book, broken. he is interviewed by former senate majority leader tom daschle. watch afterwards sunday night at 9:00 p.m. eastern. tonext, hearing on ways prevent election meddling. how the defense department can protect the u.s. from foreign influence. this is one hour and 25 minutes.

sen. rounds: good afternoon. the cyber security subcommittee meets to assess the role mike rounds: good afternoon. the cybersecurity subcommittee meets this afternoon to receive testimony on the department of defenses role in protecting the u.s. election process. the centw american security, senior vice president of critical infrastructure protection, operations for a calm. ms. heather conley, the senior vice president for europe, eurasia, and the arctic and for the of the program center of strategic and international studies. dr. richard hartnett, had a full andpe -- political science cyber command and the director of the cyber security project at the harvard kennedy school.

at the conclusion of ranking member nelson's comments, we will ask our witnesses to make their opening remarks. after that we will have a round of questions and answers. there is no dispute about what russia did during the 2016 election cycle. there is clear evidence that russia attempted to undermine our democratic process through the hacking of independent political entities from manipulation of social media and use of propaganda such as russia today. evidence indicates that no polls or state election systems were manipulated to change the outcome of the vote. russians evidence of probing of certain election systems in 21 states. the department of defense has a critical role to play in challenging and influencing the mindset of our cyber adversaries and defending the homeland from attacks. cybers that could include attacks by other nations against our election infrastructure. we look forward to the department approaching these issues with a heightened sense

of urgency. the thread is not going away. just a couple of weeks ago, the director of the central intelligence agency warned to that russia will seek to influence the upcoming midterm elections. the white house national security adviser stated, mexican -- that mexican presidential campaign as well. this is in addition to russian attempts to influence the elections in france and germany last year. each of us on this panel has been quite vocal about the need for a strategy that seizes the strategic high ground in cyberspace. whether you call it deterrence or something else, we need a strategy that moves out of the trenches and imposes costs on our adversaries. the lack of consequences for the countless attacks over the past decade has emboldened our adversaries and left us vulnerable to emboldened behavior. attacks we experienced during the election are the latest run on that escalation ladder.

adversaries will they can act with impunity, they will press further. our witnesses offer unique spurt -- unique perspectives on the challenge we face. we look to them. if we can reverse the damage -- and what it will take to implement a strategy that limits our exposure and imposes costs on malicious behavior. we invited dr. richard hartnett to explain his theory of cyber persistence. our adversaries actively exploit us because they see great benefit and little consequence in doing so. i agree that the cold war models of deterrence will not work and look forward to hearing what he believes will take to influence it mindset of our adversaries. writings, his his

focus to great deal of his research on the organizational challenges we face as a government. we understand he is working on a paper addressing the challenges we examined during our hearings in october. we look forward to hearing more on the gaps and the scenes he sees in our organizational model and what lessons we can learn from allies like the british -- british. brescia has yet to face serious consequences in the cyber or .ther domains for its 2016 elections and interference. we look forward to the testimony on how the u.s. can tailor and intimate these penalties and how the department can deter or dissuade meddling. we look forward to the testimony of mr. bob butler who brings cyber experience in the department of defense and the private sector.

mr. butler has been involved in numerous studies of cyber deterrence including the recent defense science board task force on cyber-deterrence. let me close by thinking our witnesses for the willingness to appear today before our subcommittee. senator nelson. nelson: thank you, mr. chairman. i want to make sure that since elections,earing on that everybody understands that is about thefeels foundation of our democracy. and that we as a government ought to be doing more to defend ourselves. this is not a partisan issue. partyan happen to either

or the non-party candidates as well. and it out to be all hands on deck. in public andnd i in closed meetings, because of clearance, we have been quite disturbed about wondering if we are doing as much as we should as a government to protect ourselves. so, in a recent closed hearing of this subcommittee, the department of defense demonstrated that it is not taking appropriate steps to defend against an deter this threat to our democracy.

youmr. chairman, i join me and welcoming -- join you in welcome any these witnesses and hope some practical suggestions are going to come out. i want to mention a few things. hast, the department cyber-forces designed and trained to thwart attacks on our country through cyberspace and that is why we created the seven commands national mission teams. subcommittee,is senator blumenthal, senator , we over to the secretary of defense last week department ought to be assigned to identify russian operators responsible for the hacking, stealing information,

planning -- planting misinformation, and spreading it through all the.net's and fake accounts on social media. they ought to do that. that is the cyber command knows who that is. to usen we ought separate forces to disrupt this activity. we are not. we should also be in forming -- informing the social media companies of russia's fake accounts and other activities companies'e those terms of services so they can be shut down. second, i would ask us to look at that as the department's own concludedsk force , to show mr. prudent

that two can play in this game. that we need operations of our to exposeermine -- his wealth than those of the oligarchs. third, i would suggest the department should ensure that it component active and cyber units are prepared to assist the department of homeland security and the governors to defend our election infrastructure. attack, buter the proactively before and during the russian attacks. fourth, i would suggest that the the -- the department must integrate capabilities and planning to cyber warfare and

information warfare to conduct information warfare through cyberspace as last years defense bill mandated. our adversaries recognized the importance of this kind of integration but today, cyber warfare and information warfare are separated and the department of defense and involved multiple organizations. and fifth, i would recommend as one of our witnesses, i think will testify today the department must help develop an effective whole of government response to russia's strategic operation through things like a joint interagency task force and a fusion center. our colleagues on the foreign relations committee have proposed something similar. the threat is not going away.

it is likely to intensify. and as our intelligence community has been warning, and coats has just testified to the senate intelligence committee, that thread is not going away. so, the 2018 elections are upon us. watchnot sit idly by and this happen again. thank you, mr. chairman. chair: thank you to our panelists here. our witnesses. we ask that you limit your opening remarks to five minutes. madeentire stigmas will be part of the record. we would like to begin with mr. butler. mr. butler: thank you, mr. chairman. thedistinguished members of subcommittee. thank you for the invitation. my views represent my views and not that of any particular organization. i will hit the highlights of my written statement.

they track closely with the opening comments. my comments are focused around my assessment of the threat and the electoral rossa sees after viewing a few different states. secondly, recommendations partnered with the whole of america campaign and thirdly, what this committee can do going forward. i have been watching the russian influence operations threat for some time in uniform and out of uniform. our ability to counter russian influence operations is not only a function of a we know about the threat but our willingness and ability to it -- address that threat by hardening resilience and other countermeasures. as i looked at the infrastructure in different states we learned from twice 16 knownat our vulnerabilities are. when you look at the voting registration systems and the registration proper, we are making progress. however, states do not have

that is a struggle and the threat still remains very, very high. my perspective looking at this particular threat, what we're talking about today is one line of operation within what i think has to be addressed through a national security council led task force. a whole of america campaign, not too much dissimilar from the nctc but with a strong empowered private sector element. again, i go back to the idea of a whole of america process. two key components inside of this, one is the idea of having an element that's focused on strengthening states infrastructure and hardening american citizens, deterrence by denial some would say. a second component focused on cost and position, from bot net disruptions to other kinds of sanctioning activities,

importantly reinforce multilateral limit i'm a big component of a cyber stability board, coalition of the of the willing working to ensure the most effective way of doing cost in position. those two components then supported by an integrated fusion center. it provides situational awareness, combined the best of intelligence both in the commercial and from the national security community with law enforcement and active defense actions. focused on a campaign that is centralized in its planning but decentralized in its execution. from my perspective it really requires both cultural and legislative enablingers. cultural the president must lead and rally the nation. there's opportunities already this week that can be used to help with that. the infrastructure proposals a great example. i don't see anything about resilience in the infrastructure proposal. we should have a way of norpg, especially as we're building new infrastructure, methods and strategies and incentives for

strengthening the infrastructure here in this country. additionally, we need to leverage the best of u.s. competencies across america. defense is excellent. here in this country. u.s. intelligence agency combined with web scale companies do a great job. web scale companies are very good and growing in their ability to rapidly identify disinformation campaigns and response. will need some help from the legislative side. specifically for dod, five recommendations that track very closely with what senator nelson was talking about. i think the-to-jump start this sponsored task nelson was talking about. i think to jump-start this nsc-sponsored task force, we should coordinate with the secretary of defense to immediately stand up and a joint interagency task force. inside of that again, empowered private sector players. we typically don't think about that, but this really is something where we need to work together in a public/private partnership. we need to make arrangements with state and local officials through dhs and the national

guard euro. second recommendation is to the ngb and working with the national guard bureau to really not only inventory what we have on cyber units and information operations units, but to begin to scale them to help the states and to help us as we think about incident response in general. i think they could be aligned with fema regions. i think they could be aligned in a lot of different way, but we need to first get organized. the third is to actually have a session where we discuss courses of action. that would have to be a closed session, but i think that's where the request for authority, new authorities' request for new resources come out. it gets to the point of not only looking at offensive actions, but defensively what we're in store for as we begin to move offensively and what we're going to do from a continuity of government and continuity of business perspective. the last two relate to senator nelson's comments with regards to the dsp task force. i think we should continue to push with the task force recommendations and i would advocate that this committee should have its own campaign of exercises to help it understand where the adversary is going and

to be able to advance ideas with regards to looking at threat and countermeasures. i stand ready to answer any questions that you have. rounds: thank you, mr. butler. miss conley? conley: thank you so much, chairman. ranking member senator nelson and esteemed colleagues. thank you for this very timely opportunity to speak to you this afternoon and what a timely moment as u.s. intelligence agencies have now assessed that russia will continue to make bold and more disruptive cyber operations focused on the midterm elections. cia director mike pompeo also stated publicly that he fully expects russia will attempt to disrupt the u.s. midterm election. so we know they are doing it and will do it, but we as a nation are not prepared to effectively combat what i believe is an intensifying disinformation operation, an influence operation. i'm a bit of a contrarian on this panel. i'm not a cybersecurity expert, but what i am most concerned about is that we have nine

months and the american people are not educated as to what is going to happen to them and that's where i think our focus must lie. i'm less concerned about the mindset of president putin. i know his mindset. i'm more concerned about the mindset of the american people as we head towards this election. you asked us what role dod could play to protect the u.s. elections, and i think simply dod, working with congress, has got to demand a whole of government strategy to fight against this the enduring disinformation and influence operation. we don't have a national strategy. unfortunately, modernizing our nuclear forces will not stop a russian influence operation. that's where we are missing a grave threat that exists in the american people's palm of their hand and on their computer screens. it is vital that we start talking publicly about this threat and educating the american people on a bipartisan basis.

tragically, the russian campaign has already deeply polarized our country which only serves the kremlin's interest as one of the most trusted institutions in the united states, the department of defense must leverage that trust with the american people to mitigate russian influence. simply put, the department of defense has to model the bipartisan and fact-based action and behavior and awareness that will help reduce societal division. this is about leadership and it's about protecting the united states and as far as i can see, that is in the department of the defense job description. so a good place to begin is using dod's extensive employee and military networks to provide timely policy guidance and statements about the threat that russian influence operation

poses to election security. secretary mattis and general dunnford should provide public outreach to the threat and how to counter it. perhaps they should think about forming public service announcements and european governments have been very effective in warning their publics about the danger of russian disinformation. france and germany were very strong on that, but you have to put the message out and we have not. i offered one suggestion, my written testimony to look at how we can leverage the national guard bureau looking closely with state and local leaders in cooperation with the department of homeland security to enhance cybersecurity awareness and be able to detect patterns of influence. for example, if hacked e-mail surfaced online in conjunction with the false rumors about potential electoral candidates. we need to start talking about this. another instrument is the state partnership program. the national guard has partnered with the lithuanian military and the estonian military and they can bring back to their states information about how russian influence works. we are speaking today about protecting the homeland from continuous disinformation attacks which alter how the average american thinks about

their system of governance and their government, and what the american people may end up thinking is that everyone is lying, everything is fake and there is nothing that can be trusted and then even the most trusted of american institutions, the defense department, the justice department, the fbi, the department of homeland security, the office of the president will mean very little to the american people. and this is exactly how you break the internal coherence of the enemy system according to russian military doctrine, and unfortunately today, we are doing this most of this to ourselves without assistance from the kremlin. this is a matter of urgency. we have nine months and we need to educate the american people in addition to enhancing, of course, our cybersecurity protections. but as the french disinformation attacks showed what many of the organizations it looked like this information was coming from, it was coming from american organizations. this is designed to be hidden.

it adapts. we have to educate the american people about what they are going to confront on the november elections. thank you. dr. hartpit? harknett: chairman rounds, ranking number nelson, distinguished members. thank you for the opportunity to speak to you about this critical issue today. we have a big picture problem. throughout international political history states have, at times, miss aligned their security approaches to the strategic realities in which they tried to secure themselves. in 1914, every general staff in europe thought that security rested on the offense, and they found how devastatingly in world war i that they were tragically wrong. france in the 1930s said okay, we learned from the last war. it's a defense-dominant environment and we'll rest our security on the most technologically defensive works in history and again, the

fundamentals have changed and the germans simply went around the line. senators, with all due respect, i do not want to be france in the 1930's. but i think we are coming dangerously close it to that my oppia and the misalignment of strategy that follows from it. our adversaries are working through a new seam in international politics. cyberspace is that seem. its unique characteristic have created a strategic environment without having to violate traditional territorial integrity through war. what we've been witnessing are not hacks. they are not fast. it's not simple espionage. what we must accept is the fact that we are facing comprehensive, strategic campaigns to undermine our national sources of power be they economic, social, political or military. and so, therefore, i agree, we must develop a counter strategic campaign to protect those sources that have a more

secure, stable, interoperable and global cyberspace. with the regard to the integrity of our elections, we've effectively left civilians whose main focus is not security on the front lines. that is not a recipe for success. specific to the department of defense role of creating better security in, through and from cyberspace, we must adopt a cyber persistence in which our objective is to seize and maintain the initiative. we must defend forward as close to adversary capacity and planning as possible so that we can watch and inform ourselves, disrupt and disable if necessary. our immediate objective must be to first erode the confidence adversaries now have in their ability to achieve and enable objectives. there are very confident. second, we have to erode their confidence in their own capabilities and third, we must

erode those capabilities themselves. we are well past the post on this. we need a comprehensive, seamless, integrated strategy that pulls together greater resiliency, forward defense and when necessary countering and testing cyber activity to reverse current behavior. we are not at step one. we are well past that. we actually have to reverse behavior. our security will rest on our ability to simultaneously anticipate how adversaries will exploit our vulnerabilities how we can explain there's. -- theirs. cyberspace is an interconnect the form of constant contact that creates an imperative for us to persist. this is a wrestling match in which we have to grapple with who actually has the initiative. being one step ahead in both knowledge and in action. if we do not adjust to this reality our national source of power will remain exposed and more of

those who wish to contest our power will pour into this seam. i therefore, argue that we must make three critical adjustments . the first is we have to adjust our overall strategic perspective. war and territorial aggression which can effectively be deterred are not the only pathways for undermining our national sources of power. in fact, because we have this effective strategic deterrent, we should expect our adversaries to be in the strategic behavior below the threshold of war. second, we must move the cyber capabilities out of their garrisons and adopt a strategy that matches the operation allen -- operational environment of cyberspace. we must meet the challenge of an interconnected domain with a strategy that continuously seeks tactical, operational and strategic initiative. third, we must make the fundamental alterations to capability development, operational tempo and decision making processes and most importantly, as bob referred to, overall authorities that will

enable our forces to be successful. we cannot succeed using authorities that assume territoriality and segmentation in an environment of interconnectedness constant contact and initiative systems. we cannot secure an environment of constant action through inaction. strategic effect in cyberspace comes from the use of capabilities than having the -- and having the initiative over one's adversaries. it is time for us to seize that initiative. i look forward in explaining in more detail how we can pursue security during our q and a. rounds: thank you, dr. hartnet. dr. sulmeyer. chairman,thank you ranking member nelson and distinguished subcommittee, it is an honor to be here today. i would like to note that i am

part of a team at the kennedy school's bellfor center that released a report a couple of hours ago. it's a playbook for state and local election administrators and it's got steps they can take to improve the cybersecurity of systems that they administer. it's based on field research by a wonderful research team, many, many students contributed. i'm very lucky to have one of the wonderful students here. karina has joined us. regardless of the role of the department of defense, these defensive improvements are essential and i want to make sure i hit that right up front. those recommendations that we put out today compliment the playbook for the political campaigns to improve their cyber security. it's essential that we make our elections harder to hack and that we improve resiliency in case critical systems are compromised. but we should also consider how best to counter threats abroad before they hit us at home. so let me transition to how i see some potential roles for the military outside of the united states to protect our elections. there are two necessary conditions of posture that i see as critical, reconnaissance

posture and force posture. first, reconnaissance posture. our cyber mission forces should constantly conduct reconnaissance mission abroad to discover election-related threats to the united states and provide indicators and warnings to our forces and decision-makers. there will never be suspect resources to address all threats equally and prioritizing threats to our democratic processes is critical. otherwise we cannot hope to disrupt these threats ot forced posture. our forces must be sufficiently ready to strike and strike against targets abroad that threaten our elections. readiness is a critical issue for our armed forces today and i would encourage senators on the sub committee to ensure they're asking tough questions about the readiness of our cyber forces just as they would about any other part of our military. if the military's reconnaissance and forces are postured to focus on threats to our elections from

abroad, there are four objectives that i think our forces should be prepared to pursue. it should go without saying that undertaking these actions should be consistent with international law and other relevant u.s. commit commitments. those objectives are preventing attacks from materializing. second, preempting imminent attacks. third, halting attacks in progress and fourth, retaliating if necessary after an attack. on the fourth, let me just note i would emphasize that had -- this retaliation needs to be timely. it's got to be timely. the more time that elapses after an adversary's attack the harder it will be that our action is in direct response. across those objective, proper training, thorough rehearsals and coordination with other parts of our government are essential. bringing military capabilities to bear inside and outside of cyberspace is always a serious matter so it's critical to ensure that rules of engagement and questions about authorities

are settled well in advance of any order to strike. here, i would note that some of our closest allies like the united kingdom and israel have undertaken some national level organizational reforms to streamline responsibilities for cyber issues and we may at some point want to consider something similar here. one of the best cyber-related investments the nation has made is in the national mission force an elite group of network operators at cyber command. they defend the nation from an attack of significant consequence in cyberspace. i think it is very much worth conditioning what role the nfk to describe the objectives just now. i have not discussed deterrence much. wrong.et me however, i would not want to bet the cyber security of u.s. elections on a policy of deterrence if i did not have to.

sometimes the prospect of defending against deterrence is the least bad. let's not the case in cyber security. we have other options like the ones i described just now and we should employ them alongside strong policies of deterrence. finally, i would just note that information derived abroad from reconnaissance should be shared with relevant parties at the state and local level. i want to commend the department of homeland security for working hard to promote information sharing over the last few years and i would also like to encourage more thinking especially among my colleagues in academia to help congress protect itself since congress is so critical as a part of our democratic process not just work accounts, but also campaign accounts, personal accounts and these can't be left vulnerable. that concludes my prepared testimony and i look forward to taking your questions. let me think all of you for some great insight and i

look forward to your thoughts in terms of the questions that we ask. i would like to five-minute rounds here. we will alternate back and forth and after we have done that once through, if we have time i would go back and do a second round depending on the amount of time that we had and whether or not other members come. let me begin with mine. dr. hartnett.ith restraintritten that and reactive postures are not sustainable, that the u.s. needs a strategy that capitalizes on the make -- unique attributes of the cyber domain. you called for a strategy of cyber persistence where we are constantly engaged with adversaries seeking to frustrate, confuse and challenge. how would your strategy calling for persistent engagement apply in the russian meddling with our election as an example and should this involve us contesting the malicious behavior at its source and what do you believe are the consequences of our failure to response to the russian election

interference yucca --? number one, we've got to be able to provide attribution to where it's coming from and hopefully we've got that completed, but give me your thoughts on it. what would you say is an example of persistent engagement with regard to what wooe donee've done already and what they expect them to do? so let's think about the internet research agency, right? i mean, we know about this center in st. petersburg. we know that it controls a series of automated bots that are driving particularly well-conceived information operations that are meant to be the size -- devices. i don't know why we are according first amendment rights

to pot -- bot. it's not a free speech issue. if we have evidence of foreign manipulation, technical manipulation of the social media space that's not what the american people, you know, from an educated standpoint actually understand is coming at them, right? they think that this is a major -- majority. . but if that trend is being driven by foreign automated intrusion that is not an issue over free speech. that's an issue of a direct foreign manipulation and so we need, i agree with dr. sillmeyer, right? we need to have the reconnaissance to your point about attribution, right? that's what persistence enables you to do to start to get better at attribution, but we need to be able to move at the speed of relevance. so if, in fact, the bots are

hitting us in a particular trend that is meant to be divisive, we should be able to have the capacity to at least disrupt if not disable that capacity. we do know where some of these capacities lie by being persistent in our reconnaissance, we will get a better understanding of what our vulnerability surface is. we have to think about it that way. we tend to think about an attack surface. that from their perspective. we have to get a better handle on what our vulnerability surface is and by being able to understand what our vulnerabilities are and again, a product of being persistent in this space, we can start to take those capabilities away. rounds: dr. sillmeyer, do you agree with that? i do. i agree with a

vast majority of what my colleague dr. hartnett just said. for me, even just to get a little more specific, the kinds of options that i would want to be seeing presented, right, need to allow decision makers some flexibility from lower level actions like denying troll farm access to compromised infrastructure, deleting some accounts to erasing some systems if it comes to it. it's too important to take options off the table ahead of time. so as long as the options space is kept open, we can do it persistently or less persistently, but it wide range of options. butler: i agree with both michael and richard on this. i would say that we need to be asymmetrical in our response. i'm a big believer in bot net instructions as we saw with levishov and that's a symmetrical response. if you look at the research agency in st. petersburg, they're a couple to the kremlin and the counter influence cam -- campaign where you begin to

cut the funding and cut the support enablers behind that infrastructure. so we need to think about things differently. it shouldn't be cyber on cyber and social media on social media. it's got to be a broader campaign. i agree with the asymmetrical response and while trying to bring down the infrastructure of those -- of those bots, what they are doing though, russia exploits the witnesses that it finds. so it is amplifying the weaknesses and division that are already appearing on social media. so how do we try to reduce the weaknesses? and this, again, gets back to the critical importance of exactly what this committee represents, the bipartisanship, fact based and getting to communities through a variety of methods to help inform the american people. so when they see a trending site lets look at that. what is underneath that. the only way we can stop this from changing hearts and minds

from the american people is helping them discern what is coming. we can do everything we can technologically to eliminate it, but the other part is just missing. we are not educating. on the asymmetrical sanctions, my frustration, and i am sure many is tos committee as well , think about ways that we can focus on the kremlin, on financial sanctions, on sanctioning the inner circle as attributable back to that. so not just in the cyber domain. focusing on financial sanctions and individual sanctions, that could be very powerful, as well. nelson: so all of you sound like that you just don't think enough has been done and that we're not

ready and dr. harknett, you have said that 2016 was the stone age compared to what's going to happen so you want to trace what you think will happen yucca? i think one of the things back to the chairman's question about one of the lingering effects is, again, we have adversaries who are confident. so even if there are other actors aside from russia who will look at this space and say this is a space that i can play in and i can work in. until we start to reverse that confidence, we're going to see greater experimentation. technologically, i'll give you one example, senator. my concern with regard to leveraging artificial intelligence and machine learning. this will be a step function, thus my stone age aleutian, a step function from where we are. we are going to within the next

16 months, i'm going to be able to take you and put you in a video in which you are saying something that you never said in a place that you've never been, and you are not going to be able to authenticate that you have not done that or been there. just think about that as a tool for someone, an adversary who wants to engage in disruptive social cohesion types of information campaigns. that surround the corner. so miss conley, given that, you've already said that you don't think we've taken any positive, proactive steps, why do you think that is the case. i think the executive branch refuses to recognize the threat and it refuses to put forward a national whole of government and whole of society strategy and bring all of the agencies and tools of influence

to bear on this. we have to think of this as a direct threat to the national security of this country. it has to receive the priority. i would also, just to focus what dr. hartnett said, this is adaptation. if we're preparing for what russia did in 2016 it would be november, itt in will be very different in 2020. it would look more american unless russian. this is adaptation. we're already fighting the next war and ahead of the new one, which is why i think education is so critical, but absent a u.s. government approach we will all have to do our best in our communities. other any private initiatives that would help? conley: new sources, social media are

doing fact checking. pressure that congress has brought to bear on the social media companies is changing their perspective. late to need. this has been ongoing. this campaign is only intensifying. this is where every member of congress has to return to their home district and talk about this in very clear ways. >> amen to that. , on the example that you gave all of the next level of technology, of which something can be created that looks real, acts real, feels real, etc., if cyber command were to a job -- to adopt your would you suggest that they change the way they are doing their operations? important it is very

to expand this notion of defending forward. bes notion that we need to as close to the source of adversarial capability and decision-making as possible. this is not a space in which time and geography are ledger bootable -- leverage of all for defense. leverageable. our general approach has been to defend our borders and our network. it means that we start defending after the first breach, and we are already playing catch-up. i concur with the notion of adaptability p here -- adaptability here.

that is what i would talk about in terms of being able to be one step ahead. we have to be able to anticipate the expectation of our vulnerabilities. you need to be able to be defending as far forward as possible. in terrestrial space we defend forward. we are not defending forward in cyberspace right now. >> thank you. thank you mr. chairman for having this hearing. thank you for all of your testimony. i agree with a lot of it. hartnett, i appreciate your effort to redefine cyberspace. for russia to have on one of our states instead of attack election infrastructure we would have treated it like an attack. because of the way we have set itour cyber capabilities, seems to me that the dod is hamstrung in trying to properly respond to an attack on our democracy. ipass is in many settings.

every time they say does not our job. you argue that we need to consider authorities to allow the o'dea and our intelligence community to apply a coordinated strategy to ciber's sick -- cyber security. can you expand? i ask this because i have put this question to the department of defense in every setting we have had. every response says, we do not have the authority. cannot understand why they do not see it as their job. country bomb to any one of our states, that is a declaration of war and we would have responded through a military. it seems uploading to me. -- offputting to me. i understand why that is probably not the case. stateof secretaries of

think it is their job, not anybody else's. i would like your suggestions on how to write the authorities that you think are necessary. i tried to push national guard as a possible place for this can be done. the national guard or reserves the states and are under control of governors. why not amplify what we are already doing with her national guard reserve to give them the expertise and cyber but actually delegate this mission to them in conjunction with all the other assets in the military? to all of you, you can answer this question. what authorities can we give? how would the national guard be useful? had we get this done? it is frustrating to me that we are not doing it. bill with lindsey graham to do a 9/11 deep dive style analysis of the cyber threat to our electoral infrastructure. it is a bipartisan bill.

whether we ever get a vote on it i will never know. it would be a great first step in my mind to get a report saying what we need to do to harden our infrastructure. maybe comment on those three ideas. >> thank you, senator. you mentioned our allies. if you look at the u.k., for example, the israelis, the us trillions, their first default in cyberspace is to ask, how do we find synergy not segmentation? our entire approach to the space has been -- starting with who has divided roles and responsibilities. from ourarn something alleys right now in terms of their orientation to try to find synergy rather than segmentation. that should be our first policy framework question. in terms of authorities, there is a false debate between 10 and 50.

when i argue for a seamless notion, i am suggesting that we understand title x and title 50 as mutually reinforcing. as segmentation. the segment in congress in terms of oversight, i get that. the do not segment and operational space. we should understand and reinterpret those authorities to emphasize synergy and where there is seamless reinforcement rather than looking at those authorities as something that divides and puts us into differently. -- different lanes. we need to get at this. mechanism,the best there is expertise about level.

we have a capacity, if you look at the brits. they're looking at a cyber civilian reserve force. that is another interesting way of thinking about this. ultimately, if we need to do a deep dive, i think we do. i think we have authorities that are structured for a terrestrial to thehat does not map realities of this human made, interconnected space. authorities are what we should do less. we should figure out what our mission is. we should develop the organizations to pursue those missions. then we should authorize them to do it. one of the major problems that we have faced is that we have been continually trying to shoehorn our cyber forces into existing authorities and working backwards.

>> senator, i think the national guard is an area we absolutely should explore. i mentioned it in my written testimony as far as education, bringing together, working with community leaders at the state and local level. style, ciber is a critical pillar of this. we need to look at russian economic influence. we have to look at a whole range not just as russia as the adversary but others who will you cyber. please broaden that out. they will find any seem -- seam. >> i taken from two angles. let us refocus the authorities. catherine's were get here -- here iscatherine's work

different from what most people are saying these days. wherevolved in exercises i am blending physical and cyber together. i am working with the army cyber institute on an activity where we have a natural hazard. had to get a rolling start? you can use our authorities. to military has the ability use immediate response authority to create a rolling start. we can reinterpret and leverage these kinds of things as we move forward. a part of that is the national guard. we have unevenness within the stand of our national guard activities. we have both cyber and information operations. i think we could create pockets of talent. washington state has a phenomenal industrial control system. maryland has a fantastic unit where they leverage a lot of nsa

expertise. we have unit spread across the country. we need to create a construct of cyber mutual assistance across countries. we can do that. to sit down and plan together a campaign in that regard. what the senator's time is expired, if you could expedite your answer i will let you finish up as well. >> i will go quick. i support all that was just said. abroad i do not believe the kind of activities i described earlier need new authorities. on the deep dive i say great. us -- atried to get start on that. there is a part of me that wonders by saying cyber the response is helpdesk. by not describing it in a way that is about workfare and propaganda, we do a disservice to the rear -- real problem. >> sen. blumenthal:. blumenthal.

i am familiar with the work done by the belford center. thank you all for the work that is done by each of your organizations. i want to tell you, you already no, the immediacy and urgency of this task was reinforced this morning before the senate intelligence committee where dan nots said, there should be doubt that russia perceives its past efforts as successful and abuse -- views the 2018 midterm elections as a potential target for russian influence operations. that statement would be beyond conventional wisdom. it would be unnecessary to state. it is the consent since of our intelligence community -- consensus of our intelligence community. it has been accepted by everyone

except the president of the united states. in my view, that is the elephant in this room. the president refuses to acknowledge this threat to our national security. record simplythe can propose all the great ideas in the world and some very good ideas came out from a report done by the senate foreign relations committee. senator cardin called the assault on democracy in russia implications for u.s. national security. theuld be interested to see centers released today. without even having seen it, mr. chairman, i ask that we make it part of the record. >> without of the -- without

objection. onwe need to make progress gaining acceptance at the highest levels of the united states government. many put it as diplomatically as possible. russia attacked our democracy. in my view it committed an act of four. they're going to do it again. unless they are made to pay a price for it. that includes enforcing sanctions passed overwhelmingly by this body, 98-2, still unenforced. about retaliatory measures in real-time is very well taken. why should the russians take us seriously when the president denies the plane reality of their attacking our country and the sanctions that would make them pay a price i still

unenforced? all of that said, i want to raise another topic. i think it has not been touched. the social media sites. google., if you could comment on what their responsibilities are and how they are meeting them. in this propaganda campaign, using bots and fake accounts, which have been appearing on those sites. i have talkede -- with a couple of the web companies about this. with what we have already seen in the counterterrorism fight. in that space what you see is them actively looking for disinformation come in the case of terrorism of course looking for recruitment.

i think the challenge is guidance with regards to counter narratives are alternative narratives. any to be done with others. to be done with others. they have the ability, based on their reach and fuse and engines, to help us move much more quickly into actions. not just to do it from a cyber perspective but from a counter influence perspective. that is so critical. >> thank you. >> thank you, senator. i would know that building link the awareness of what congress has already done to force the social media it companies to take a deep look at this has been helpful. you thatuggest to russia will adapt their tools. this will look more and more american. it will get more into first amendment issues. that is a weakness to exploit here.

i would commend that we look at how social media engines could start contacting what looks like american origin but in fact is not. that would be the next step i would recommend. >> thank you. >> i think we have to move away from a partnership model, to be perfectly honest with you. we have been talking about a public-private partnership for 25 years. i published about this 25 years ago. the problem is, partnerships require shared interests. sector has a very specific interest. profit-making. the state has a very specific interest. security providing. recognize and grant that they have a different interest. we need to move this to an alignment model. incentivestructure within the marketplace for them

to achieve their primary objective, profit-making, while producing an effect that the state requires, which is enhanced security? until we start to think about how we can shape and incentivize that behavior and recognize that we have very different interest in the space -- that fitness bands company produced a heat map that exposes all of our forward deployed troops. nobody at their board meeting when they came up with this good idea of releasing that heat map -- they said, look, our stuff is in the dark places. they thought that was cool. 10 years ago the intelligence capacity that a state would've had to have found all of our forward to pipe -- deployed troops. this was found by a fitness company.

this is the way we have to think about them. meet them on their grounds. start to get them to align towards the security needs that we have. >> thank you. >> i would know the interests are not aligned. essential part of -- part. do not treat them all the same. not all the companies have gone through the same amount of self reflective. some have not. i do not think we should limit this to social media companies. there are a lot of companies up and down at the stack, a lot of different types of people on the internet who have an interest in this type of work. >> thank you all. i have gone over my time. >> let us do it this way. let us do one more round so that everyone has an opportunity. we will make it five minutes. for those ofve --

us on this and, when we had a five minutes whoever is final speaking on it will have their -- they will be the last one. let me begin with this row very quickly. we are looking at changing our hats. communities, we have a dual headed individual. we are looking at separating those until separate items. titlede title x one side 50. the cyber security side would be separated out. we were concerned that they would go very rapidly. now there is a discussion weather moving in this particular way is quick enough. i would want to know your thoughts on whether or not we are approaching the challenges that are facing us in the right way with regard to the organization of government as a whole. can i quickly go across and at -- as each of your thoughts?

i will begin with mr. butler. >> thank you. mummy start the cyber issue. -- let me start with the cyber issue. we have enough of the infrastructure developed to work within cyber command. we are not as dependent as we once were. forward, we need to have a way of checking and understanding whether it is working. thated an activity understands the space, that can help cyber command make adjustments along the way. i support the split. i support where we are trying to go as we move forward. as we take a look at those two elements and put them into a larger whole of america constructs, i go back to what i put in my written statement. from my perspective, having been

through this both in uniform and doing information operations we need toanning, get the best of america into the space. there is a role for dhs. fbi is very engaged. there is a role for the department of defense. role for trusted private sector partners in the space. you cannot scale without it. we have to align. the organizational structure gets to the reason why we needed a comprehensive 9/11 type commission. we are horribly structure for this particular challenge. -- thatthan the streams is why we need a deeper dive to get to a reconfiguration, does as we did after 9/11. we restructured ourselves. we need to do that again. >> dr. hartnett? >> i concur.

i would are just reconsider the split. thatw that there is not -- is not the current view. this notion of my litmus test. i you producing more synergy or more segmentation? there is not one of our allies that is moving in that direction. >> let me ask a question on that. we know that on the title 50 side, they love to be deeply embedded. the result real concern out there that if they actually were persistent, that interrupts their capabilities to be the intelligence gatherers that they are. thato we allow for constant and persistent activity if they have the same concern that they would not want to be seen? half enables dual

that kind of determination to be made. both when andy of where we are going to make trade-offs and where that seem -- seamlessness is. >> it is not working today, is it? >> a can. if you look at our adversaries, why are they not worried about burning capabilities? we have had a high and right kind of focus to all of this, both in the recon phase and in the force phase. it has been to sporting the space. step in here a little bit. >> i think we are back to different interests. the two institutions have matured and now they have different missions and jobs to do. the current structure is very efficient. it is one person.

is time for two different. >> thank you. senator nelson. >> until we evolve into that new structure, we are stuck with what we have. the cyber command national mission team to disrupt the russian troll farms, the botnets, the hackers, all engaged in attacks on our democracy. we can identify them, the infrastructure they use, we can identify their plans. we can do everything that we can to stop these activities. what if you do not do anything, it is not going to happen.

until the existing structure that we have, the secretary of the defense walks into the room and says, boss, and his boss is the commander-in-chief. until he says, boss, we have to , nothing is going to get done. describing a situation that we are defenseless in this 18 election? my sense, sir, is no. in themmendation is homeland defense mission of the department of defense we should stand up and move forward as we ,egin to move to another level

which would be a national security task force. this committee has jurisdiction, the secretary has prerogatives. this is a homeland defense issue. >> well. i thinkld just add -- it is a defend the nation issue. >> i think you're right. >> this is as clear an attack on the country as if you lobbed a missile or if you lots of artillery sell. lobbed an artillery shell. one of you stated that it is going to morph to where the attacks are going to look more

american. would you expand on that please? >> that was me. it is in part from some of the lessons we learned from the french presidential election. was ast cyber attack combination of both hacked emails from the campaign as well as made up messages. it was all mixed in between. i do notnderstand -- have access to classified breaching's -- briefings. it looked like it was coming from the united states, from u.s. organizations. some of this is tied into adaptation. they do not want it to look like a russian bot. they want it to originate from other sources to confuse and make attribution questionable in those last few moments. my intuition tells me that the

lookthese attacks will like they're coming from america. will say, this is their first amendment right to say these things and put forward these ideas. that is the problem. >> how did the french counter that? >> they have a very unique -- they have a blackout. before an election. government french and intelligence agencies had made very clear repeatedly and publicly that this was likely to happen, french media were very responsible. they could not fact check the material in time. the reflection. would not move forward. that last major attack was awarded because both of the law and a lot of french proactive steps to inform their public that this could happen. hourst was in the last 24 before the french election? >> the presidential election

debate between the candidates on the wednesday before the election. she began to hit that there may be some information about mr. macron's overseas bank accounts and hinted at this. 24 hours later the document release happened. one could speculate that there was some coordination. because it hits a late, it did late, it did so not matter. had happened 72 hours before, it may have had a different impact on the election. wanted to go over a couple things. you said the belford center as our become a deep dive on how we were hacked. is that true? >> the two reports are about the

practices that campaigns and local officials can take based on field research. what they found as honorable and techniques that were affected. it is not going to be that kind of a deep dive that you are proposing. >> was that distributed to the 50 states? >> i believe so. it went live today. briefedld request you the committee on what the responses are to each of those efforts. and a copy of the report from committee members so that we have our own first draft of what our 9/11 deep dive might ultimately look like. this has to be done. is striking to me that there is no sense of urgency by this administration. it is crazy as far as i'm concerned. i want to work towards elevating

this issue. you work will help us do that. hartnett, you mentioned that bots do not have first amendment rights. tot you think a be written say we expect these platforms, whether it is facebook or twitter or instagram or any other online community, to not sell its technology to fake entities who are posing as real people? it is simple fraud. you're doing it with the purpose of changing somebody's mind. i believe it should be illegal under the same analysis that we have. trying toyou go about take away those free speech rights that are given to nonentities today? >> thank you, senator. i'm not a lawyer. i would build on what you just said.

default toof our fraud -- if, in fact, what you if trying to sell is trend, that is the actual operative that you are trying -- should be capturing human behavior. through -- this is very tricky. we have to separate human behavior from automated behavior. automated behavior can be ofssified as falsification trending. the notion of understanding technical manipulation of the space is not smart marketing. it is manipulation. it should be out of bounds. could i make one quick comment on your deep dive?

i would look at eisenhower's solarium exercises. said, whatisenhower is going to be our macro level grand strategy set up? of three competing teams to come up with what the strategy should look like. that is what containment and deterrence came from. it is an interesting alternative approach. >> like a national competition? he broughtcified -- together three groups of experts. they were given access to classified information. they work as independent teams. they were brought together to knock heads over what the best route to a grand strategy looks like. we do not have a cyber rant strategy. we do not have a grand strategy for cyberspace. the chinese do. they have announced it. they're going to be the number one ai country by 2030.

think ino start to those kinds of grand strategic terms. >> any thoughts? >> i would build on the honest ads act. you have elements in this particular legislation which gets to what we want online platform city. they can identify.net infrastructure and are beginning to identify infrastructure that originated nefarious. i would add to that as one way of trying to tackle this issue. want to notoint, i disagree to strongly with my colleagues. i have worked in the private sector side. there are models that can work to align incentives. show a private sector and national security government elements working together, you

show them a threat of this magnitude and provide limited protection, it can get there. it took us a long time to get to pulling terrorist data off of online. they are doing it now. the sooner we get into this with creating an alignment of incentives and understanding of the problem -- it is not with everyone. it is with folksy can do things on scale. things onho can do scale. >> let me take this time to thank all of our witnesses. you have spent an hour and a half with us today. beould suspect that we would speaking again in the future as we continue to learn more about the challenges and threats that face our country. it is not going to get better. it is going to get worse. our challenge is to make your that we have the right long-term strategies.

as such i think we have a lot of work to do. with that, once again thank you. think you for the participation of our members here today. this subcommittee meeting is adjourned. [indiscernible]

sunday night q&a michael -- on his book the power clash between the u.s. and china. john has lost face. it's hard to get an idea what that means to the asian culture. they have the never again mentality. they have a mindset they will build it missile-defense courses in such a way that we never lose face like this again. >> sunday night at 8 p.m. eastern on c-span's q&a. wards,ay night and after trade negotiator i read shapiro with this book "broken those quote.