>> welcome to the program, tonight john carlin, assistant attorney general for national security an important position. he leaves government on friday, and this is an exit interview talking about the united states government, cybersecurity, and terrorism. >> so i think it's important one to figure out who did it with high confidence which you see. two, to make it public, and you've seen us do that here and say it's the russians. because if you are going to be able to deter, you have to make sure the world knows we can figure out who did it. and then third, to be public about the fact that there will be consequence. now what those consequences are, have varied depending on the threat that we face when we've been trying out this new approach. and the policy has been, it will be a time and place of our choosing, not our enee's comoosing and there may be thaings-- things you see and don't see.

>> john carlin for the hour next. >> funding for charlie rose is provided by the following: >> and by bloomberg, a provider of multimedia news and information services worldwide. captioning sponsored by rose communications from our studios in new york city, this is charlie rose. >> john carlin is here, is he stepping down as the chief of the justice department's national security division. october 15th is his last day. his tenure encompassed overseeing the prosecution of cybercriminals and more than 110 people on terrorism related charges, among his primary cases are prosecution as rising out of the boston marathon bming and indictment of five chinese

military hackers for economic espionage in 2014. the u.s. is now weighing a proposition-- proportional response to russia after officially accusing it of hacking the dnc and in and it toament to influence the presidential lech. i'm pleased to have john carlin at this table for the first time. thank you, charlie. >> it's a pleasure to have you here. why are you leaving it seemed like a natural break point. it's been nearly 20 years with the justice department. but loved every job that i have had there. >> tremendously influenced by 9/11. >> yeah, yes, i wasment i'm a new yorker. and my family was in new york that it day. and a member of my-- i remember my father was underneath the world trade center in the subway on his way downtown. pie brother-in-law was right across the street looking out. >> so he saw bodies jumping out of. >> the towers. >> he did. he was in the reserves at the time. got called up as one of the people helping to clean up the

site afterwards. i remember that feeling, as so many do, of wondering if your family members were safe and trying to call frantically to reach them. and we were lucky, that day. many others were not. >> and have we learned the lesson? >> i think we've learned important lessons from that day. one of which is do not forget what happened. and then in my space, the whole division that i currently lead, the national security division was created as a post 9/11 reorm, because of a failure to share information across the law enforcement and intelligence. >> rose: from cia to fbi to nsa and others. >> and we just weren't structured that way at the time. there were legal barriers and cultural. we didn't sit-- we seen side-by-side, we have the prosecutors sitting next to the intelligence lawyers. and it caused a change in mindset. so success was no longer going to be measured by the successful prosecution of the a terrorist after the fact when families are

grieving or lost loved ones. >> success would be measured by presenting the attack from occurring. >> making sure everybody knew what everybody else knew. >> you have to know what they know and be creative as lawyers and look across the full set of legal tools. so you are not wedded because if you are a prosecutor to just using criminal justice system, just doing prosecutions. let's think about everything we can do to keep the terrorists from accomplishing their goal of killing people. >> so what would be in that toolbox? >> so it ranges, could be a criminal prosecution. it could be diplomacy. it could be a military strike or the use of treasury department sanctions to keep these groups from getting the funds that they need. it could be using strange authority commerce department has to say hey, this company is doing business with terrorists so you can't export, you can't do business with this company without a special license. we just have to be as nimmable as the thread is, and keep looking across that tool kit. >> who had the job before you?

>> right before me was lisa monaco. >> rose: who is now at the white house. >> now the president's homeland terrorism advisor. >> and has said she wanted you very much and recommended that you take this job. you formally had also been chief of staff for robert mueller, the fbi director. >> an amazing experience, there is no one i have worked with who is like him in terms of being dedicated day in, day out to the task at hand. i think easy uniquely qualified to drive change at the bureau at the time he was put in? >> rose: how did we determine that the russians were behind the hacking of the dnc and perhaps john poddesta as well? >> well, you know, charlie, when i think about this case, i go back to my first encounter with the obama administration was actually when i was over at fbi working with director mueller. and we briefed both campaigns. we briefed the mccain campaign at the time and the obama campaign. the obama campaign sent dennis pk dun a who later became his chief of staff and a guy named

mark lipper who became ambassador to south korea and we had to tell both campaigns you've been breeched by china. your emails have been been compromised. and we did so at the time and later was declassified in a classified setting am i think about how far we've come since then on the threat changes as well. >> rose: let me ask you, they disn know they had been breeched. >> they didn't know but we knew. we went to them them, to inform them they had been breached. >> rose: how did you know? >> we knew using in part sensitive sources and methods, to collect the information. so we couldn't tell them at the time how we knew. but we could tell them that they had been breached and some defensive steps that they could takement and at that time, we had known for awhile that china in particular was committing economic espionage and we had not-- we were not saying that publicly. we didn't use the word china in relation to the threat that boo come later. so the whole thing was treated

as an intelligence problem, as a secret issue, as it has for years when it came to spy versus spy. but here is what was different. when it came, in particular china was over at fbi. and i saw for the first time what was on that intel side of the house. because i had been doing this for awhile as a prosecutor on the criminal side, computer hacking prosecutor. there is plenty to do on that side. i worked with a squad of fbi agents and occasionally one of those agent was swish switch over to the intel side, they were literally behind a locked secured door. and the agent would just disappear behind that door and wouldn't see them again. never knew what was going on there. it's not like i was banging on the door to get in because there was plenty to do. when i came over to the fbi for the first time, opened up ta door and saw what was on that intelligence side of the house, it was amazing. we worked on getting better at collecting the intelligence and we created a system where you could watch on a huge jumbo tron screen, chinese actors, for

instance, hopped to a university, hopped from a university into a company and then would you watch the data efill trait out of the united staights. and what we were seeing was an a i magazine intelligence feat but we were losing billions and billions worth of dollars of intellectual property, trade secrets, theft, it became clear, to your question earlier, how have we changed since 9/11, that we were not applying some of the changes that we have applied against the terrorist threat when it came to cyberrer. and what i mean by that is when i went over to the department of justice, we still hadn't opened that door. we still weren't sharing that intelligence with law enforcement, with victims to see how we could do disruptions. and that caused us to take a massive transformation in the justice department's approach to national security, cyberthreats. >> and that is how we know the russians were hacking into the dnc an john poddesta? >> so that's what lead to a-- an approach where hundreds and

hundreds of prosecutors across the country started working in day in, day out with fbi agents. and there were four major threat actors that were up against, russia, china, north korea, iran. director of national intelligence said, the fbi said. once we started this new approach, the first one that we used that we went after to do an investigation atrix and see what we could make public was china. and that's a case that lead to the first indictments of their kind back in 20146789 only a year after we did this transformation. and we indicted five members of the people's liberation army, 6138 98. what they were doing was not traditional spy craft. so what they were doing is' laid out, they were going into nuclear, to solar, to steal, and going inside the company and they were stealing things like one company was about to do a joint venture with a chinese company, they were going to lease a pipe.

right before they leased the pipe, we watched the chinese uniformed members of the people's liberation army go into their systems an steal the design specificses for the pipe, or to use another case, with solar, we watched them go in, and they stole the pricing information from the solar company, so they could price dump. and then to add insult to injury, when that company sued, these uniformed members of the pla stole their litigation strategy. that's why we street it differently. >> rose: let's talk about that and come back to the other point. so in fact what happened is that united states came very basically said to the chinese, you have to stop this. you have to stop helping private companies have an advantage with respect to american companies. and the chinese have agreed to do that? >> that's right. and the only reason i think they agreed to do it is because we did a new approach that said number one, we can figure out who did it. so if you think it's anonymous and costfree, you're wrong. two, we made it public, in this case in the form of an indictment and we showed we can

impose consequences, by name and face and impose consequences, in this case it came in the form of a criminal indictment. that lead to an amazing experience where right before president obama was going to meet with president zi, they believed we were about to use this new executive order on sanctions, which we can talk about more later. and got a call that personal emissary of president zi wanted to come to the united states and came over with a crew of 35, 36 people and we hammered out over for or five days of negotiations, one of which was for president xi said it is wrong to use your military and intel for this purpose. >> rose: but there is some aspect of that, because i was trying to get an interview with president xi at the time that he might cancel the trip. there was some threat or overhang that maybe he wouldn't come if we couldn't work this out. >> if there were going to be sanctions imposed. >> i think they were very-- . >> rose: upset. >> i can't tell you what fully

motivated them to come and have this precedent-setting new agreement. but they clearly were very concerned. and otherwise they wouldn't have sent over the high level delegation and made this agreement. because they made the agreement you saw the g-20 adopt the new norm and so if you think about cyberspace. >> in china or the g-20, the most recent g-20 or earlier g-20. >> it was the earlier g-206789 i think it was not in china this year. >> this year it was. ness if you think about cyberspace, this t is the wild west in some ways as the president said. if we're going to bring law to this new frontier, it will take agreements like that. it's one of the reasons we brought the case. >> rose: so when we say the russians are behind this, we are, the u.s. government is pretty clear and pretty sure that that is a fact true. >> that they wouldn't say unless we were highly confident that it's so. and that is the investigation attribute part. >> rose: should we expect therefore an indictment of

individuals in russia? >> so that's the part of this whole tools approach. so i think it's important one to figure out without did it with high confidence which you've seen. two, to make it public and you have seen us do that here and say it's the russians. because if you are going to be able to deter, you have to make sure the world knows you can filling out who did it. and third to be public about the fact that there will be consequences. what those consequences are, have varied depending on the threat that we says when we have been trying out this new approach and the policy has been it will be a time of and place of our choosing, not our enemy's choosing and there may be things you see and you don't see. and talking a little bit about what happened which was a surprise case with the north korean hack into sony, i think you will see an example of that approach. >> rose: again where we were sure that the north koreans did it, that they hacked into sony. >> exactly. and it was amazing feat of intel and law enforszment in that case

where in less than 28 days, we reached that high level of confidence. and it's only because sony did the right thing and within 24 hours had a team of fbi onsite, was working very, very closely with us. we had just done the pla case less than a year ago. we mr. trying to new approach. we get a call at national security division. can i tell you, been doing this for awhile and we've done a lot of wargames of what it might look like if a rogue nuclear armed nation decided to attack the united states through cybermeans. >> yes. >> and we never figured it would be about a movie like the interview, about a bunch of potted smokers. so that was a surprise. >> rose: in fact, you had to brief the president in the situation room on the plot of movie. >> which if you have seen that movie, is not easy to do. >> rose: but let me just go back to this. so with respect to the russians, you know what the motivation of the north koreans was.

>> uh-huh. >> rose: they were all unhappy about a movie, that they thought had smeered their leader. what is the motivation of the russians. >> if you think of the china case it was to make money. >> rose: their company is in competition with american companies. >> exactly. so instead of spending money on research and development they thought it would be cheaper to steal it. with sony they wanted to, in their society, you don't have political free expression. they didn't like what somebody said. so they wanted to prevent them from being able to say it, by intimidating people out of saying what they think it was an attack in that sense on our fundamental values. and a third case, the third actor we haven't talked about is-- iran they are attacking our financial institutions, which you can guess that the motive is the iranian actors affiliated with the iranian revolutionary guard korp. but they too wanted to attack an

american institution for a political purpose. i think what is-- with the russians, what we're seeing is they want to undermine confidence in our public election. that would be consistent with what we have seen them try to do in germany, in other parts of the world. >> how does that strategy work for them sth. >> well, one good question is can it work if you call it out? so once people know they're trying to do t i think it becomes a lot harder to secretly try to influence an election or cause uncertainty. but this is a country who under its current leadership, is anti-democratic. is fundamentally opposed to the idea of democracy. so if you try to undermine it-- we try to confront it and impose consequences. >> rose: john poddesta's whose emails were attacked answer then released by wikileaks, what is

the connection between russia, hackers and wikileaks. >> so i'm not going to address the specifics outside the statement that the director of national intelligence and homeland security put out. but i think what we do in terms of looking at it, is look, there is going to be a lot of miss chiefious bad actors from ranging from those who want to undermine confidence in election to terrorist groups who attack private companies in order to steal names, to create kill lists, which is an actual case. >> rose: kill lists. >> one case that is important for those especially in private industry, watching, cuz here's a case that looks like it's a routine criminal hack. so companies every day have intruders go into their systems t looks pretty unsophisticatedded, they steal names and addresses and usual toe to make a buck in this case they stole a relatively small amount and the vast majority of companies wouldn't report it to

anybody. and luckily in this case they did report it. and the guy steals the names and then he bribes, tries to black mail the company and says bif me 500 bucks through bit ds coin or i'm going to embarrass you by releasing these names. vast majority of companies, either pay 500 bucks or decide to handle it on their own. and this one didn't. >> the lesson is they should report it. >> they should report it. >> and because they reported it, because we worked together, it turns out on the back end, it's not the low level criminal that it looks like but instead of a crook, its this cose vow extremist who has moved to malaysia, who is in a conspiracy with other folks in cose vow and he's the one involved with getting the information, with doing the hacking into the u.s. trusted retail company. he then hooks up with a guy named jennae hussein, a british born terrorist who moved it raqqa, syria, located at the heart of the islamic state. >> rose: headquarters of isil.

>> headquarters of isil and culs through that list of 1208 ennames to make a kill list. and then he uses twitter, and this is the threat we face now which is more complex than it's ever been before, when it comes to terrorism, using twitter, american-made and vent-- invented technology, he sends that kill list back to the united states to their add herents and say kill these people by name, by address, they are government employees, kill them. because we worked it together, even though it crosses, involves people from five different nationalities and moves at the speed of sieb, we were able to take effective action here. the individual-- gets arrested on u.s. charges in malaysia, brought to the u.s was just sentenced a couple of weeks ago to 20 years in prison. and general'a living in that ungoverned space in raqqa, syria, is killed in a military strike. >> rose: in a drone strike. >> the military announced it was a strike. i don't think they said whether it was by drone or airplane. >> rose: what is interesting about this too, is the notion

that you call this a blended threat. what does that mean? just what you just described in. >> yeah. so what i mean there is, we're seeing more and more of an overlap between criminal activity or what looks like criminal activity. >> rose: but it's something else. >> but it's something else. either national security threa, meaning a nation state, or terrorist group. and that's very concerning as we look forward. >> rose: back to the russians. >> yes. >> rose: so looking at your tool kit, and saying you have a proportionate response, what are the possibilities? >> well, we talked before in applying this approach on some that we have used. so we have used criminal indictments, including real charges. >> rose: names of individuals. >> requires names of individuals. and you have seen in some cases, we have apprehended the individuals, a guy named sue-bin, a chinese individual, traveled to canada. was in a conspiracy with people's liberation army members

to hack into boeing get as rested in canada. extradited, fights extradition to ultimately waive, come to the u.s., sentenced over fore eur years, these are real charges. so that's one. another is the use of a sanctions. you saw that with the north koreans, and then because when we were sitting around that situation, room table when it came to north korea, one of the things we realized was good thing there is some respect like north korea, if it was another country, we don't have an executive order to sanction individuals or companies the way we do with terrorists orthos who would prolive rate weapons of mass destruction and we need one. late thary year the president signed in a new executive order. that is another cool that is available now. and the case of suebin, he had a company he worked with and snad to him being criminally prosecutedded, the commerce department said you can't do business with that company if you are in the u.s. without getting a special license. so that is another cool that causes economic harm.

>> do you believe, does our intelligence believe that in the russian's case, that they wanted to upset the american political system and confidence in it? >> they of course denied t the foreign minister gave an interview to cnn and said no, it is crazy, we would never do this, we didn't do this, as you might expect. the other thing that's interesting about it is whether it was connected to the leadership in russia. in the way it might be the republican guard in iran. or does it go all the way to putin? >> well, i think you will continue to see the intelligence community give an assessment as to whether this would have to have high levels of government. >> they do it without the approval. >> well, you can tell from our response which is to be publish-- public and to say that there will be consequences that we believe the russian leadership is accountable for this activity. >> what happens if there is z a cyberwarfare? and who is vuller inable?

>> one of the proshes with cyber, you may not know the address of who your attacker is, correct? >> that's true, yes. >> it's true but i also think we're much better at vetionz and a at ri beution than people thought. before we brought the china case, people said you will never be able to do it. it's too hard in sieber. there are some who said it. we showed not only we could do it but we showed activity like their conduct started to increase at 9 a.m. in the morning, beijing time. and then it spiked from nine to noon, decreased a little bit from 12 to 1:00 beijing time, lunch break. and then went back up again from 1 to 6 and decreased overnight. luckily they don't seem to work the same hours as some of their u.s. counterparts do but it was their day job. that's evidence. that's giving you a hint as to who is involved that they are doing that on a 9-5 clock beijing time or to give another example, because it's not all bits and bites, atrix, in the

north korea, sony attack, it was one of the first times we brought in some of the same guys i worked with when i did homicides and serial rapists, the behavioral analysts specialists at the fbi worked out of quantity co, so you will kad profilers. and they applied their trade craft where they study psychology, but they also now have someone who is a cyberexpert. one of the first times they used them. what they looked at is when the north koreans went into the sony system, if you think about it like a murder, there is mallware you need to turn the computers into essentially bricks, right. and so in the use that, but they also did-- they also staged the crime scene, so just like some serial killers will stage a body, it's not necessary to kill them but they stage a body because they want an impact on those who walk into the room. these north korean hackers did something called splash screen which is the cyberequivalent where they put up messages designed to intimidate those who

were watching before the screens turned into bricks. that is a clue. and so the profilers used that skill set combined with things like actual analysis of the mallware to reach this high confident conclusion that it was the north koreans. >> when you look at, if it's us versus them, are we especially vulnerable because so much of the united states is for the lack of a better word digitized? >> so i do think, look, we as a society, we move 25, 30 years ago, everything was paper, right? >> yes. >> and all electronic. >> it's not only electronic, it's dow jones tal and we connect if almost all to the internet. >> right. >> and we did so, we systemicallily, across-the-board, using a medium, the internet that was not designed with security in mind. and we systemically underestimate the risks, be it from crooks, terrorists, or

spies. and as a society, not just here in the u.s., although we did it the fastest, the wol world is playing catchup now and maybe reconsidering, you know, in one case where someone had their personal emails compromised, i know the c.e.o. of a fortune 100 company said i'm putting a fax machine back in my office. >> or i'm only going to do business on my cell phone. so so when it comes to, an we're just, i mean think about in government times, we only started this new approach of figuring out who did it, making it public and imposing consequences in 2014. vus a couple of years ago. we've just reached the point now with russia where we named our four major adversaries, we brought cases against places like the syrian electronic army or islamic state. we're just beginning to bring deterrents to bear. as we do it, to your point, charlie, i think it would be a mistake to say oh they hit us through cyberso the only way we can respond is through cyber. that's where it comes to us

choosing how we respond. >> both economic and military. >> economic, military, diplomatic, pressure, criminal, all tools, don't be wedded to what is going to work for the bad guy, what works for the adversaries when we respond. trying to do is to srnd a clear message. we know who you are and we have ways to respond that you will not like and so if you continue to do this, we will then responds appropriately and proportionately to make sure you stop. >> that's right. and it's important to make sure we do it with a particular dad guy, whether iran yarr, chien-- chinese, north korean or russia, it is also important not just to them but as we set up a world we want to live in, every time we do one of these actions it sends a meses age to one of these states that are figuring

out what can i get away with in cyberspace. >> rose: so there is this, we know that terrorists and extremists are using technology. we know they use it to recruit. we know they are sophisticated about it in terms of trying to keep their own phone conversations from being discovered. so they are aware. what is the likelihood that they have the potential to seriously engage in hacking? >> we have to take that very seriously. because just like prief to-- prior to september 11th, they've told us they have the intent and we need to listen, dating back now around five years ago, al-qaeda, zawahiri, the head of al qaeda at the time said, called upon their adherence across the world, use cyberjihad, causes as much damage as you can. we know the islamic state is trying to do that. cause as much damage and fear as they can. so they have the intent. and then what i worry about in terms of capability, going back

to the blended threat is we have right now a well-funded ecosystem of crime. i mean if you go on to what is called dark web, so that is not mapped. >> describe the dark web for the audience. >> so the dark web is, if you think about what you access on the web, its all has an address that is locateable. so if you look it up on google, it shows up. there is a dark web whose ip address is that you can't see, so you have to know where to look, that is not mapped. and in that dark web, you have things like criminal groups who create essentially cyberweapons of mass destruction like a bot net. this is hundreds and hundreds of thousands of compromise computedders that a bad guy can turn to a weapon by hitting a command. and what they do sometimes, that's how they did the attack on 46 different financial institutions that would link to iran, is they used a bot net, they launched a so called denial

of service attack where they just bombard your website with so much information it becomes useless to hundreds of thousands of customers. and in this case, costs tens of millions of dollars. so they build this capacity. the other way they can use it, there is a case game over gleus, a criminal case, one of these criminal groups created the botnet and then they would allow you-- use the fact they had access to your computers to put a mallwear called kriptolocker. that means it encrypts all your files and they use that to black mail you, so if are you about to prepare one of your shows, and you can't suddenly access any of your files unless you pay money, or in the case of a hospital, it's life or death. so they have created these systems. and on the dark web now, it looks almost like amazon or a commercial level platform here. and you can literally shop, hey, i want to buy stolen credit cards or i want to use a bot net to launch a denial of service attack and it has, when i

say-- it has customer reviews. hey, i bought from this crook before. and i found that these stolen i.d.es were quite useful. >> they provide or sell you is reliable. >> is reliable. another one might say don't use them. if you think about, just your question, though, it doesn't take much imagination to think what happens if the terrorists gets what the criminals have built. and so that's where i think we're in a race against time to improve our defenses, and continue to try to deny and dises rupt them the ability to do that. >> a race against time. tell me more about a race against time. >> it doesn't take-- if you think about the capacity of a so fisted-- sophisticated criminal group, and certainly-- the intent of terrorists to cause as much destruction as they can. if a terrorist is able to encrypt a hospital's records, they're not going to say give me 10,000. they're going to do it to try to cause loss of life. so we need to move faster than they can before they get that capability to harden our defenses, which might mean, you

know n certain cases not connecting things to the internet. and we also need to, just like we try to deny other weapons of mass destruction, deny them the ability to get the use of those tools. >> in fact, you said your goal now is prevention. >> it's prevention. and you know, as i think about the-- we're on the kus paragraph of a major societial transformation. as big a change as it was when we digitalized information, now we're moving towards the internet of things. think about cars. this will be as big a transformation as going from horse and buggy to an automated car when you go from a driver car to a driverless car. and in 2020, the estimates are about 70% of the cars on the road are essentially going to be computers on wheels. and you think about the game of-- . >> rose: if you can hack that computer, can take that car and sebd it anywhere you want to. >> and think about one terrorist ppens if you have an automatedat fleet of trucks. we can't make the same mistake

that we made when we moved our information from analog to digital where we are playing catchup. when it comes to things like cars, trucks, missiles, planes, drones, or pacemakers in people's very bodies, ve have to build sceurtd in on the fronted end by design. >> rose: if they can attack your patient, they can kill you right-- your pace macker they can kill you radioity there. >> it's good people trying to do the right thing. in the beginning, a lot of these companies are focused on making it work. but they're not thinking about well, what if someone intentionally tried to abuse it, the crook or the terrorist. that's what we need-- that's the mindset we need to change. >> rose: you have said at one point, and this maybe what are you talking about, that the question of cyberis security versus security. >> i do believe that. so security versus security, by that i mean, there are within we think through some of the hard issues like can you, is there

certain information that you ought to be able to obtain by a court order, and what should a company's responsibility be in making its information accessible to the court order. i sim pathize with-- we strongly prepare the benefits of encryption. because we want to keep information secure. and we wouldn't want even the government to get it without proper legal process. but designing a system so that it is secure both from the bad guys who want to steal or destroy your information, and secure as in a safe place for, to keep ter rests from abusing it to commit terrorist attacks. >> you have been asked this before. can you design a testimony that will give law enforcement access? can they design a system, i mean silicon valley, on the question of encryption, that will give law enforcement access and at the same time, not destroy all

the concerns that hill con valley has and that tim cook articulated in the conflict? >> so i tend to be optimistic on this. when you think about the amazing-- . >> rose: optimistic that you can. >> that we will be able to innovate our way out of this issue. because if you think about right now, this is a strange analogy, i'm a new yorker. i grew up in new york. i remember, there was an old saturday night live skit. and this guy is on the subway and he gets stabbed. and is being interviewed on the radio. and the radio guy is like so, you've been stabbed. and es like yeah. and the guy says did you make eye contact. what did you expect, it's new york. that was the way it was in new york, that was our expectation. now it's laughable because it's changed. we feel safe on the streets of new york. in cyberright now, if you get hacked what is the first question people ask. what did the company do wrong. >> everybody hears about john

poddesta or swron brennan and say if they can get poddesta and brennan and the u.s. government and the pentagon, they can get me. >> well, that's true, charlie. it's just true. right now offense jowt strips defense in a sophisticated nation state where criminal groups can get into an internet connected system if they want to. it may take persistence but they can get in. your information is numently not going to be safe on an internet connected system if you are relying on some tool or something you can buy to keep someone from getk inside. that doesn't mean that we don't want to raise the costs so that only the most sophisticated actors can do it you want to keep the low level guys out, according to one study, about 08% of the breaches we're seeing, if people used known patches they could have prevented. so we're trying to increase customer safety that way. but at the same time, you got to make some fundamental decisions right now. which is should it be on an

internet connected system at all. and if it is, assuming someone can get in, let's say you're a company and it's your intellectual property, if you know that that is did kateed bad guy can get in, then maybe i don't put it in my system in a folder called crown jewels. that's not where i will put my crown jeu erls any more. i will put them somewhere elsewhere you have to have an insider to know how to access it crown jewels, maybe i will put something that doesn't work. so go steal it, invest, waste money, that's another way of increasing the costs to try to decrease this behavior. >> rose: how much do you fear that there may be other snowdens at nsa because we have a story and we don't know exactly where it goes, that there is someone else being questioned within nsa who came from a consultant firm. >> i think the insider threat is a threat we have to take very, very seriously in government. because defending against those that you trust is going to be the hardest challenge. and it is also something that

private business and industry need to be concerned about, which means continuously being able to continuously monster in some instance changes in behavior that might be a tip that sounds like an insider. and also building your systems in such a way that one individual doesn't have access to anything so they're extra controls inside your system. but it's a very tough challenge. >> which brings forth the obvious journalistic question which we often ask, what do you lose sleep over. what worries you the most today? >> it's been, right now we're in an unprecedented terrorist threat. and what we've seen is, again, this is in part a new technology problem, applying new technology. but they've effectively crowd sourced terrorism, so when i was doing the al-qaeda threat, and don't get me wrong, al-qaeda still is determined to do a complex threat, attack on the

scale of september 11th, that is centrally directed. they're still trying to do that. >> how are they trying to do that. >> they still plot and plan with trained and vetted operatives overseas and they're looking for space to do that whether it is al qaeda in the arabian peninsula, in yemen, al nousra, afghanistan pakistan region but we have seen the change, the crowd sourcing of terrorism, roughly 2014, 2015, islamic state started to exploit social mediament and instead of having carefully trained and vetted operatives, they started putting out massive amounts of prop gabbeda that looks as slick as a commercially produced advertisement, because it's so easy to do that now. because the technology. and then they used distribution platforms that they can use for free, twitter, google, et cetera. and they blasted this message targeting our young people, targeting those who are mentally

unstable and tried to turn them into human weapons. these aren't always people who really understand the ideology. >> but are they vulnerable? >> they are vulnerable. so what we are seeing inside the u.s. swins they switched to this crowd sourcing of terrorism, our divisions coordinated cases of all across the country, brought over 110 terrorism linked cases in 35 different u.s. attorney's offices. and we have open investigations in all 50 states. we're not seeing it confined, in other words to one geographic area or ethnic group. instead, the common factor in almost every case is one, they almost all involve social media and two the age of the defendant. >> what is the age of the defendant. >> on over half are 25 or younger and one-third, one-third are 21 or younger. that's never been the case for our terrorism defendants. >> have we been at all successful in try ing to counter

the argument on the internet that causes those people who mietd be sus 1e79able to act? >> so i think there is we're not done. so a little national securityae guy different than the one, where we hosted hollywood producers, madison avenue type, internet service providers and nonprofits. and i and the head of the counterterrorism center nick rasmussen walked them through the threats. and we were really there to convene and educate. since then you have seen companies like facebook launched initiatives like peer to peer that are encouraging college students and others to create content that will counter this message. and look, we're never going to be is get it from government it can't come from us. it has to come from communities and voices-- i'm not going to be

a great messenger to the 21 year old or younger who is disaffected that they're aiming to target. so again two things. three things, tactically we have to keep working hard, because it's hard law enforcement, intel prosecution work to bring these cases so that innocent lives aren't lost. two that tactical success, strategically we have to beat them where they are which means working with a coalition to defeat them so they lose territory in syria and iraq. and then three, we have to figure out a way, cuz look, fundamentally this group once you get over there, it's raping people as a political tool. they are murdering muslims and nonmuslims alike with impunity. and they are selling women and children into slavery. that is a war of ideas we ought to be able to win. >> couple things, jaim comey said he worries about terrorists as isis loses territory, and power within iraq and syria, which is happening, you know, and major battles are looming in

mosul and perhaps even raqqa later. therefore they are sending them wherever the password porting will allow them to go. how big a threat is that. >> we keep our eyes focused on it and be vigilant. from the beginning when it was first foreign terrorist fighters before they switched the call kill where you live new york passport or travel requireds, one of our chief concerns has been those who grew newspaper our culture, go abroad, learn how to kill. >> rose: make bombs and everything. >> bomb, and then are sent back to the u.s.. so if we are successful, and we need to be successful over there to deny them iraq and syria, we have to be very watchful as people flow back in. >> rose: there is another tern called domestic antigovernment terrorists who are they? >> i would say generally we have to be worried about terrorists regardless of their motivation. one of the things in this job

that is harder to put off but keeps you motivated is i tend a lot of memorial services. and one that i went to two years ago now, the 209 memorial of oak og city bombing. and-- . >> rose: that was clearly domestic terrorism. >> his motive t wasn't from an international terrorist group. it was because of grieveances right here insood the united states. are you with those families and they bombed a daycare center and so it just felt still so raw to those who lost children on that day. we cannot allow that to happen again. and we have to make sure that as serious as the international terrorism threat is and it is, that we also address those who might have a different set of motivations. and there was a group that was going to look at these issues that was actually set up post oklahoma city that was supposed to meet, as i understand it, the morning of september 11th.

they didn't meet that day. and so one of the things we have done is make sure that group starts meeting again and then have someone who is a coordinator who can take a look at either patterns or lessons that we can learn. because i think the sense was-- is from u.s. attorneys offices across the country, and from the fbi and others looking at this threat, that it's on the rise. and so we need to make sure we adapt quickly. >> rose: republicans and critics of the administration try to make a lot out of the fact of the timing of the iran ransom payment and the release of prisoners. it is said that you appreciatedded the optics of that. and had argued against it. >> soo one thing i think is important regardless. >> did you? >> well, one thing i think is important regardless of what shall-- these issues is that what i found inside the eck tiff branch is they have a bunch of people who are serious about

confronting the same threats. and they want to do it in different ways. we have frank discussions and in those discussions, you have a wol bunch of view points. sometimes, and not talking about issues but in general my view is the one that prevails. sometimes it isn't but i think it's so important that we don't lose the ability to have those conversations and in the long run t leads to right decisions which is one reason charlie i will not talk about conversations that i have. >> rose: fair enough but have i to ask 6789 it is reported that you were against the timing of the ransom payment let tea talk about the hillary clinton investigation which really didn't get to the justice department because the fbi director chose not to recommend plos keution in that case. i realize you can't speak to this that. why were the clinton aids granted immunity.

>> as you say. as a general rule, i've been a proses cuter. >> when we bring a prosecution, we bring a prosecution and if we don't, you move on and you don't talk about it. and that is the approach i will apply to any investigation over the years. >> tell me, when you grant somebody immunity, are you saying we're not going to prosecute because we hope you will tell the truth. >> there are lot of of different types of immunity. the types that get-- the type that could be called the act of prowtion. immunity so you know you give over a document and the fact that you gave the document can't be used against you. it's not immunity from prosecution. there's testimony y'all immunity where if you provide information

then the information that you provide if it's truthful can't be used against you but it doesn't provide general immunity. so i think it's important to keep straight what it might be. >> disrespect, you said if somebody wants to hack somebody, they can do it. so if in fact they wanted to hack hillary clinton's server, they could have done it. >> russians could have done it. >> a sophisticated nation state. >> could have done it. >> but would there be evidence if they did, is the question? >> and that's where-- you are he good charlie. i'm not going to talk about or speculate about the investigation. >> not so good because would you not. >> let me tell you more generally too. because we talked a lot about september 11th and there is a lot of distrust these days of

institutions generally. one thing that's been just an incredible steunt for which i feel grateful is to work day in, day out. remember that feeling, as terrible as it was right after september 11th in the weeks and months to come, there was this moment where we felt as a country so unified. we knew who the enemy was. and it was the terrorists who were trying to kill us. and the world was unified. >> they made it clear that's what they wanted to do. >> they were attacking us because of who we were. >> and then it brought us all together and put us aside a lot of petty types of differences that they have day in and day out. in the national security division and the folks we have worked with fbi and other parts of the community, every day is like that. there is nothing that focuses your mind more than when you know that there's these-- a literal group, you say it so it doesn't sink in.

they are using, they're recruiting people using rape as a means to get them to join their group. they're murdering, burning people alive. they're beheading people slowly. they're selling women and children into slavery and trying to kill us. that focuses you. and the group that i work with, day in, day out, they are true career professionals. and what motivates them is proteching their families, and the families who don't know what they are doing from groups like that. that is what is motivating them when they work-- they could give a damn about politics or any of the other-- and it's not that that is not important for the others. >> you think about the context of this investigation into secretary clinton. >> that is one of the reasons, political season, i don't want to talk about. >> my question was, in fact, if somebody wanted to ask somebody you said they could. my question was if you had been hacked, would you know or would they be so sophisticated or would they be holding it to use

at another appropriate time. >> as a general rule. >> whatever the circumstances. >> i think we're a lot better. >> talking about capabilities. >> capabilities. we're a lot better at contribution than we think. >> we're a lot better about investigation of atrix than people think. >> yes, and that's true when we work together. business, victims, private victimsk an government, and put our information together. >> china, iran, north korea, russian. >> in other words, you have to have high confidence that they did it before you a identified them and publicly said they did it. you don't want to make a mistake and therefore people have questioned yr judgement later on. >> absolutely, absolutely. >> you have to be right. >> you have to be right. >> or your judgement will be called into question. >> when we bring a criminal charge, we have to believe that we can prove it beyond a reasonable doubt which is higher than high confidence given the right that you are entitled to. >> indeed. several things before we close here, number one, were you chief

of staff of robert miller. what did you learn from him? he was a fan of integrity and respect. >> every day i think of different lessons that i leshed from him which would embarrass him. but win thing about him was he had a tremendous confidence to make decisions after careful study of an issue. but he also had a humanity about his rolement and he thought constantly about-- i may have an opinion on something. but i'm the director of the fbi. is this really appropriate for me to weigh in on. and he had respect for the fact that sometimes on these policy decisions, that a decision could be made that is different than where he was. and that his scrob was to execute it as long as it was a lawful decision and to do that required kind of n washington it's almost hard to keep your head down when you're director.

it takes a certain sense, as director of the pbi to stay out of the spotlight. and he would think about that, i think, consciencely to try to keep himself out of the politics of it, out of the ego of it and just focus on the job at hand. >> hard to do in washington. >> there aren't too many people in washington, it's hard to do. he did it for 12 years. >> it is said that you majored in the philosophy behind shakespeare, is that true? >> that does not come up often but it is true. >> rose: what did you learn from shakespeare that influences how you do your present job? >> well, one thing about shakespeare is he was-- focused very much on what we are all like as individual human beings. >> and all the emotions we all have, whether it's jealousee or disappointment. >> he didment and he addressed i think at a time. >> rose: murder. >> that you think about now, murder,-- motivations, and it

was a time of incredible change like the one that we're in now. and one thing i think is i grappled with is he didn't fear that change but knew the impact on people. and if you read through the plays, there is a lot of destructive lessons about how people reacted that are applicable this day which is amazing. >> finlly after friday are you going to take some time off? >> yes. >> do you know what you might do after that or have you-- i think for now, i'm looking forward to spending some time with my daughter, in particular. >> she's four or five, how old is she? >> she's six now. >> six now. >> have to be careful to correct you on that one. and then so i'm not going to start anything major new until next year. >> and your wife is a curator, art curator. >> yes, she's a curator of art. we live two totally different-- love going to her events but i'm the only one

usually in a dark suit, white suit or red tie. >> thank you for coming. >> thank you. >> rose: john carlin for the hour. thank you for joining us. see you next time. >> for more about this program and early episode visit us on-line at pbs.org and charlie rose.com. captioning sponsored by rose communications captioned by media access group at wgbh access.wgbh.org

>> rose: funding for "charlie rose" has been provided by: >> and by bloomberg, a provider of multimedia news and information services worldwide. >> you're watching pbs.

. u're watching pbs. this is "nightly busine wit sue stumpf out. late news tonight, wells fargo's ceo retires effective immediat in the wake of the big fake account scandal. >> soon-ish. that's when some fed policymake think interest should rise. today we learned about the depth of the divide. >> aging and innovation. older america are tech-savvy have unique needs and disposable incomes to boot and startups are taking notice. those stories and more tonight on "nightly bu for wednesday, october the 1 good evening, everyone. a big story develops late today. wells fargo's embattled ceo, john stumpf, is retiring, stepping down