"stanton, lincoln's war secretary." live from the new museum of the bible in washington, d.c., discussing the bible's influence on literature and its impact on government, legal systems, education, and human rights. we will take your calls during the program. watch this weekend on the c-span networks. >> next, former security officials discuss the response to russian cyber activity and other options for deterrence. strategicenter for and international studies, this is an hour and a half. >> welcome, we are going to have exceptionally timely events which was fortuitous but we appreciate you coming out on a

nice friday afternoon. let me introduce our panel. bios ite to read their would take up the session. carlin, theis john former assistant attorney general for the national security division. he chairs the global risk and met -- crisis management team. he did lead the investigation on the attack and one thing we all know which is the indictment of the five members for economic espionage. the -- that he was [inaudible] dgett. right is rick le 29 years with the national security agency where

he served as the deputy director until april 2017. the first national intelligence manager for cyber. finally jim miller, president -- he is on the boards of the atlantic council. thank you for coming. he is a member of the defense science board and many of you may know he coaches the task force on cyber deterrence. before that he was the undersecretary of defense for policy and the principled equity -- deputy undersecretary. we could not have a better panel for talking about this topic which is not to talk about what the russians have done, i think we all know that pretty well by now. but to talk about what should be done back and this is a new kind of conflict we are in, it is not -- it is a different kind of

conflict. we will need different kinds of responses. i have asked each of our panel if they could stay for five minutes or so, give some opening remarks, then we will turn to questions and i hope we have time for questions from the audience. when we start with you? with the anglet of what do you do about cyber-enabled activity, how do you have a strategy to deter that type of activity in a world where the rules are not entirely clear as to what a nation can get away with in that space. over years, we have started to policy of showing that when it comes to cyber activity including by nationstates along with organized criminal groups and other -- and other nonstate actors, you can figure out who did it.

so doing the attribution of putting the resources into do the attribution. i had started on the criminal side of the house hackinghe computer cases and that was kept separate from what was going on on the intelligence side. when i went over to work for director mueller, the door opened and i sat what we had on the intelligence side of the house. better than the public or our adversary nations new. when we started changing toward the strategy it is great that we know it but it is causing real harm to real people now and it is not a traditional intelligence collection issue. espionage within the indictment of the five people of the liberation army and moving on to calling out north korea's behavior when they attacked sony motion pictures because they did not like the content of a movie to charges

that were brought against iranians and affiliated actors for their attack on the financial sector. of, one, figure out who did it, and two, make it public. don't keep it on the intelligence side of the house. even though that has real costs in terms of losing sources and methods and perhaps provoking confrontation in the sphere. because once you start making it public, which i think is vitally important not just to send a message to a foreign country or adversary, but also because the victims are often in the private sector, and they can't take the necessary steps to protect themselves unless they know what is occurring. and that requires being more public about what we're seeing and link to that, we need action. we need congressional action. we need new regulations in this space, we need public support for taking retaliatory steps that may cause temporary churn and unless they see the urgency of the problem by making public

what is occurring i do not think we will have that collective drive toward action. once -- one is to make it public and then impose consequences. i named three of the four major adversaries when it came to seeing provocative behavior in cyberspace. what we had not done prior to the election was take such an action when it came to russian activity. were in the thoughts terms of not taking action prior to the election, it is clear after the fact that the result has been that russia believes it was a success and that without taking additional action, they will continue provocation when it comes to cyber. we have seen continued activity not just in the u.s. but other countries around the world that is designed to undermine the integrity of elections. we have seen the completely irresponsible use of -- that

caused hundreds of millions worth of damages to companies around the world, including around 300 million just to one, to name one when it comes to the case of fedex. to more recent activity. plus we have a long history now of russia shielding the top 10 essentially cyber criminals who the estimate from -- put last year at $650 billion worth of loss to global commerce. so when you put that together on a global scale, and the things like, as reported in "the washington post," attacking the olympics, what greater symbol of countries working together to show that you're not a member of the world order than attacking the olympics, through cyber-enabled means. so we've moved, and you've seen

a lot of those publicly out, figuring out who did it and make it public, we're not where we need to be when it comes to imposing sufficient costs to change the calculus that gets the behavior to change. this isn't about regime change and it wasn't with any of the other three countries in this space. this is about having costs proportionate enough to whatever the benefit of the adversary, to get the behavior to change. if you don't change the then the policy isn't working and you need to keep ratcheting up the cost. i'll close with thoughts on how one can do that or avoid some of the problems that came to the election. one thing that's difficult leading up to a democratic election, speaking specifically about elections, is ensuring that there's confidence in the assessment as to what occurred. in that sense, very much support a bill proposed by senator rubio that would have a requirement that professional members of the intelligence community report to congress what their finding is. so it's clear whether or not people believe that someone, an

adversary is attempting to meddle in the elections. two, in advance outline what the consequences are going to be. the bill does that as well. and in terms of ways one could ratchet up current pressure, i'll throw out a couple of ideas. one would be we have sanctions. i think the actions that we saw this week, building on the mueller indictment and the models using the criminal justice system to make public in great detail what's occurring to force public conversation and action, let -- the sanctions were good but not enough. they're not enough to cause behavior. to ratchet up the cost, one, you could look at tying the oligarchs that are surrounding putin to their assets, and then seizing their assets, particularly in real estate. the legal authority exists to do that. so then you do the investigative work to make the tie to those assets and seize them. impose additional sanctions on companies that they run, often through shells.

number two, similar to the strategy after ukraine would be macroeconomic sanctions, focused on certain sectors, like oil and gas. that would cause real economic pain and in that sense deter this type of behavior. three, to try to do this multilaterally and also to look at, as what -- was done postelection in the united states in december, and then again against the san francisco consulate earlier in the year and as we've seen our british allies do across the pond is to take actions against the intelligence operatives simultaneously with our allies. say 10 or more countries simultaneously taking action to p.n.g., operatives operating out of post in countries throughout

the world. i think those steps could be proportionate to what the damage has been and send a deterrent message. james: thank you. rick, please. rick: thanks. first off i'd like to start by agreeing with everything john said. that's exactly the right way to look at this. i'd like to concentrate on the benefit versus the cost calculus. because right now the benefit is huge and the cost is basically nil to the russians. and so when you look at that, when you want to change people's behavior to get them to modulate their behavior, you have to lower the benefit, increase the cost. how do you do that? i think one is in terms of the midterm elections, let's secure the infrastructure as much as possible. there's a couple of bills in the senate that i think are applicable, that talk about providing federal funding to the states so they can take action. you don't want to make this a federally managed activity that infringes on states' rights. but you do want to provide them with access to threat information, clearing state officials in the way d.h.s. has

started to do. engaging with them through the mechanisms like the multistate information sharing and advisory council. and taking advantage of the information that the federal government has and making it available to the states. there's been some great work in the private sector on that too. the center for internet security has produced a book for states. the bellford center at harvard has produced a manual for states to use to help do that. continuing down that path and putting some resources and some more attention behind it. so make it harder to do that is thing one. thing two, make it harder for what i call information operations to reach their target. what are the target of information operations?

the brains of the decision makers. so in this case, the decision makers are the voters in the country. how do you, without infringing on free speech, which is the first amendment, which is a hugely important american value, how do you make people aware of the providence of things that they see on social media activities like twitter, or facebook, or things that are promulgated through the news cycles? stories are emphasized or not emphasized in order to make a certain point. the intelligence community assessment that was published last december does a good job of laying some of that out in the unclassified version that was published. the use of state media and the use of troll farms. if you google hamilton 68, there's a website run by the alliance for securing democracy, full disclosure, i'm on the advisory council for that, they track the activities day by day of the russian associated troll farms and look at the stories that they're emphasizing and the divisive sorts of things they're looking to highlight in social media. so, how do we get a better handle on that, make people aware, help people think critically, and look at multiple sources of information?

that's a big, huge strategic problem. whether we will fix it this year, but it ought to be something we look at long term going forward. third thing is, what are the things that would cause the russian government and specifically president putin to change the guidance that he's giving to his people? he cares about controlling information flow to the population of russia. that's a core part of keeping power, he's making sure that, giving his high approval ratings, making sure that the information flow is managed. he also cares about supportive oligarchs. john mentioned one way to approach that. i think that's a good approach. he also cares about support of the military and the tense services. and so finally he cares about -- intelligence services. and final he will he cares about the, i'll call it a democratic processes that are going on in russia, especially with the upcoming election. so there are things that the u.s. government could do if it chose to. in each of those domains. and it would require careful

thought about which ones do you start with and how do you ratchet up? the sanctions that the trump administration just announced against russia are a step, but they're a step on a long staircase. you want to think about how you go from step to step in that process until you reach that point where the benefit is decreased and the cost is increased to the point where it changes behavior. james: thanks, rick. jim. jim: i'll start by agreeing with both john and rick. [laughter] i'd like to do first is a disclaimer. although i make reference to some of the findings of the defense science board report on cyberdeterrence, which i did, co-chaired with jim gossler, i'm speaking on behalf of myself, not on behalf of the department of development or anybody else. -- department of defense or anybody else. two quick points and then add some additional steps the united states may take and i think it's important to think of it in terms of a campaign plan. there are escalation risks associated with taking actions but there are greater escalation risks with not taking strong action. so, point one is that to have an effective deterrent strategy,

you need to think about the mindset and values of the party. in this case an individual president, putin, who you're trying to deter. to put it pretty directly, in president putin's eyes it appears that his view is that the united states is the aggressor in this space. when russian authors have written about hybrid warfare, they're talking about u.s. and western nongovernmental organizations who have come promoting democracy. and they've thrown some of them out of moscow but it continues to be, in their view, a campaign. they see the united states and western europe pursuing nato expansion. we've done that since the end of the cold war and at this point in time georgia still on the table. ukraine potentially is. the united states is pursuing conventional military superiority. it's part of the national defense strategy. in fact, it was explicit in the last administration as well.

as this administration. somewhat surprisingly to me, the russians also believe, and i believe president putin believes, that the united states is pursuing nuclear superiority. when you look at this crazy so-called status fix system. the nuclear power, nuclear torpedo intended to, with a multimegaton warhead, take out the west coast of the united states. it shows a certain degree of paranoia, to say the least. so you can argue that putin is wrong on these issues, as i believe that he is. but at the end of the day president putin and the senior leadership believe the united states and the west are pursuing regime change. if you want to understand the stakes here, and what president putin may be trying to pursue, you need to understand at that level. the bottom line goal is to prevent us from having the ability to grow nato, to put pressure on them and ultimately to impose regime change. pretty high stake stuff.

that's point one. point two, we need to push back and as we do so, there will be risks of escalation. as the united states and others push back. but if we do not push back there will be certainty of escalation. and the escalation initially will be one-sided. it will be russia continuing to increase the steps that it takes in terms of its information operations in terms of its potentially effecting elections rather than just having some potential to do so, as it did in the last election. and obviously should it wish to do so, in terms of its turning the dial up on pain on the united states through cyberattacks, on the electrical grid, on water supply, and on other critical infrastructure we just saw reports yesterday about russian capabilities in that area. so we now know as a matter of public record that russia has cybertools imbedded in the u.s. electrical grid and in other areas, to include in our nuclear power plants, which shows an ability to scale this potentially, to a pretty high level. so taking action will have risk of escalation.

if we don't take action, we'll see one-sided escalation and at some point, at some point there's no doubt that either this president or a future president will decide to take more significant action or congress and the american people will press toward that. and if we haven't taken action in the meantime, if we wait until it reaches a catastrophic attack on the united states in the midst of the crisis, then president putin is likely to be surprised by the action we take and the risks of serious military escalation will be far higher. so if we wait to impose greater costs, somewhat paradoxically, perhaps, we run a much greater risk of escalation. i want to just list one sentence each. 10 steps we could take. first of all, to reiterate much stronger sanctions that target

his oligarchs or cronies. second, enlist in international support for these sanctions. we've begun to do that. we need to do more. third, be prepared to back off of these sanctions that are focused on cyber and information operations, if putin's behavior changes. so that they're conditional. that's an important part of having successful deterrence and coercion. third we do need to develop real, not just legal, actions and not just sanctions, but real cyber options to go after putin's valued assets through cyberspace so he doesn't think he has escalation dominance. fifth, i completely agree we need to get off the dime on boosting the defenses of our election system. we're behind the power curve for 2018. we need to be in a much better position for 2020. six, we need to push back on information operations and we can talk about how far we want to go there. the state department's global engagement center is effectively doing nothing but setting the problem at this point in time. we should debate what it should be doing but nothing doesn't seem like the right answer. it's been great to see big companies including facebook,

twitter and google begin to step up. their role is going to be fundamental in fighting fake news and so forth. and it does come to first amendment issues pretty directly. but it's something that the private sector will have a central role. seventh, the push on defensive critical infrastructure is critical. we're 10 ways away from being able to protect the electrical grid. we need to expand help to our allies and partners because today and as we improve, they will become more vulnerable. in relative terms. they will be a target as we've seen from russia. ninth, we should not cut off high level contacts with russia. i would have liked to have seen the british government do more in terms of imposing costs. but not to have cut off high level contacts. we need to have those discussions. we need to ensure that president putin and his senior leadership understand why we are doing what we're doing and because there is a significant likelihood of this escalating, whether near term or

long term or both, we need to have those channels and people who are able to understand each other. in that context. 10th, and related to that last point, we need to be prepared to strap it on here. the u.s. is under attack. it's a different kind of attack than we've experienced before. it is going to escalate. it will either escalate because we don't do anything for a long period of time, and the other side continues to escalate and then we will respond and that will be very difficult to manage. or it will escalate more systemically and we'll have an opportunity to have a bit of a learning exercise on both sides. but it's virtually serving to escalate. so far this administration has taken very modest steps, far too little, far too late. i hope that they'll take more significant steps literally in the coming days and weeks. thank you. james: thanks, jim. that last point is one that struck me.

one of the reasons we're having this event is in discussions you have with i'd say intelligence or military professionals, on a classified or unclassified basis, there's a general consensus within the community that we are in a conflict. and that the conflict is getting better, not worse. and that we actually i aren't doing so well. it's getting worse not better. that's what i meant. getting better for somebody else, but not for us. that's the wrong way to go. if i got a general agreement from the speakers it's that we need to do something back. what does that do something back look like? one idea that some people, including me, have floated is we have a fairly effective campaign, we can talk about how you define effective against isis, it was joint task force aries. should we be taking, and jim you mentioned we need a cyber response, should we be taking pages from the j.t.f. book and

apply them. to our opponents in cyberspace? >> it included technical game plan. the range of tools that should be brought to bear with respect to russia with respect to its -- and pressure being brought to bear on individuals and parties. jim: we need a much broader portfolio that includes legal action, economic sanctions and so forth. and it includes working with our allies. the campaign plan that encludes all these elements, to include pushing back on both information operations and cyber does make a lot of sense.

>> i think it does. it's got to be knit together as jim says with economic and other activities. can't be just cyber. something has to do with the fact that we live in a glass house, in a tit for tat, we lose, because the american people has more to lose than the russian, the american government has more to lose than the russian government. think about the mall wear on critical infrastructure in 2012. it's been known that it was russian. and so the question is, what's that about? is that about having a capability to use if and when you want to? is that about messaging, deterrent value? i think it's probably both. good military planning, just in

case, and a little strategic messaging and deterrence mixed in there. to counter that you can't just go back and do cyber activities, you have to do more than that. you have to engage the legal system, find the enablerses both in russia and outside russia that are enabling that sort of thing to happen and figure out how you exert pressure on them to build a coalition of like-minded countries in order to make statements about these sorts of behaviors are not tolerated. >> congressman mike rogers and i wrote an op-ed a few weeks ago on four things the government should do. one of them, arguably the most important one, is a u.s. statement that says this behavior sun acceptable and we're not going to tolerate it. we're not going to get it in the time frame we need before the leches so the u.s. should say that unilaterally and use that as a basis to gather international support for that over time. john: i agree with everything jim and rick said.

i walked through a it -- little bit already in my opening remark two areas, you don't need like for like on thousand to respond this activity. you need to devise measures that impose enough pain to change the cost benefit analysis and that's where focus one on two types of sanctions we haven't done to the extent that we could both in terms of what the law allows and our ability to apply it when it comes to both the assets this ecompanies, and real estate, oligarches and also the ma ro economic sanctions. and then secondly the idea that there are moan operatives, our allies operating out of post and so far it's been tit for tat, each country has something provocative -- as something provogtive occurs will respond.

if that was done in coordination with allies i'm all tains youly, it would know there's an increase to the cost of the may -- the behavior -- the danger is not against the united states. we have talked about the united states, but it's global. and that's the behavior that has to stop. russia becoming a rogue nation and don't know, can kind of guess at the strategic calculations causing it to be increasingly rogue around a variety of areas but that decision tree is causing it to do things like attack international stewings like the olympics, to use russian affiliated actors using chemical weapons on the soil of a close ally. the harboring of cyber criminals committing billions and billions

worth of damage to everyone. around the world. and servers are known to be located. rather than take them down, they're signing up, many of these organized criminal groups as intelligence assets while giving a green light to their continued criminal activity to the use of something like mount pecha, the destruct i virus that self-propagates, protends to be ransomware but in ransomware if you paid you'd get your computer system back , in this one you couldn't, it's hitting everything from hospitals to companies. when you look at that behavior, it's against their own interests along oours to allow that to continue to escalate. eventually there's going to be a snapback and both sides can miscalculate, having much worse than we have now.

that's why it's so urgent we act immediately to stop that otherwise one-way escalation that makes it much more likely if there's a conflict it causes wider harm. >> you're going to hear agleement among the three of my speakers and me throughout the thing. that's one of the things i wanted to get out of this you talk to people who either are in the business or war in the business, there's a general sense of consensus. there's a general agreement. so one of the things we'll try to do here is maybe tease out if there's someplace we can, haven't found it yet, but also to help get the public message out there that we're going into a fight, we're in a fight, maybe need to put a little bit on our side. a couple of points came up that might be worth talking about. one of them is, one of the advantages some of our poonet -- opponents have and if we come up with response strategies they could be applied to china or

iran who are reactive to the north koreans who are currently on their best behavior, but that could always slip. they know we worry a lot about being consistent with our own laws and international law. particularly with international humanitarian law. how much do we need to worry about proportionality in these responses? do we need to think about proportionality? what is proportionality in these sorts of activities? we want to follow the laws of armed conflict but that makes it a complicated response. i don't know who wants to go first. jim? jim: i would be pleased to go first but -- a proportional response that sends the message to avoid a war could be a larger response than something that is tit for tat.

now the lawyers will tell us why that was wrong. john: i think it is right. it's wrong to try to divide something proportionate, that is designed to fit the actions that they are responding to and want to discourage. now it so happens in this case that we have pretty good estimates, particularly if you take into account again the scale of damage caused by those, the continued harboring and flouting of international norms when it comes to cyber criminal activities. we talk often about this big, amorphous land of organized criminal activity that occurred through cyber enabled means, rightly.

so it's not from every country around the world. the cooperation between countries who disagree in a lot of other areas but cooperate when it comes to law enforcement, when it's criminal behavior, actually narrows it down where a lot of behavior right now that's affecting the entire world digital commerce, is emanating from russia. that means when you're talking about proportionate steps to damage -- the damage amount is way up in the billions and billions of dollars. interest regular port actually to follow up if you did an estimate, let's say the last estimate is somewhere between $650 million to $1 trillion worth of damage from criminal cyber behavior. how much can you assign a percentage that's coming not necessarily from the russians, maybe directly attributed to the russian state but coming from rumb without response to requests for law enforcement

cooperation pping? that gives you a sense where the outer boundary might be on proportion. >> we've actually gotten exactly that question from the house finance committee so hopefully we can cook up an answer toyota. i think it's probably going to be more than 50%. that's attributable to russia. that's a guess. we need to refine it. rick, when you think about proportionality how much does that worry you? >> i think, exactly, as john points out, it's a legal basis, we're a nation of laws. follow those laws. of course we have to -- we have to proportional. i also agree with what jim says, proportional doesn't mean exactly equal or exactly in the same domain. rick: if you look at the assault on our democratic institutions, and our society and the use of inflammatory, you know, sometimes fake news, sometimes emphasis or slant on a particular story that may have a

kernel of truth, that's a big teal. that's a strategic attack on the united states. so i think the bar is pretty high in terms of things that we can and should do to respond to that. i'm not advocating a military response, i don't think that's appropriate, a kinetic military response. but i think there are things short of that that we should consider. >> you could think of a scale where you'd have cyber, kinetic military, overt or covert, what's the blend that would be most effective? john: can i take a swing at that? i think the russians have done a masterful job of this, of doing -- rick: of doing these things, taking actions that are illegal under international law but having it be known but not

provable that it was the russians. sort of a wink-nod. that's good from a deterrence point of view. it's also good for internal consumption and shows the president as a strong man who stands up to the west and the russian view is that they're not -- is that the west victimized them in the cold war. jim: if it's rooted to diplomacy, strong words and so forth, it's going to be inadequate. in addition to categories you put out, and john can speak in more detail with more expertise, of course, is economic sanctions in various ways.

whether they're targeted at specific individuals, whether they're targeted at other entities and firms. they can be tailored. they're not a perfect tool but they're a critically important tool in this area. and i do think that we just need to say, if we are getting hit with offensive cyber penetrations then the use of offensive cyber to counteract that should be on the table. john: and the point of diplomacy being part of the package, that's right an it's proportional to what's occur, it's an attack on democracy we're see, whether a systematic attempt to -- the reckless use of tools affects countries throughout the world. the more countries that can be involved this great er likelihood you increase cost in the way that changes behavior before it reaches a state we don't want.

related to that, i think public is important. and that includes working on mean, criminal indictments is one, sharing information with private sector and with parties overseas is another. of sharing resources and making attribution public. and continuing to -- continuing that strategy, which i think this administration is pursuing, speed matters, trying to do that quickly and in conjunction with -- i'll throw out one idea i'm not sure i exactly endorse but try to be, another area to take a look at would be, and this is related really to the cyber criminal activity, i don't think it fits as well for the undermining an election regime. but the cyber immunity doctrine, you might be able to do it now but also to see if there are

ways to look at statutes that would increase the likelihood that private parties can sue for damages that they've suffered. the damages to certain companies already out and outlined by independent groups so there are victims here suffering damages. you could consider such a mechanism as well for election, i think it's harder to come up with a concrete damages and probably less suited to the civil system. now that approach has been explored before, those who support state sponsored terrorism and it has drawbacks as well. it's more provocative, i'm not sure i'm endorsing it but something to think about. >> james: could i add a category? including the -- jim: could i

add a category? and i might have a question for you. we're not going to get there in 10 year bus it will help develop critical infrastructure and the cyber po text associated with it, will make it more difficult for them, make attribution more viable and make it also critically importantly less likely that terrorists or other less seen actors able to hold that kind of risk and catastrophic attack. the same is true on the information side. that the russians are piling on to, when -- they're piling on to fires already lit on the far right and far left. pouring gasoline on them. they're not creating new arguments. they're amping up arguments that

are there and trying to get us to be more polarized. the reality is that phenomenon of fake news is not something they brought here. it's something that has existed other here and they've helped to develop further. so finding ways for -- it's heavily in the private sector but there's a government role as well. finding ways for us to combat fake news in ways that are consistent with the first amendment and so forth, i think are fundamentally important. you can think of that as a type of resilience. i want to put that out as a category. i think it's essential, i don't think it's sufficient, but it's essential and it is even more essential for the lesser actors who have increasing cyber capabilities and who are going to want to get into this game of manipulating u.s. public opinion as well. >> i think you need to split it into two parts.

james: it's -- i think you have to convince potential attackers and we have four that the risk of doing something to the u.s.'s critical infrastructure is outweighed by the cost. that's part of what we're talking about today, how do we identify costs? on the social media side, i think there's a question of, what does intermediation look like? what does the ability to impose new standards on media look like? some people have said facebook needs to go out and hire 3,000 editors. they probably don't need to do that. but how do we encourage people to going identify the false naffings that's probably something you can do with technology but how do we do it in a way that's respectful of freedom of speech?

so it's a very complicated issue. no u.s. government agency has the authority to go and say this is fake news. this is false. so it's something we'll have to either change the laws or find incentives for the company. >> i do think there's a role for the government in terms of helping identify the prove nance of a story and helping to identify -- the first time this story appeared was in this place, to our knowledge. rick: that's input to a process the government can't run. i think they could add a paragraph to the 39 paragraph end user license agreement that says we're going to exercise our judgment and flag things that we believe are suspicious or don't look factual and you agree to let us do that. james: how would you avade a tit

cycle.d a tit for tat we've experienced things, we agree we should do something back, the other side won't say, ok, we give up. we're going to get into an iterative process here, how do we control that? i don't know if escalation dominance is the way to think about it? but what is it we do to get out of the cycle of just tit for tat. you've seen this in terrorist cases, in the israeli experience. it doesn't do you any good to get into a response, counterresponse cycle. >> i agree with that. it's true within cyberspace because as was noted earlier, we are more vulnerable than russia in cyberspace. that does not necessarily need to be the case forever. i do think 10 years is probably an optimistic side but not for increasing offensive capability which is not nontrivial even

today. one of the challenges we need to have in the foremost of our mind is we think about u.s.russia tit for tat. high end of the escalation ladder is thermo nuclear war. taking steps to show we have limited aims, keeping open channels of communication, taking note of fire breaks, today there's a fire break certainly between conventional and nuclear. i believe there's a fire break between if you will, nonkinetic and kinetic. at the point which you cross one of those firebreaks you open up a new level of potential conflict and it's -- and it's prnt to understand that. and finally there's also something to momentum as well as to tit for tat. in other words if the other side

doesn't have a chance to absorb your actions along with your explanation of the action and its limited aims as well as its attempt then the possibility of moving into a rapid tit for tat that could spiral is much more dangerous. >> i think this is also a game until it's done, until we get to where we're going to go and that requires united messaging from the president and the congress to say this is something we think is important. and we're going to stay here until it's done. james: part of the american people, key allies, we so far beyond where it's taken us the next step should be closing, that will give pause and time to assess. the problem now is that it's coming late and small and so in

that sense it invites a similarly small retaliation, you're always behind where the initial provocation, where the initial provocation was. this is serious. undermining our elections is serious. and i know i'm a broken record but it's amazing that that's been publicly attributed and disclosed, this was a good beginning this week we saw sanctions for the first time, has not been proportionate to what occurred. so that ledger needs to be balanced with the next set of actions. james: if you're going to look for a precedent for this kind of action, at least for me the one that occurs first would be the

reagan administration. that's how long ago this was. where you saw concerted action against, at that point, soviet espionage by the u.s., the u.k., canada, and some of our other major allies. so what do we need to do now with our allies? how do we work with our allies? jim: it's two levels, john has spoken to both of them. at one level, coordinated responses, working together so we don't surprise them or cause them to think we gone off the deep end or are going to takest callaer to actions that we loser that support and weaken the alliance which frankly to president putin would be a win. it's that level of communication and coordinated action and showing to president putin and others whom we wish to deter that we are capable of and will

act together. that opportunity mean lowest common denominator. at eend of the day, having a sufficient coalition is very valuable duh doesn't mean that everyone has to agree. secondly, technical cooperation as well. and that is, that's been occurring over recent years. i think that dial could be turned up dramatically. i know that there are in working with some of our allies there are concerns about security of intention and security of technical information and so on. but the reality is to deal with technical challenges and deal with the vulnerabilities we have in the systems, speed is going to be more information than information security in my view. getting the cycle where we work with our allies an partners closely and help facilitate private sector support even more than government to government is going to be fundamentally important. rick: there's a number of

western style democracies that have been subject to this, japan in terms of the olympics is one, germany, france, norway, sweden, italy, all of them have in one way or another been subject to this kind of activity. so there may be some natural allies in that space. john: something you keep emphasizing in your questions, this is not just an issue of russia, it's an issue of at least in the cyberspace, i think of sending a message to those other actors who are wondering what red lines are, what you can get away with, what are the norms when it comes to international behavior, and in that sense too it escalates the stakes of getting this right or you're encouraging miscalculation by say north

korea or an iran or another actor when times are tense. james: so the u.s. is encouraging response from like-minded nations to things like this. response should be temporary, painful, but reversible. what you get back from some of the smaller nato members is, i'm worried about attribution. i'm worried that i just won't take your word anymore that it was whoever you say it was, north korea, china, russia. what do you do in those cases? and our answer by the way so far has been can't tell you sources and methods. do you change that? do you just give up and act unilaterally? some people said coalition of the willing. what's the right response? rick: we do exchange information, you don't show everything if there's a -- if it's a particularly sensitive source but you show more than

you'd show privately and hopefully the government trusts their own intel people and said we look inside the covers and it's real. john: i think as well you've seen strategy that this occurred with december actions, there were three, you could focus more on the shutting down certain facilities, removing operatives and sanctions but the third was releasing the signatures of the code that was being used by russian actors and similarly it's been an open secret in cyber security community that the energy breaches were linked to russia but stating it publicly allows you then to show the indicators to allies who are looking at the same trade craft. there's a way in this space to work with robust third party

community of independent cyber security experts who once they get the signature make use of it. >> john raises a good point. those same implants exist all over western europe and other western countries not just in the united states. one thing right now, i know we talked about the need for a coherent strategy but now you're on the spot. what would you do? what's one thing you would do right now? would you fry the servers in the internet research agency? what would you do? would you release panama papers? tell me what you would do.

jim: i am going to do a cheat, first thing is have a campaign plan for this, work out what to do with our partners and allies to we're not working alone. and i think it's time to go directly after the so-called oligarches and hit them in the pocketbooks in a way president putin notices. that would be done through targeted economic sanctions and that would be, i think it's useful to have a category of these sanctions that are specific to the combination of cyber intrusions and ongoing information operations. for example, we could say these would come off if we get through the 2016 election cycle and our allies get the their -- through their election cycles as well without interference. and they would go on -- i'm sorry, 2018. and then similar for 2020. but we leave room for them to be dialed further up also if there's more interference. that's not sufficient but i think that's a necessary part and one i would be looking to

build consensus on right now. james: so a key part of what you'd do is interact with russians and message them about what we're doing. jim: exactly. i think that's exactly right. the campaign plan is a key part of that. if you don't know where you're going, any road will get you there. we need to know where we're going. we need to have -- not a fully formed plan, on page 35, but the first five or 10 pages node to be clear and included is an over-arching state ofment the goal and something to generate unity and enthusiasm inside the country and with allies to build support. and go after the oligarches money in terms of asset seizure. use the pow ore they have u.s.based financial system and banks to exert influence on banks that might not, we might not have great relationships with but they all send money through u.s.

banks. that gives us a big lever. john: i agree, the other thing, this is less to do with the cyber security, but more to do with what happened in the united kingdom, contemplate the simultaneous expulsion of those who post intelligence across multiple allies. the other thing is pending legislation would be a dead man's switch. advocated far lot of things, if there's a neutral objective assessment from the intelligence community provided to congress that says, x country is meddling with our elections, the following retaliatory actions will occur.

and there's a version of that, i can't remember which bill, it may also be in the rubio bill that says essentially when it comes to russia, here are five banks and the executive branch can pick two, any two of the five, but if this is the conclusion that there's meddling in 2018 they'll face macroeconomic sanctions which cuts them off from the u.s. banking system. that way your redline is clear preelection and hopefully there's no confusion as to what our action would be and it takes it out of the partisanship so it doesn't exacerbate any tension between any internal tensions here, that way we achieve the goal, the dead man's switch is going to happen if the conclusion is reached. >> i would say, i endorse that idea. not just because of the history of the idea, but the russians reportedly did have at least in the past such a mechanism to

boost their forces. but also because i would like a situation in which the administration and congress would work together and have something. that's been difficult lately. because of that, i would support that. i would add it should be the floor, not the ceiling. that should be understood. because otherwise you're allowing your potential adversary to calculate exactly what the costs are and you want to have that uncertainty. you want to be able to add to that cost. james: you can tell us -- a coupling of -- couple of us are recovering arms people, you have statements of if x happen, y is better result having a better declaratory policy? do we need one? rick: yes we need one and it should be if we are attacked in

cyberspace or real space, we'll respond. we'll respond in a way that's intended to increase the cost of that attack to exceed any benefits the attacker could expect to achieve. and fundamentally we need to act on it. we have multiple statements that amount to declaratory policy for many parts of the administration and many members of congress and what we haven't done to date is take substantial actions that do increase the cost are that have any possibility to be even approaching the level of the benefits that are being achieved by these attacks. james: maybe another conclusion from this conversation is we need to act. rick: i need on -- i agree on the need for declaratory policies. i think being overly specific is bad. you don't want to give them a

road map on ok, this is ok, so i can do this, you want to just say, if we see activities that indicate, as jim said, that we're being attacked, that our infrastructure is being attacked, that efforts are under way to undermine our democratic processes, we reserve the right to react with all power that we see fit, lawyerly words to that effect. john: i don't want to underestimate the importance of a declaratory process. we have one, we have declared it, declared it multiple times in context of specific actions and then not acted. that has a -- the inverse effect of encouraging future actions. so i think less time right now on figuring out the exact words of a go forward declaratory policy and more focus on putting points on the board and executing a response to the actions that have already taken place in violation of numerous

statements from two administrations that agreed on very little else. james: if i was mean i would say why do you think we haven't act on this, but i'm not going to do that. or i could ask, how do we get out of the trap of making statements and not acting? i'll put that one on the table. but before i do those questions, let me see if there's anyone in the audience who has a question now. we've got one, we've got two, three, four. five, six. we have got a lot of questions. so maybe we'll just go down the row. go ahead. >> hi, steve winters, independent consultant. months ago i heard paul wolfowitz float the same idea he said look, nothing is working. the way to get to putin, get to those people he depends on to run the country for him. attack them where they'll feel

it in their lifestyle, their money. i'd like a clarification on that. i'm not a fan of russian oligarches but the principal here you're not saying the oligarches are involved in the cyber attack or anything, it's just putin is dependent on them, if we put a squeeze on them they'll say to him, change your behavior because we don't like what's being done to us. if you extended that principal if you don't like what xi ping is doing, take the top hundred billionaires in china and put the squeeze on them. could you clarify what exactly the reasoning here is. jim: i'm not talking about a blanket approach to everyone who made a ruble or billions of rubles in russia or anyone who is affiliated with president putin in any way. those people who are close and who are part of the decision making process and specifically those people who are involved in

a way in which we can credibly demonstrate even if it needs to be through classified channels, we can credibly demonstrate they have a role, excuse me a role in decision making and in support of some of these criminal networks that were mentioned earlier as well. there are substantial number to whom that would be applicable. rick: one thing, china is a more difficult target than russia because of the greater economic strength it has and the complicated commercial relationship with the u.s. james: but why don't we, we have a cup of things we can come back to, but there are a lot of questions. could you hold up your hand again? then we can just maybe slide over that way and then come back to this end.

>> thank you. i have two questions. so why do you say we're more vulnerable in cyberspace than the russians? that's number one. and number two, if there's an unwillingness to act on everything you've said what are our options? i mean other than the hand wringing but so far the administration has shown an unwillingness to do much and to even acknowledge that russia is a problem. where do we go from there? >> the reason i said the sust more vulnerable than russia is because we are so much more dependent on computers and systems that underpin our day-to-day lives. everything from groceries showing up in the grocery store to gas showing up in gas stations online, to the net without objection that supports usinging your debit card to pay for those things. all those things are intertwined and all part of a critical infrastructure.

there's a great report by the national insfra structure advisory council of august of 2016, on the d.h.s. website that talks about the intertwined financial telecommunications and electrical power of infrastructure and if any one of those goes down, everything goes down. jim: the good news is, i think we're approaching parity in terms of reliance on the internet. not all of russia but big parts, leningrad, st. petersburg, moscow. james: hold your hands up again, this time, every time i say that, more people hold up their hands. just pass the microphone along as we go, that'll save a little time. we've got the individual there with the blue shirt next. >> mike connell, center for naval analyses. in the past russia broached the idea of internet sovereignty as a way of moving forward, sovereign control of information

flow within their territory. is there any opportunity for working with them in that area? is it just really there's no room for compromise in that area? >> the idea has occurred, you could make a trade where you acknowledged the desire by russia and several other countries for greater control over the internet in exchange for some level of cooperation, perhaps on cyber crime, perhaps on stability. and it just -- there's two fundamental problems. the first is that very often the deal would involve abandoning core parts of the universal declaration of human rights and western countries aren't willing to do that the second part is there's a concern that you could make the concession and not actually get anything in response. so it has been talked about in

the last few years and doesn't seem to be a useful avenue. even the russian don't raise it anymore. we had another one. go ahead. >> spaul schwartz, also at c.n.a. i think mr. miller mentioned early on that putin perceives himself under attack and the west is aiming for regime change. when it came time to talk about potential options going after -- are these two things reconcilable or are we risking unwanted escalation by threatening the very thing that you said that he feels is fundamentally at risk here? >> in my view it's important to go after those people who are involved in this type of activity or supporting this act ivity either officially or unofficially who are tied to president putin and at the same time to show we have limited aims, to state we have limited

aims and by the actions we take not -- not demonstrate we have unlimited or broader aims of regime change or undermining the power structure within the kremlin or within the country. anything that began to hint at that would be at a high level of escalation. john: i think there's a precedent with china, the indictment of people of -- of members of the people's liberation army but it was made clear this was because of a particular type of activity, the targeting of private enterprise here for the commercial benefit of private competitors overseas. and subsequent actions matched that principle. it allowed for a breakthrough where the president agreed to that principle and since then you've seen a decrease in that

type of activity. not all activity. but the type that would -- that was in that principle and then you saw on the u.s. side the warrant, haven't been additional actions outside of that. outside of that principle. so clear messaging and sticking with your lane i think matters. james: if we have time maybe we can come back to how would you persuade the russians we weren't kidding, we really were serious we weren't going to change the regime. i think that they're deeply paranoid about that. we have one more question, we have multiple questions. >> yes, gentlemen, thank you. i think if you took a comprehensive look at our policy on sanctions for russians, it's going after the oligarches is going to be what hurts putin the most, right? we sanctioned oligarches, we've

sanctioned banks and companies all over the world. my view on that is that i think that what putin values most is being a puppet master. he likes controlling the intelligence services. he likes controlling ilicit activity. whether it be through federal agencies or, you know, his army of hackers or mercenaries in different countries. what approach could we take to attack him if that's what we think hurts him most? being the puppet master, being the k.g.b. officer that that he formerly was? jim: i'll give a quick first response. this highlights why we need a campaign plan about steps to be taken today and in the future. my own judgement is, if you lead off by going directly after the instruments of state control and the center of president putin's

or anyone else's mower, that's a pretty big move. for mar serious than going after some of the assets associated with some oligarches or other sanctions. and i personally would think that you'd want to reserve that type of move for higher on an escalation ladder, understanding you could get there but that when we get there, president putin may believe what's good for the goose is good for the grander if you will and there are steps that could be taken the other way around that could lead to, might be potentially serious escalation. i wouldn't take that step off the table but i would say if you believe they're already worried about regime change, which i do believe, to go after the instruments of power would reinforce that view and cause them to believe they had to escalate in order to be successful. the capability to do that may be something we desire to prevent them from escalating rather than something we lead with in my view.

rick: i would agree with that, but i would also demonstrate the ability, not do it at scale, to get information into russian citizens' information flow. there's dozens of technical ways to to that, everything from broadcasting television over satellite into the country to doing things on the internet. so i would demonstrate that and also signal that we can do this if we want to. so it's -- we're holding back because we're again trying not be escalatory. >> let me set the stage, rick, this question is for you. if we rightly assume that russia has something that they're

holding over trump's head, is it possible, and i'm going to ask if your answer could be yes, no, or maybe, is it possible that trump is taking actions, that the actions that trump is taking to destroy our relationships with our allies and other countries with the intention, with the intention of making us act singularly such that our allies will not support us in the future, is that possible? yes, no, or maybe? >> is it possible or is it likely? >> likely. >> there's a fourth option which is if you've ever seen sesame street the option is me no recall. i think that's highly unlikely. if you look at president trump's behavior over his career and how he interacts with other entities, there's a consistency there. it's not loik a 180 degree

change in behavior. i think this is just the extrapolation of behavior into his new role. james: we have one in the back and then maybe move over to this side. >> [inaudible] the u.s. has had a weak response in international cyber, do you believe that this is -- has set the precedent, sorry. do you believe this set a precedent for other nations to engage in this behavior and interfere in other western democracies and if that is the case what countries can we consider as potential threats? >> i'll take a quick cut. i think each of the other panels

may have more expertise on that. i think we were slow to respond to chinese theft of intellectual property. they did it at scale. at massive scale. it had economic cost to the united states and economic benefits to them that i think are measured at least in the hundreds of billions if not trillions. that was -- we are late to take action. i'm pleased and proud that president obama did so and that -- and i'm pleased and was frankly surprised how successful it appears to have been. we do see this scale of what the chinese were doing. your question is right, is along the correct lines. if you are a lesser developed country and you're looking to boot strap your economy, trying to find niches or even margin areas where you can gain intellectual property and have a second advantage where you didn't invest in the research and development but you've been exploited would look awfully attractive and a small investment could bring that along. the good news is, putting

pressure on those country the united states has a lot of tools including not just legal and diplomatic but economic pressure as well for smaller countries. and it's worthy of considering what a campaign would look like in that regard. i'll turn it over to my colleagues, i was not aware of any countries, any small countries attempting to do that, attempting to do that at scale or having diplomatic conversations and the threat of economic reaction would not be sufficient. it's something to consider for the future, certainly. rick: i agree. i misinterpreted your question, i thought you asked would other countries take a key from russia and try to affect leches in the united states, i think the answer to that is yes. i think it's not just governments doing it. a colleague of mine was in europe and told about a contact from a company offering

information operations in a support of a brand in a not very thinly veiled to speak positively about his brand but also negatively about other brands. so think of it as combat advertising. james: someone got a briefing on effective social media presence by political operatives. can we move the microphone to this side? >> i have one question, it's about social media. earlier there was a comment about just giving facebook 3,000 editors to clean up content but that goes against the main point of facebook. facebook considers itself more as a conduit, a platform for articles. so what does this look like when the u.s. government is asking things like twitter and facebook to help combat the fake news?

>> some of you may remember myspace, one of the original social media sharing companies and the first wave, at first they did not take seriously the fact that child predators were exploiting that platform to reach kids. and that to some, the platform no longer felt safe drove myspace out of business and where facebook got its rise. we saw then when i was working on terrorism issues, they to dropped a new strategy, crowd sourcing terrorism, attempting to use social media, like al qaeda had used western technology in the form of aviation to kill, they were trying to use social media to turn young or troubled people into human weapons to kill. it took a little while in terms

of conversations to convince those social media companies this was a real issue, threat, and when they were convinced, there's a combination of private conversations and public attention to the issue, they took serious steps to combat it and put additional resources in. and we're just at the beginning of really focusing on the nation states threat and the use of those platforms to do things like attack fundamental values of undermining democracy. in the interim, the other issue they've been having is bullying, which has decreased people -- decreased people's desire of using the platform, and is a way of preventing free speech if you're so bullied when you articulate an opinion that it leaves the platform. there are deep business reasons consistent with their model why they want to make it ultimately a safe place, i think it was rick who raised this, where there's some transparency as

well. you are not deprived of access to views and where it's coming from. that requires sharing as much information as they can about what the threat looks like and the way companies can consider and take appropriate action on their platform. >> it's worth noting too that it's not just the u.s., it's also a number of countries in western europe. driven more by islamic terrorism than by russia in many cases. so -- or by political extremism. it may not just be the u.s. that asks these companies to change what they do. can we move to this side? we've got time for, i think we've got two questions here is that right? >> hi, first, thank you very much for coming today,

appreciate hearing from each of you. my name is john, i'm an air force officer, i have a quick question about information operations. so as it pertains to, i know you mention fed geck, the way you portrayed it, it was not very effective in your opinion. what does it need to be effective? and is the state department the right place for it? and writ large, your thoughts on information operations and how to do them effectively and the authorities, legalities, that are needed and what we can do to make them work. >> great question. in terms of effective operations, there are areas which the u.s. does effectively at tactical levels. you can go through, in certain points of time, many locations during those operations. that's obviously not what we're talking about here. what we're talking about is effectively communicating to external audience, including international audiences, regarding on the one part of the

mission, isil and al qaeda and so forth and the new part about russia. to me what that fundamentally means, what is the center piece of effective information operations, is truth telling. and the reality is that the united states is not going to be the most credible source of information about islam or about russia. so that means to me, it means building coalitions. and emphasizing that the mission is to get the true story out and to shed light, literally, on what's really going on. and i think any effort to -- anything that has the slightest taint of propaganda will be absolutely counterproductive and

whether in the counterterrorism or in the combating of that propaganda from russia. it's got to be about truth telling and getting the story out and working with others who will be more credible than our state department in that regard. rick: i agree. the model in my mind is like a combined joint task force where you've got from all across the whole of government and international partners who work together under some kind of control construct to say here's our -- we agree on the goal and the campaign plan. i would not put d.o.d. in charge because internationally that resonates in a certain negative way but definitely be part of the team. >> peter, who had a good idea a year or two ago but didn't know if he published but this was in the conversation. we should get out of the business because the people aren't going to trust us and we're too old and the whole bit

and he said why don't you create contests on youtube and have a $10,000 prize -- we're talking anti-terrorism -- anti-terrorism video? let some kid do a rap video on -- hip-hop on it and it will be 10 times better. we used to call them useless when i was a child. state department entities are responsible for this. i think we have time for one more question. is that right? >> jim, this call it the madison valley coalition that the previous administration put together to get madison avenue and silicon valley to get anti-terrorism messaging. >> and they arrived right where you did and sponsored pakithon developing content in universities and government -- explain the terrorism probably and said we would be the world's worst messenger. >> that's another area of>> thaf

consensus. everyone thinks you should get out of the business. >> my question is about the information influence space and building resilience. maybe this question is to you. what viability do you see in a that saysle approach so media companies should reporting mechanisms by their users for this kind of information. you see that as something that can work? with that run foul of one error? >> the first part of social media companies having a mechanism that users can report content in violation of service.

the question of then whether that will require it, that will be much more to mandate. incentiveuge brand depending on the type of activity that is criminal of other type of activity to do those reports. we are in a world of multinational corporations where they need to operate and abide by the values of multiple countries and legal systems simultaneously. the actions in europe are going to affect.

if you had the same log here, you can work out a mechanism where it doesn't hit what looks like a french ip address. large, the solution needs to be one that can sustain a global test of values and endorsing has to be one consistent with countries that share our values. and once that do not on human rights so it is a neutral value. is one that they could abide by and multiple countries throughout the relative law. service,olate terms of that is an easier one to come up with a reporting mechanism and the country agnostic. summarize.ry and if i miss anything, correct me.

what i got from this is we are in a conflict. not the kind we expected, but the one we are in. we need to act so another declaratory policy will not do us any good. we need a campaign plan. it has to be a government campaign plan, not just a one-off type thing. we need a portfolio of responses. that include legal, diplomatic, economic, potentially military. it could be the intelligence community, dot, cyber command. forceful responses have to be part of this. this game will be more than one move. it will be multiple moves. we need to think ahead of how we will deal with those moves. messaging is important both to the american public, the political leaders so they know what we are up to. also to the rest of the world and the russian people.

that includes contact with russian leadership. we have limited goals. we are interested in stability, regime change is not the target. of that preparatory work is getting everybody on the same sheet of music. unifiede not completely , maybe the compass is pointing in the same direction. >> thinking about how to work with allies, making this a unilateral approach. we need to expand! if we don't respond -- we need to expand escalation. if we don't respond, it will come later. we need to understand that will happen. that increasing resilience of

the critical infrastructure and our electoral system, our 50 plus, and technology behind them. and to find ways to reduce the impact in the fake news. russia, butof because these dynamics exist. and other actors, including terrorist groups and small states that may wish us terror. their capabilities are coming up. we can't look over the defense side. i think we need to start thinking moonshot on the defensive side. incentivizing the research. we have put certain systems, we have moved information over a very short period of time. we went analog to digital.

of doing the verge that on an exponential scale while repeating the same mistake of not building security and on the front-end when it comes to the internet of things are it before we make that transformation, we need either legislation, regulation, collective will to ensure we don't make that move until that is another area where time to act now. that is regardless of who the adversary might be. you come to see us, i think it is good news. the discussion today sketched out a path forward, maybe a path out of the whole area. pretty happy with where we came out today. please join me in thanking our panelists. [applause]

[captioning performed by the national captioning institute, which is responsible for its caption content and accuracy. visit ncicap.org] >> this weekend, the debut of our series "1968, america in turmoil." we look back 50 years to the turbulent time marked with war, political assassination, and the space words, women's right, a fractious presidential election, and the rise of the political left and right. this sunday, the vietnam war. from a major military, political, and diplomatic

elements, to the undoing of lyndon b. johnson's presidency. webb, author of the vietnam war novel "fields of fire, "." they marched book into sunlight. war and peace. vietnam and america. october 1967. 1968, america in turmoil. easternday at 8:30 a.m. on c-span's washington journal. and on american history tv on c-span3. up next on c-span, a look at the federal government's response to national disasters last year. that's followed by today's white house briefing with press secretary sarah sanders and white house legislative affairs director mark short. look at nafta negotiations and potential implications of the u.s. pulling out of the agreement.