questions. let's start with our congressman. congressman rogers, congressman ruppersberger, if you had to rack and stack the threat environment we see today, we've heard a little bit about what estonia is doing to defend not only their country from a national security perspective but also their citizens from misuse and breaches and the like. if you were to rack and stack the threat environment today, where would you put the various actors? because i mean we tend to speak of these issues loosely. computer network exploit, for example, is not the same as computer network attack. countries that may have intentions to steal secrets may not necessarily at this point have the same intent to attack. but if you were to look at the threat environment, i'd love to hear from the two of you where you see that. and then you guys have both passed bipartisan legislation on the house side. i think it's fair to say that

you can't move forward without information sharing. why aren't we moving forward on that front. so congressman rogers, let me start with you, and congressman ruppersberger. >> if you think about the last 30 days of general alexander as the national security agency director, they stopped 41 million separate attacks on department of defense or dot-mil if you will or dot-gov. 41 million. and they are by the way getting more sophisticated. that's everything from a very low level attack to a very sophisticated attack. so if you said what is the threat matrix out there today, it looks even different than it did even 24 months ago, even than it did 12 months ago, even than it did six months ago. it is constantly changing. and the problem is you have new, higher quality actors starting to come in. if you look at the target attack, this was a non-nation state actor, organized crime

basically in the eastern block countries who used nation state tactics to get in, develop a tool that was able in a fraction of a fraction of a fraction of a second steal credit card information. they did it not by attacking the security of the company, which by any stretch of the imagination wouldn't have been difficult to get through. they did it by finding that somewhere down the logistics chain of that particular company and swam upstream until they got where they needed to go. so you think just that attack, which probably wouldn't have happened 18, 19, 20 months ago, now you see this organized crime group with really sophisticated capabilities and it's getting better. >> by the way, i might underscore we just hosted the head of europe and over 85% of their investigations are russian speaking. from countries russian speaking. >> it's getting difficult, by the way, to determine between russian organized crime and russian intelligence services. i think that's where the president was going to go. it's kind of hard to figure out

who's behind that keyboard. >> the great kleptocracy of vladimir putin is a confusing place to draw lines between organized crime groups. so the chinese have gone unavetted in their ability to steal intellectual property and repurpose it. that is a long-term economic problem for the united states of america. the russians are also in that game, not to the same extent. now you have other nation states who see this who are investing in this capability, including, by the way, terrorist groups who are now out advertising to find the right people with the right qualifications to help them do cyber attacks. and of course according to public reports, you do have a nation state who is interested and eager for a disruptive terrorist-style attack, the nation state of iran, who has been probing our financial institutions with pretty low level we think d-dos style attacks but we know they have

better capability laying on the shelf. so next week if you ask me what the threat matrix is, it will change. next month it will change, next year it will change. the one thing that hasn't changed is we have admired this problem long enough. next week we'll admire it some more and next year we'll admire it some more. dutch and i have worked pretty hard to find that bipartisan solution that at least gives the private sector the opportunity to defend themselves. >> congressman -- >> you asked the question about the threat. number one, other than weapons of mass destruction, i think the cyber attacks generally is probably the second biggest threat to our world. and we -- if you look ten years from now, we will be the pioneers. we -- not only in the united states but in the whole world have to come together and set some type of standard on how we're going to protect ourselves. every citizen in the world is really on the front line of what could happen with respect to these cyber attacks. as positive as the internet is.

mike talked about the issue with stealing. it's been estimated by our cyber command that we lose the united states over $300 billion because of theft, mostly from china. and just recently in the last two weeks we indicted five people who work for the chinese military in china for stealing. we all have -- all countries have espionage. that's what we've done since world war i to protect us, but we don't steal from other people, other countries. we're not stealing to make ourselves richer, and that's what some of these countries are doing. now, you talked about the legislation that mike and i have worked with. we're getting a divorce, he's leaving and we're negotiating all our child support and custody, but mike is a very unique individual. we made a commitment, each one of us, because our committee before we took leadership did not work well together. that the stakes are so high, not only cyber but terrorism, space issues, all these issues that we had to work together.

as a result of his leadership, we have tried to do the best we could to deal with this issue of cyber threat. the first thing we did was this bill called sispa. we realized that we had to have a way, that we had to have a law that would allow information to be shared with the private sector. 1947 law basically says there's a law that the government cannot share information with business and other groups unless there's a clearance issue there. so an example, if you see hurricane sandy coming up the east coast and you're a meteorologist, you can't warn anybody. that's how we feel right now until our bill is passed. now, unfortunately, the public generally has some mistrust of what our intelligence agencies are doing. unfortunately also it's misplaced because that's what our job is on the intelligence committees, that's what justice does. we have a lot of checks and balances to protect our freedom and our liberties and our constitutional rights. so what we did, we educated our

republican and democratic members. we put this bill that would allow for information sharing so that when the united states, basically nsa but other intelligence agencies see these attacks coming in, we can take that information and share it with the private sector. what most people don't realize, 80% of the network in the united states is controlled by the private sector, so there has to be this partnership. so after working and educating people about security, we passed a bill, a very strong vote, and it went to the senate. and chairman rogers and i worked with senator feinstein and senator chambliss to come together to make sure we can get proper legislation and this is the sispa bill. the senate was getting ready to move and all of a sudden we had the snowden leak and everything came to a stop. unfortunately, that was very dangerous to our country what occurred. a lot of misinformation. but more importantly is it became viral as if the united states and nsa was listening to

people illegally. there was not one violation of the law. so mike and i had to come together again to find another way to get the confidence of the public back and let them know we follow the law. we have more checks and balances in this country as far as listening to people than any country in the world. i think we're number one with estonia, but we'll argue that later. and as a result of that, we came together, we have checks and balances. we brought the aclu and privacy groups to the table. we negotiated and we had an overwhelming vote of over 300 members last week, which is unusual in this congress, it's almost a miracle, but we did it because the left and right came together, understanding the threat but understanding that we do care very much about privacy. now that we passed this bill, hopefully the senate will pick it up and we'll be able to get back to the sispa bill so we don't have a target for you ladies, target, whatever, but we don't have issues with target. target is taking a big hit. they might lose $1 billion. their ceo was released. these threats are there.

it's not only -- there are two different threats. there's the threat of stealing information, which china is doing a lot, but it's a destructive threat that are really concerning. your infrastructure, your electric grids. you know, these destructive threats. it's been said by the media that iran attacked saudi arabia, the largest oil company in saudi arabia, shut down 5,000 of their computers. these are things that can happen every day right now if we don't get it together and set up standards. >> thank you, congressman. i want to pull on one of the points that you raised, and i know you have a pressing hill meeting but i want to get both of your comments and i want to get president ilves in on this before we pivot to some of the geopolitical questions in russia. but you mentioned the indictments. i think you also highlighted an important nuance and difference. do we engage in espionage? of course. every country does. it's been called the second oldest profession in the world. to protect our national security. the difference is, is when you

have nation states using national assets and resources to benefit companies. that's a big nuance. that's a big difference. first i'd like to get your thoughts on whether you think the indictments and looking at economic instruments are the right way to go. actually i want to build into the russia question. we're also sanctioning individuals there. are we looking at microsanctions, microindictments, and is the international community ready to have that conversation, the difference between national security collection and economic and industrial espionage? i'd first like to get the members thoughts on the indictments, right way to go? were we just fed up? enough is enough as the attorney general said and we needed to move since we hadn't seen any changes in behavior thus far? >> i agreed with the indictments, i agree with certain visa restrictions. i would even go a step further and start targeting the financing of those individuals, but it can't be done in

isolation. this has to be part of a broader program. my concern was they launched the indictments. and the very folks that are going to suffer from this are people that don't have a healthy defense from the united states, which is the 85% of the networks are private sector networks who are already under siege by these people. and i will tell you, it has gone absolutely unabated. so, yes, it was the right idea. great for the press release. played great for the glitz and glamour, but there was nothing followed. and that's where i think the biggest mistake was made here. this shu been part of a coordinated effort to slowly start tightening the noose on chinese espionage operations. by the way, they're growing and if you read the indictment, something we've known for years is that it was getting worse in the sense that these people were working for the government for the first eight hours of the day or nine hours of the day and then they look down the list. so think of this. the government is giving them a list saying we want you to go

get -- fill in the blank -- general motors manufacturing techniques for x or something other. down the list is the hydraulic lifts for, you know, the things that lift up your car for oil change places. that's way down the list in their grand scheme of things. these folks would go down, pick that company off way down the list, call up that company in china and say, listen, you're way down the list. for $30,000, i have my nights and weekends free, i'll steal it for you and hand it to you. now you had a problem eight hours a day. now you've got a much larger problem because they have doubled their output of thievery. so right idea, wrong execution if we can get this second piece of this, which includes sispa, which allows the private sector to protect themselves. i fear for what's going to happen in the next few months. >> and i am going to pull on that act of defense and look at the role of the private sector defending themselves. >> i agree, for china it's as if

the stealing of private information, the gift that keeps giving. we have to let china know, who is a very powerful country, one of the most powerful countries in the world, they have got to grow up, be big boys and they have to stop stealing. i think there's a perception in china that we do that and other countries and we don't. so we have to start. it can't just be five indictments. that is a message, china, you have to stop. now we have to get the world coalition together just like what we're doing with russia and get the world coalition to say we've got to set stsandards and there's going to be sanctions if you continue to do this. it's too much. i said it before, $3 billion a year has been stolen from the united states. that equates to about 500,000 jobs. so this is something that has to stop. but it's just not going to happen overnight. this is the beginning salvo. again, it can't just be the united states, it's got to be the world coming together to set these standards. >> president ilves, are we ready to have that nuanced

conversation on an international stage? >> well -- >> i'd be curious what your thoughts are of the indictments because the moral equivalency is made but i think there is a difference. >> there is a first step. starting with skype. microsoft bought it but r & d still happens and they're hit so hard all the time, morning till night. so we have the same problem as well. i mean the name for this used to be mercantilism. i think one of the things where the direction we're going to have to go, and it's going to be very tough, is actually that we've built up in the world democracies a clear firewall between the private sector and the public sector, and for very good reason. those are the countries that are uncorrupt. but we're going to have to develop much more cooperation

with the private sector in terms of security clearances, getting them in on what we're doing in the government side. the government side trusting the private sector. and that also requires a certain degree of growing up that i'm not sure every country is willing to do. and so -- but it's clear that it's not enough -- companies are being swamped basically. and they need the help of their governments, at least in the democratic countries. >> and the argument is why invest in that r & d if it can be stolen from someone else. so what can we do to induce changes in behavior that can have a real effect? and i do think the public-private partnerships. is there anything in estonia? a colleague and i from my office, we wrote a piece looking at the estonia cyber defense league. do you think that's a model? >> just so people know,

basically since no government, even the u.s. government, cannot compete with getting the best and the brightest in cyber because they're being paid so much or they're making so much, so we switched it around and said we'll offer you the chance to actually work with i guess the equivalent of a national guard cyber unit. and so people who actually make so much money that you could never pay them that, offered their free time. thursday nights they get together with other geeks and what they get is that they get checked up, so they get a nato security clearance because that's the prestige part they get out of it. they feel like they're doing something for their country. they feel good about having -- being sort of in nato. and they work out very sophisticated stuff because -- that we could never buy. as a government, you couldn't buy either. the maryland national guard is actually following the same model right now.

i think that's one way of doing it, is to get the people who are good at it into the -- into thinking about these issues and working on these issues and then you see knowledge transfer. when you're working on cyber security at a sort of almost military level, they go back to their companies and they say, wow, we ought to do this too. and i think that's a beginning, but we have a long way to go. >> paula. >> i was just going to jump in on this point, the part with public-private partnerships. i worked at thompson reuters and the only reason i mention it is because as a company there was great interest in bonding with other companies and looking at the cyber question. and in fact up in new york they sponsored at least three in which they brought in government representatives and also like-mindinged businesses and to literally look at what is our

role in this, meaning from a business standpoint, and also o government? i think you're going to see much, much more of that. that was, mind you, several years ago, and i'm sure that that interest continues. so there's a very strong desire to think about ways in which what can the private sector do in terms of its preparedness and also what can the government do in reaching out to the private sector? >> awesome. i'm going to pull in congressman rubersberger. please give a quick thanks before -- [ applause ] >> i want to pull in governor pawlenty. governor pawlenty is heading up the financial services roundtable, which includes basically all the financial and banking institutions. we've heard already about some of the government iran sponsored ddos attacks not only on saudi

aramco and qatari ramsgas, and financial institutions in the u.s. do you want to weigh in with a comment and also a question? >> first of all, thank you to all the panelists for your great leadership and public service. particularly on these issues. mr. president, it's an honor to see you again, and thank you for being here. general rogers, we're going to miss you, and i think the country's national security posture is going to miss you and your leadership. thank you for all you've done. i would like to jump back to the question that frank posed regarding the senate version of the sispa bill. i think the congressman indicated it's hung up because of post known concerns about personal information, although the bill, as you know, chairman, is really about thread information sharing. given the magnitude and pace and increasing sophistication of these attacks, time is of the essence. i know you've done a great work trying to re-educate the public about snowden-like concerns and threat concerns, but another 36 months down the road seems potentially too late for a senate sispa bill. i hope you can give says more

hope about what you can do in terms of the elongated time frame. >> thank you for that, governor. >> the conversation with dinan feinstein, saxby chambliss, and the ranking member. i think we've made tremendous progress in the last few months. they have an impact to make people good. they don't actually impact the problem. i think the sispa bill does impact the problem with a very light touch. no mandates. it's not the government getting in your business. do we think we've made some progress? we've narrowed it down to just a few short issues. one of them is the portal.

how does the information get exchanged between the business and the government sector? how does that happen? if it doesn't happen in real-time, if this is a phone call or a disk transfer, too late. it doesn't work. so we're very close on getting an agreement on what that portal looks like. how does that information get shared in real-time? who gets the clearances? you know, you want to catch it as far upstream as you can. i'm cautiously optimistic that we can find some agreement within the next 30 days to try to get something moving, and i will promise you it will be the fastest conference committee known to man because i'll be the chairman of it, to try to get some movement and agreement on what the final piece of package looks like. i agree with you this is a simple thing that is so incredibly important for the defense of our intellectual property as we move forward. the banks have done it right. all the financial institutions

were kind of the canaries in the coal mine on all of this, and you have some systems in place, but you can't have financial institutions fighting nation states. oh, and, by the way, terrorist organizations and, oh, by the way, organized crime groups all at the same time. it is an unfair fight. we wouldn't ask the banks to engage in missile defense. why would we ask them to try to stop what is an absolute tidal wave of daily efforts to bring down a financial institution? so i agree with you. hopefully if we can get the public to understand this threat, target was a great example, i think people finally said, oh, i guess this is serious. 80 million credit cards. the only problem was it was somebody else's paid for it. that was the problem we found. most people thought, oh, it doesn't matter. it doesn't cost me anything. that's really the wrong answer. it will cost you something eventually, and we were hoping that that would be the catalyst for people to understand just how serious this is. haven't gotten there yet.

close toon agreement. 30 days. urge you to pick up the phone, work your senator, tell them we need an agreement of some sort to get this in the conference. >> the d.o.j. finding does help a little bit in terms of indemnification of liability to share some of the information, does it not? i don't even feel like we're going far enough on what perceived or real we can do, so i'm hoping that we can -- >> this liability, if you don't have liability protection, it won't work. unless you're going to have a heavily government mandated system of reporting and sharing, which i just don't think will work. not in the age where technology is going to change in six and eight and 12 months from now. you have to have liability for protection. if they're doing it within the spirit of the law in real-time, sharing malicious code, which is what we're talking about. when we hear sharing, people think you're talking about my personal data. talking about malicious code in real-time. >> yeah. exactly. >> i'm going to ask one more

question, and then we're going to pivot to some of the geopolitical things. >> basically i'll take -- we have a very different approach in my country, which is that it is the government should step in very rarely, but it should step in when you have market failure, and the two cases of market failure that make most sense, i would say -- i mean, for people to understand what it means, we do not believe -- i mean, given the possibility of having genuine secure transactions that a bank cannot write off a stolen credit card or hack an account as a business loss because they're not just doing the right thing. a power company that goes down because of a cyber attack should not get insurance because it's an act of god, because it is not an act of god. it is an act of a man or men or women, and so this is a place where the government steps in to guarantee the security.

that requires a far more sophisticated system of identity, as i said, but there has to be a willingness to adopt that system. we have that -- the government guarantees you secure communications at a level that, well, given the experience love of it. we know at a higher level encryption than they could break -- they couldn't break lava bit at rsa 512. we're at rsa 4028. it requires people to use the system of encryption and guaranteed identity. i think ultimately it's the way countries will go. everything less than that, anything that is not offer a binary key code approach to encryption will be and can be hacked. >> the reality is the initiative remains with the attacker here.

that's a given. to be able to get to the point where we can get true resill yept systems, we need to articulate what it is we want to defend against, and, oh, by the way, we don't deter things. we deter actors. china is not iran and iran is not russia, and you name the other countries. we've got to get to the point where we can at least have -- articulate a strategy to diswade, discern, and compel. i don't think we're at that point yet. i'm going to ask one more question on cyber, and then we're going to turn to russia, but sort of an unfair question. a lot of discussion on mr. snowden, and i think mr. snowden did reveal some legitimate questions domestically that we need to have a conversation about, but the reality is he also revealed a vast majority of what he has

revealed are national security secrets that have nothing to do with what the community is allegedly doing domestically or not. why russia? why is he in russia? if you were to get to your list of countries that are most freedom-loving and transpatient, it's not -- >> it's actually way at the back. >> i would like your thoughts, and congressman rogers, you -- there we go. >> i have no idea what is behind it all. it's more the damage has been so huge that i think it's probably the worst -- most damaging thing has happened since the end of the cold war. it's not only i think the biggest wedge that's been driven into the trans-atlantic alliance is the affect of europe has been

disastrous, and overcoming that is really -- i mean, as a -- this has been the wedge of magnitude that we have not ever seen in the post war era, i would even say. here we are. i mean, you see a lot of the trusts that's been broken. new legislation is being proposed by all kinds of people in europe that would, in fact, weaken the trans-atlantic link. why? i mean, if you ask me why, what was his motivation, i don't know. certainly the effects have been catastrophic. >> well, i mean, i don't believe that it's a coincidence that he first landed in hong kong and then went -- is now in the loving arms of the fsb in

moscow. you know, that just doesn't happen overnight. you don't show up and knock on the door and say here i am. >> it's all just an accident. somebody reached in and stole other people's passwords, used different mechanisms to get into places he was not cleared to access. the vast majority of that material had nothing to do with the program he said he was so upset about. the vast majority, over 90% of it, had to do with military tactics there were technologies in there. by the way, in the intelligence community they continue to try

to understand what mitigation we have to go through and it will cost us probably when it's done ewe don't even have a good number. probably in the billions of dollars. probably the best number i saw was about $3 billion to try to mitigate damage. if you don't know if they go or they don't, sitting where i'm at as the chairman, we can tell what information let me just pull two. china and russia. we can see that happen. it's absolute naivety. now we know for a fact that he is in the custody. nobody disputes that. of the fsb and the russians. we know that now. now the question is, well, how far back did that go? what did it look like for him to

coordinate his travel and activities to get where he ended up? maybe we don't know the answer. maybe we do know the answer. you have to start asking those questions versus this was the best thing that ever happened to us. i dispute that. every investigation, every group that reviewed it found no illegal activity. no abuses and that it was lawful. >> do people like the fact that that information is there? no, people say we don't like it. it doesn't mean it was illegal or -- it means they have a comfort level. what mr. rupertsberger and i did was we said we need to rebuild confidence. we know for a fact that these programs have saved lives. you do want to know when a terrorist from yemen is calling into the united states to trigger an activity. i don't know about you. as an old fbi guy, we would call

that a clue, and we missed it on 9/11, 2001. i took this job. i said we're not going to miss that piece of information this go-round. not on our watch. we think we got to a good place to rebuild confidence and to move forward. this was a train wreck that we were trying to clean up. this was not about some great glorious activity who should be idolized by so many who has done so much damage, including, by the way, troops in the field. some of this information will impact our soldiers who are standing in the dirt, defending freedom in places like afghanistan today. not next year. not ten years from now. today. and that's why i can tell i get a little worked up about it. that side of the story never gets told.

they're not listening to your phone calls or reading your emails. if they are, somebody is going to go to jail. the way the press has portrayed this has been so inaccurate and dangerous to actually configure ourselves to stop that 41 million efforts to get into our department of defense, to stop organized crime groups from getting into target. i hope we shake ourselves out of this very, very soon. we have this huge threat. estonia has seen it. they lived through it. pretty damaging to them in 2007. we just keep shrugging it off like it just doesn't matter. even the conversation about the guy who stole all this and making him a hero just sends me into orbit, as you might be able to figure out. >> i think this is a perfect segue. one of those blind spots may have been what we saw unfold in crimea, and perhaps russia did

learn from a trade craft and moat is apprehendeye. he i hope he would be. and what we saw there was probably rudimentary in terms of the cyber perspective. we also need a real article, and he also has been the chair of the canon at harvard and elsewhere. paul, what did we see unfold in crimea? what are those implications? what are the intentions? what do you think the true intentions are of the leadership in moscow today, and what do you think we should be doing bilaterally, multi-laterally? estonia has been one of the few countries that fulfills its nato obligations and commitments and have been fighting shoulder to shoulder with u.s. and other allied nations in iraq and afghanistan. what does this all mean? >> first, by the way, i

didn't -- when i jumped in before, i do want to thank president knapp and also you, frank, and g.w., for hosting this incredible forum today. thank you very much. crimea, we witnessed the unlawful aggression by moscow in crimea, and then also an illegal referend referendum, which was held. illegal. it went against the laws put forth by ukraine which states that when you hold a referendum, you have not only at the local level, but you have to have approval also at the federal level. we virtually saw a total renouncement and undermining of the kind of international legal norms that have been in place post cold war. starting with that, i mean, to define it outright, it really, i

think, defied almost everything that we have known in terms of the perimeters and framework of trans-atlantic relations. it might be worth stepping back and also citing the fact, i think, most crucially, what led up to this. if you look back last year, when there were protests taking place in the midon in ukraine, what were the protests for? they were for supporting ukraine's is hes eggs into the european union. if ukraine became a member of the e.u., trade barriers will be knocked down. the second factor -- when the

prime minister yatsenyuch opened up the treasury, they looked and saw that $37 billion had been stolen, so this is the scale of what we're talking about here. so you start with that and those demonstrations. those demonstrations basically provided a kind of a threat. a threat being that ukraine was very desirous of making a significant change, a hang in terms of becoming officially part of the e.u., rectifying and reforming its economy, and also embracing the western political values. when we saw the aggression in crimea, the argument that was given by president putin on march 18th was that russia has legitimate interest because of

russians in crimea. by the way, estonia has more of a percentage of russians than does ukraine. it has 26%. granted, your country is smaller, so the proportion is a little bit different, but 26% in estonia, 27% in latvia. in this case the argument was that there were, in fact, discriminate ory actions being taken against russians. let me go back to another point worth mentioning, and that is that since ukraine has been independent, there are two key points to remember. one, there was a referendum, and, you know, at the time the referendum was held, crimea voted in favor of the independence of ukraine and being part of ukraine. since ukraine's independence, i can't cite for you one is hes eggsest movement that i'm aware

of or allegations or discriminatory action. if there was people would take recourse. the doctrine which basically refutes the legitimacy of the international system. it also undermines western values that russia has legitimate rights for going in and for dealing with situations or circumstances. if you go by that kind of a framework, by the way, or take action anywhere on behalf of its citizenry. it would be a western strategy.

the strategy being in what i think is lacking is we've been focussing on particulars. the united states and western europe have been looking at sanctioned approach, which has been a reactive approach. i think we've been challenged through this putin doukt rin. we've been challenged in basically a pronouncement of hostilities against western values, hostilities against the framework as is defined the international system, and literally the moral foundation of which the trans-atlantic alliance has been built on. toward that end we need a western strategy, and we also need a western rebuttal to what putin has put forward. let me just mention one last point, and that is there's been a real focus on the situation that this situation has been predominantly trans-atlantic. naturally not only ukraine is gravely concerned because of

destabilization. reintegrate crimea again, but also as you know, the neighborhood. we have put forward sanctions, but what we haven't put forward is a strategy, a strategic vision and a rebuttal to literally the idealogical and moral underpinnings of what putin has put forward. remember the days of the cold war when it was so clearly defined? well, we haven't put forth that kind of statement. we're not in that same period. we're not looking at a marksist lennonist government in russia.

the united states has given the opportunities we have here. what are your thoughts right now when you see? paul, i think what you really are looking at is reversing the dissolution as you referred to in europe ed. that's a frightening thought. >> frankly, i just add not just reversing but uniting and stating exactly what we stand for. >> and i might note since we also talk cyber, what you saw in crimea was an isolation. they did use rudimentary. they were basically using hacksaws to take down communication, so you can isolate people in crimea from the rest of the ukraine and

beyond, and then that was followed up with somewhat rudimentary ddos attacks on some of the political leadership. >> the post war security framework has just disappeared. it's been blown up. first of all, what we saw when the march 18th speech by the russian president was an argument that we have not seen since the -- annexation of territory of co-ethnics living there. we have seen -- we've already received an answer on may 8th, 1945 that you don't do those kinds of things.

we recall that check slovakia was dismembered -- they were germans living there. we see this for the first time since 1938. now, then the idea that you can actually change borders by nonpeaceful means. the entire -- the western and eastern cohabitation that allowed us to overcome the cold war, at least in its most dangerous phase, was based on the 1975 helsinki founding act, which said that you do not change. everyone agreed. all countries agreed, including the soviet union, which was then now a successor state, you do not change borders, except through negotiation. that is the fundamental principle of the whole founding act. that no longer applies.

the justification for annexing or reinfluencing ukraine was based on the 1990 cse charter that says that each country has a right to make its own decisions. on top of that i say that -- just to correct the thing about what you said, paul, all that ukraine was trying to do was get an association agreement. i mean, an association agreement basically allows teachers and students to, like, go and study elsewhere in europe. we signed our association agreement about a decade before we ever joined. when i was in the european parliament, i was there for albania's association agreement, and that was ten years ago, and they're far, far, far away from -- there are no implications for joining. this was a low-level agreement that had a symbolic value, but not anything really -- i mean, it just shows an orientation of a country, and that was enough to justify on the part of russia

getting -- doing what it did. i'm very, very worried because, a, what we have for 40 years or since 1938 -- or 1945, et cetera, completely ouch bounds is now happening. this thing that makes me more worried is that there are a lot of countries going along with it. bosnian people lost two million people as refugees. what will we do with 45 million if it really goes south? they're bordering four countries in the e.u. poland, slovakia, romania, and hungary. the situation could be really out of hand. there is no real genuine

willingness right now to take a trans-atlantic approach. there is an unwillingness to go too far with sanctions or go too far. we don't have a trans-atlantic sort of issue, and there are a number of forces in europe mainly commercial ones that really don't care at all about the fundamental principles of the western security architecture being blown up. they just want to make more money. what they did in crimea and eastern ukraine, in fact, is an analogy to cyber war. the little green men are bognets. bognets are these criminal groups that do work for money for governments. >> proxies. >> they're proxies.

they get a cut what we see again is criminal groups giving deniability like the estonian attack. one government saying we have nothing to do with that. they were in themselves -- the government was not doing it, but who is doing it? the people who send you the agrispan. it's the same mechanism. they were concentrating these messages, pinging, chosen computers. we see complete and utter deniability of criminal gangs, organized crime gangs. when you look at the people involved in eastern ukraine and also in crimea, it was the -- i mean, the guy in crimea is -- was a crime boss. i mean, he still is a crime boss for all i know, but now he is a

governor. we see this kind of public-private partnership of the worst kind. >> may i just address two things that the president mentioned? i'm glad for his refinement specifically on the e.u. association because it's purely an association, and i think you made that very clear, but let me mention another document that really, i think, in terms of what russia's aggression in crimea literally cut into that has global implications. the president mentioned osce or the helsinki accords. i mention the budapest memorandum, which was signed in 1994 by ukraine, wraits, and the u.k., and russia. specifically, it was u.s., u.k., and russia, and basically the

implications was for ukraine that ukraine's nuclear weapons were basically -- it was to give up its nuclear weapons. ukraine at the time was the third largest nuclear weapons possessing country that had these weapons. it was right number three. specifically by this action, it undercut the budapest memorandum, so it not only was an undercutting in this particular case, an agreement that was signed where ukraine gave up its nuclear force, but it also sends a signal to other countries around the world that are grappling with nuclear weapons and dealing with the question of proliferation and want this possession of nuclear weapons. let me tell you, in asia, this has been very much taken notice of in the middle east it's been taken notice of, and i think it's another critical point that

has to be put into the space. >> it really must be because 50 years from now, however long it's going to take to solve the iran issue. >> that seem to -- whether it's in the ukraine or whether it's in named the hotspot. congressman rogers, i want to ask you, and for all i know president obama is laying out his foreign policy vision and strategy as we speak in west point. maybe all these issues are covered and addressed. i tend to think probably not,

but possibly, but what are your thoughts? do you see a time where congress can stand united with an executive -- if we lay out a clear, articulate, straight forward strategy because, i mean, there's some disconnects between the executive and legislative branch, and i don't see everyone looking for solutions. i look at -- i see folks who identify problems. how do we fix this? >> well, and that's a -- -- >> that's what's happening. >> that's what's happening. >> that's what makes them so lethal and dangerous.

you served all authorities of government to deal with what you have to. >> what you see in the crime boss, who is now the governor, is exactly what was happening in all of ukraine, and that's where the russian influence came from was that criminal side of the house, and we shouldn't forget that. can congress work with the president? absolutely. i will tell you, as somebody who has tried to work with them and i have, and i have agreed with them when i could and disagreed with them hopefully civilly when i couldn't. they are very difficult to work with. i'll give you a great example today. so today -- yesterday the president comes out and announces the troop levels. we certainly weren't consulted. we've been asking for about 18 months you have to give us the troop numbers so that in this year's budget we can appropriately fund operations that would have it separate from d.o.d. on the ground in afghanistan.

i hope i'm not being -- the intelligence community would have separate costs and separate operations that would be sustained and functioned, and you can't do that without the support of the department of defense for quick reaction. fairly important details like that. this has been the most frustrating national security that i have faced certainly in my time in congress. they lone wolf he's things without consultation for the folks who are going to have to implement all of the aspects of these plans. i think it's candidly quite dangerous. so for those of you who have military experience, you tell me what -- where although command energy is going to be on the ground in the next six months.

it is no small undertaking to remove that many troops and equipment and do it safely. it will consume 90% of their efforts in the next few months. we have a safe haven developing in afghanistan. this is what happens when there's no interaction and discussion about how something like this would work. it's dangerous. i'll express my frustration one step forward. i believe this happened because somebody was trying to -- we've been asking for this for 18 months. it gets announced yesterday. this is a serious, serious national security policy announcement yesterday. i don't know what the president is going to talk about today. maybe we're going to get back reengaging in the world in a way that i think helps push back on these issues. if not, we are in some serious trouble. you know, you can't -- a policy like this can't be because i want to have a line in my biography that says i ended the war in afghanistan. i'll guarantee you the taliban

hasn't. they haven't surrendered. they didn't put out their timeline and say by 2016 we're going to be done. as a matter of fact, we're seeing them escalate their activities because of these announcements. think about where we are right now and why this is so important. i know time is short, but think about this. we have the russians who now we believe, according to public reports, have violated their nuclear inf treaty in a very serious and significant way. tell me what options we have. not many. they've been occupying 20% of georgia -- the country of georgia's territory without much effort or interest by -- including our european allies. he now fwz into crimea. people just say, well, he got that. maybe we can stop the rest from going maybe. this is a serious a problem as i have ever seen, and we don't have any good effort to push back. i'll tell you this one quick story, and then i'll be quiet. this is so important. messages matter. engagement matters.

it doesn't mean military. everybody says there's either all in with 101st airborne -- that's completely wrong, and it's disingenuous. there are lots of options. let me tell you this quick -- i was over there right after the president unilaterally pulled out the four radar deployment in the czech republic. i happened to be in moscow shortly thereafter trying to have a discussion about missile defense systems. can you kind of figure out how that went. afterward this general pulls me in the meeting afterwards and said can i talk to you afterwards. i won't do my russian accent. it's very bad. he pulled me in this room and said basic will he, listen, congressman, it's great to see that america is finally admitting she's a nation in decline, and we've been through it, and we would love to give you all the advice and counsel you can take. you think of the slow progress. vladimir putin is as popular today as he has ever been in russia. what do you think his next few

decisions are going to be? pull back? give up? start negotiating? i doubt it. why? because he has no economic plan for recovery in russia. it's not doing well economically. this is the one place he can get his numbers through the roof. every indication we have is it's going to get worse, not better. >> congressman, i want to allow one -- to depoliticize, i think it is emblem attic on a bigger challenge where we focus on tactics, not strategy. they're mascarading. it's lv almost add. you stee in every issue. i want to offer one question, maybe a student. do we have a student with a question? we're actually coming up against our -- or we're actually beyond our timeline, and apologies to c-span. do we have any burning, burning questions? okay. one question here. please. we're going to have to then close. please identify yourself.

>> i'm leanned are a burnstein with -- this is a question, actually, not about russia, but i would like to know your thoughts on the usa freedom act which passed through the house, but not with the support of the original sponsor, congressman, because he said it was stripped of the oversight that he believes congress should be conducting and also there have been numerous statements from senator weidan, senator leahy concerning their ability to conduct oversight on the nsa, so how do you respond to their concerns and the concerns of many american people that congress is not able to conduct oversight? >> well, i absolutely fundamentally reject the fact that there has not been oversight, including by somebody i work with, senator widen.

he had that ability. we do conduct oversight, which is why he came to the conclusions that he did. he was participating in something called oversight. oversight cannot be on the front page of the washington post. that's not oversight. that's dangerous. so on these very sensitive programs you have in a constitutional republic, you've selected the people who have clearances at both parties who have the ability to drill down and get all that information. you know, for folks who feign, oh, my gosh, who knew, i will tell you, as a member of the committee for the last ten years, i supported these programs when they were classified, and i support these programs today. why? because i believed in the oversight responsibility very seriously. so you have most -- he was a co-sponsor. didn't write the legislation. if you look at jerry nadler, hardly someone you would say is wishy-washy on these issues. jim sensenbrenner, all of them

supported the bill in the house. that is the process of which we're in. i believe it was an important place to get to where you say we're going to protect america's ability to catch that safehouse from yemen, calling into the united states. the biggest problem that was expressed, by the way, in all of these discussions was who holds the information? it wasn't -- was it abused? it was not. it was who holds the information? that was the biggest dispute. we solved that problem, and in this bill where both sides said we can live with this. i will tell you, this is not the bill i would have written for the simple reason that it slows us down a little bit. it does. but understanding the public needed rebuild its confidence in these programs, we decided or i decided along with dutch that maybe moving it from the nsa back to the companies would rebuild that confidence. you know, it's not the solution i love. in order to protect the

operational ability, that's the -- i think the legitimate place we came to. i think we have accomplished both. you continue the operational capability, and you take care of the notion that it could -- by the way, this is what the whole fight was about. it could be abused. not that it was. it could be abused. okay. here's how we got there. you know, one thing i found in this whole debate, there are individuals that clearly they have a brand name they need to protect in politics, which i think is really dangerous for all of us. celebrity politicians and people who are trying to brand themselves as x or y, forget about the substance of the facts. this really isn't a political game, the united states congress. it is a serious, serious, serious matter. we're not always going to agree. sometimes we're going to have passionate disagreements. we do. even in the intelligence committee with the doors closed and no microphones, you should hear what happens. i think america would be proud of, it candidly, because nobody is getting credit on the front page of the paper for it. it's all done because they believe it. we need to get back to that, and

some notion. if you have a disagreement, that's great, but saying it doesn't do x or y because i'm the only one that understands the constitution of the united states i think is simply wrong, and it's irresponsible. this is the most responsible effort to make sure that everybody's concerns were met, and we still have the operational capability to protect the united states of america, which, by the way, is in the constitution of the united states. >> congressman rogers, on that note, the time requires i being a tyrant before we take a moment to think thank all of you for your wonderful insights. i would like to thank congressman knapp and others for their commitment to the cyber security work and marina who will be leaving d.c. has been such a powerful light for estonia, so you will be missed, but not forgotten. rachel and my team for all their

hard work. on that note, i have tokens, literally, figuratively, and literally, of our appreciation. coins of the institute. i wanted to say thank you for your time. please take a moment and thank the speakers. >> i also have as a bow tie wearer, the g.w. bow tie. wear it proud.