you characterize that relationship that prime minister maliki and other senior iraqi officials have with iran, and how would you describe iraq's commitments to the u.s. on the overflight issue? does maliki understand how this destabilizes the region? >> iraq's relationship with iran is multifaceted. we have found repeatedly over the years that iraq acts primarily in its own interests. we found very few instances in which we've seen iraq acting at the behest of iran in which it did not see it acting in its own interests. you can look at that in terms of iraq's overall oil production, you can look at it in terms of iraq ratifying the additional protocol, in terms of iraq supporting the geneva one communique, a number of steps in which we know the iranians were pressing the iraqis not to do something, and the iraqis did something. we've seen a number of flights come down. we continue to press this issue.

inspections go up, inspections go down. it's very frustrating. it's often very difficult for us to get a precise intelligence picture of specific nights and what's on a flight. we know that material we believe is coming on civilian aircraft, so it's just, it's a problem that we focus on all the time. it's the one area where i can say iraq is simply not doing enough. >> i just -- thank you. i just want to make one final comment, and that is it was my opinion when the chairman and i met with mr. maliki that he, he was a good listener, but i didn't think he provided too much in terms of answers to the questions we had, one of which was overflights. i think that he just came to listen but really didn't come to put his head together with us and help solve the problem. >> i have found, congressman, that since the prime minister's trip your meeting with him, other meetings he had here on the hill, he spent about two

hours with president obama in the oval office, he got a very direct message on a number of issues s and we have seen some fairly significant changes from that visit. so i want to thank you for the meeting you had with him. i think you made an influence on some of the issues, i know discussed camp liberty. we've seen some changes. and particularly the need for a holistic strategy to defeat isil and enlisting the sunnis into the fight at the local level, we have seen some fairly dramatic and significant changes from that visit. >> thank you. thank you, mr. chairman. >> thank you, mr. engel. we go now to ileana ros-lehtinen. >> thank you so much, mr. chairman. welcome once again, sir. the iraqi jewish archives, you have been engaged in discussions with the iraqis on issue, and your staff has spoken to, with representatives of the iraqi judy whereas pa and the jewish community as a whole, but could you give us an update on progress of these discussions?

have there been alternative plans proposed? on the issue of the t-walls at camp liberty, why have there been only 235 out of 17,500 t-walls put up, and why have we only seen an addition of 43 since our november subcommittee hearing? can you please commit that you will put extra effort in saving lives there? and then thirdly, as far as al-qaeda's resurgence, a large part of this is due to the failure in the iraqi government and iraqi leadership since we left the country. their national elections planned in iraq in april, we were successful after the surge in getting the iraqi government to participate in the more inclusive power-sharing government that kind of mollified the sunnies of iraq and left al-qaeda marginal used. then after we left the iraqis took another step backward. now it was sunnis who were marginalized, drawing many of

them toward al-qaeda. what steps are we taking to insure that the sunnis are participating in these elections and that iraq can return to that sort of power-sharing government we saw in the post-surge iraq? and continuing with the shia/sunni issue, we've seen over the last few days that the iraqi military has been bombarding fallujah which was taken over by al-qaeda late last year, presumably preparing the way for a ground assault. however, the shiite-dominated maliki government cannot successfully take fallujah on its own without the help of the sunni tribal leaders in the region. can you describe the current relationship between the maliki government and these tribal leaders, and do you think maliki will be able to gape their support -- to gain their support given maliki's crackdown on sunnis in iraq for these past few years? thank you, sir. >> thank you. let me take the topics in order. on the jewish archives, as you know, this is a very sensitive

topic. i've been working directly with the iraqis on this. i was just in iraq and raised it with those officials who are charged with the file. we are engaged in sensitive negotiations with iraqis. in the coming weeks the national library and archives will be coming to the united states, and again, i hope to report progress. it's a sensitive negotiation, but i will keep you fully informed of those talks. on camp liberty, specifically on the issue of t-walls, i have, again, made a number of trips to iraq, and every time i go from maliki on down i raise the issue of t-walls. we got t-walls moving back into the camp earlier this month. they stopped. i raised it again last thursday with the iraqi national security adviser. i understand this morning t-walls are moving into the camp again. i have visited the survivors and residents at camp liberty earlier this month. i told them i'd promise i could do everything i could, i also urged them to do everything they could and that meant showing up where plans are made to move the

walls into the camp. this is an issue i'm going continue to stay on top of. on the issue of elections and sunni participation, as i said in my testimony, we are focused on holding elections april 30th. this will be the third election, first one 2005 and then 2010 and then this year. as you may know, the head of main sunni coalition was in the united states two weeks ago. he had meetings with the president, the vice president, he met the secretary of state at his home. so we are very focused on making sure that the election ares happen, that they produce a genuine and credible result and cha that they allow a government to reform that reflects the makeup of iraqi society with all represented. in fallujah as i described in my testimony, the plan is to have the tribes out in front but with the army in support. because the -- this is, they face, isil is an army. they have heavy weapons, .50 caliber sniper rifles and very well fortified. we have to have the local tribal people out in front, but they

will require security support. general austin was in iraq last week for direct talks with military commanders. we're advising them as best we can building on the lessons we learned for tactical and strategic patience for planning and to make sure civilian casualties are minimized. >> thank you so much. i know how hard you have been working, and to paraphrase ambassador crocker, everything about iraq is hard all the time. so please keep making progress. thank you, sir. >> mr. sherman of california. >> thank you. it was bipartisan support for leaving a residual force in iraq, that required a status of forces agreement with the maliki government. and the status of forces agreement would have had to have included immunity for our soldiers so that they would not be subject to iraqi courts. we ask our soldiers, marines,

airmen, etc., to take many risks. one of them we don't ask them to take is the idea that their actions would be held up to judgment in a court in iraq or in afghanistan, for that matter. we didn't get a status of forces agreement. some, one theory is the administration blew the negotiations. the other view is the maliki government was in place when this administration got there. maliki didn't have to give immunity to our troops and chose not to. we've seen that these immunity agreements are difficult for a host country to provide. karzai isn't providing them, and there are several elements of iranian history going back 70 or 80 years where the shah was held up to great ridicule for

providing such immunity agreements. did we fail to get a status of forces agreement because we blew the negotiations, or given the political reality starting with maliki, was there simply no way to get the immunity? >> first, you're keying on the history is really important here. the history of immunity agreements particularly in this region is really what colors the entire debate. the negotiation in 2007 and 2008 took almost 18 months, and while we got those two agreements passed, the security agreement which allowed our forces to stay for three more years with immunities and a permanent strategic framework agreement, they barely passed. they passed on the last possible day and almost by the skin of hair teeth, and i was working finish of their teeth. >> this is passing the iraqi parliament. >> yes, the iraqi parliament. our legal requirements in 2011

were that another follow-on agreement would have to go through the iraqi parliament. it was the assessment of iraqi political leaders and also of our leadership that it was unlikely to pass and, therefore, the decision was made that our troops leave by the end of 2011. but we still have a permanent, a permanent strategic framework agreement. that agreement has passed the iraqi parliament, it was ratified in 2008, and it provides us a strong basis for providing security systems to the iraqis. it does not provide us the basis for having boots on the ground, but we do train iraqi special forces through the embassy, and we're also in discussion with regional partners -- >> okay. i want to move on to another question. has there been discussion of the u.s. air force or other air forces, you know, naval air forces bombing these al-qaeda camps rather than us, providing huge amounts of weaponry to

maliki so that he can try to do it himself? and has there been discussion of u.s. air forces preventing overflights by iranians since the iraqis say they can't control their own air space? >> no, or there's not been discussion of a direct u.s. role in controlling iraqi air space or in targeting the camps. we're very focused on increasing iraqi capacity to be able to target camps, and they've proven effective in recent months. >> i would point out that if only we were bombing al-qaeda camps before, in the years before 9/11, we may have had a very different history. the, we see the residents of camp ashraf, 52 of them killed last september, in december another four killed. the secretary of state has appointed a special adviser on mek resettlement. what is the status of protecting

these folks while they're there and insisting that iraq meet its legal obligations to do so and finding homes for -- outside the region for some of the residents? >> let me make a couple points. when i was here in november, i explained that there is a cell trained by iran, and it is dedicated to attacking the mek at camp liberty. we had cells trained by iran dedicated to attacking us when we had a military presence in iraq. we did everything we could to root those cells out, and it was very difficult. we were never able to do so. so the only people these people -- place these people will be safe is outside of iraq. jonathan wiener's been appointed to work this issue full time to find a safe, secure relocation for the resident cans of camp liberty. but while they're at camp liberty, the government of iraq has an obligation to do everything it can to keep them safe, and that means t-walls and protection, and that is something we raise constantly to

insure that they are getting as much protection as possible. .. thank you very much mr. secretary. thank you for your service and for being here today. just a few questions. imagine january 17200 trucks entered falluja and the