The author ofan, a new book on Cyber Security. Happy new year. Welcome ladies and gentlemen to the center. It is a wonderful evening in cambridge, massachusetts. We have cspan with us today and a good twitter presence as well. For those of you not in the room, it is very sunny, very warm outside. ,lease visit cambridge anytime especially our Cyber Security project. It is a wonderful panel we have today. First, our colleague ben buchanan, david sanger, and fiona hill joins us from washington, currently at the brookings institution, had been National Intelligence officer for russia. Also a harvard alumnus several times over. Welcome back. Thank you everyone for cramming in here to the absolute full house. Absolutely packed. We will note that if you have your cell phone on, please turn it to silent or turn it off, a remarkable idea. If youd like to live tweet, go for it. It is on the record. Have at it. What we would ask is when it comes time for q a, we do have microphones on the left and right. When it is time for questions, please use them. That way our audience here and on tv will be able to be able t participate and hear e are talking about for the q a. With that, lets begin. Let me ask our guest, fiona, tell us a little bit about where we are at with russia today. Where have we been . We have a new administration that comes in with a slightly different approach and thought about russia then previous administrations. Set the stage for us, if you would, where we are at with russia today. Thank you for being here. Thank you. Thank you very much. It is great to be back at harvard and see so many familiar faces. Really nice to be here. Interestingly enough, we are not at much of a different place than we usually are at the beginning of administrations. There are plenty of people in this room who will think back, sorry i dont want to be rude to anybody, back to reagangorbachev, when Ronald Reagan wanted to change the trajectory of the relationship with the soviet union, and did through summits with mikael gorbachev, and successive president s had to rethink the relationship. They have all tried to find new relationships, so that is not unusual. What is unusual is the backdrop to the president ial election here in the United States with an unprecedented level of efforts by russia to have some kind of influence over those selections. Elections. It has been hotly denied by moscow, but the reason we are having this panel, articles from david sanger and others, that is quite clear that those denials are meant to throw us off the scent of what is happening. Also, attempts to influence elections by russia or the soviet union or the russian the choice of leadership, the choice of kings and queens, it is also not unusual. This is not unprecedented for an outside power to have a say in what happens with another power, an adversary or friend. It is just that the technology we are here to discuss has given everybody opportunities to have influence in different ways. Anyone in this room who is able to code can hack into somebody elses computer. Back in the day, it was more difficult to have political influence. You had to spread rumors, you have to have physical spies in different places, or even plant people to sway the day. Now we are in a situation where with a few taps of computer keys, you can have a major impact, or at least have people talking about that impact, so i would argue that we are not in an entirely unusual and unprecedented position, but the scale of the efforts we have seen to have an impact in u. S. Politics is somewhat unprecedented. Excellent. Thank you for that great opening. If that is the intro for the russian side of the story, help us think through the cyber side of the story. Thats right. Thank you for coming. It is a pleasure to be here. A lot of things are new, and a lot of things arent new, and that is true on the cyber side of the ledger as well. Russian Cyber Operations go back a long time. One of the first operations, operations,te cyber moonlight maze, late 1990s, and that was tied clearly to the russians, so this is not new, but for those of you who might be new to the Cyber Operations, a way to conceptualize them is we have a category of operations, espionage, and this is an old tactic in new clothes gathering information , through signals intelligence, and this is incredible by able to nations today. It is difficult to overestimate the degree to which modern nations, including the United States and russia, rely on signals intelligence and Cyber Intelligence to inform their decisionmaking processes, and also sometimes in 2016 to leak information and carry out influence operations. That is one side of the cyber ledger. That is one half of the cyber ledger. The other half is holding targets at risk or developing attack capabilities. The russians have done a fair amount in this area as well. What is significant is here for here for those who have not studied Cyber Operations before, if you build a missile, you build a missile and target later. If you want advanced Cyber Capabilities, you need to do reconnaissance and prep work in the adversarys network well before you want to launch the capability. We have seen the russians doing some of this prep work before. So this is a significant part of their operations, even if it is not a high profile influence our operation or espionage operation. Make no mistake about it, russia has recognized the power of Cyber Operations to steal information and attack. Terrific, all right. Well, not terrific for victims of russian attacks, but terrific in terms of opening comments. Thank you for that. David, link the two if you would together with a wonderful story that you had written back in december, december 13, on a saturday, a very detailed account in the New York Times called the perfect weapon, how russian cyber power invaded the United States. Thanks. It is great to see so many friends here. Thank you for coming out. The title of this piece, and it is a long piece, about 7000 words long, was an effort to do a reconstruction of what had happened. The title of the perfect weapon came about because the more we discussed it, the more we came to the conclusion that it was perfect for the situation that russia finds itself in today. The russians, like the iranians, like the north koreans, in fact like almost everybody else, do not see any advantage in confronting the United States frontally or any advantage in doing anything that would actually provoke a major response or certainly a kinetic response. Cyber is perfectly well designed as was pointed out for the option of doing a low level attack that could be used for espionage, could be used in this case for influence operations that merge a very old soviet tactic from the 1940s with the very modern technology of cyber. Or it could be used in a much bigger case for fullscale attack, what the United States did in the Olympic Games against the iranian infrastructure. And so the trick for the russians here was to find something that was inexpensive, deniable, and that would count on our ability or our inability to both detect it quickly and to respond decisively. Now on that last point, counting on the u. S. For a slow response, and then for a confused one, i think they got a payback that was bigger than they ever possibly could have imagined. Just to take you briefly through the timeline for any who may have missed this, the United States was first alerted by an allied Intelligence Service about an attack on the dnc, and intrusion into the dnc, in the fall of 2015. Because the u. S. Never wants to reveal exactly where the intelligence came from, it routed this through the dhs, department of homeland security, and the fbi sends a midlevel agent out to go find a completely Clueless Group that i. T. Group that was defending the dncs computer systems. I would not say defending the dncs computer systems. They were hanging around the dnc s computing systems. The special agent calls, leaves a message, asks for a callback. The person running this, you cant make this stuff up, doesnt believe he is from the fbi, but doesnt check or call back for a while. They spend months in the stands dance back and forth where they are presented with the evidence,. The fbi said a group called the dukes appeared to be responsible for this. This is part of russian intelligence. But the response is so slow that the president of the United States did not actually hear about any of this until june 2016, nine months. In an era when we talk about how cyber means we have to be able to respond quickly, have a playbook ready, be able to look at your array of options, whether sanctions or a counter cyber attack or some other form of active defense, or something else, you cant do that if you are responding this slowly, and in the interim, what did the russians do . They went beyond the dnc into the email accounts of john podesta, who in march 2016, who was the chairman of Hillary Clintons campaign. We found evidence of 128 private email accounts within the Clinton Campaign they tried to get into. They actually only broke into two. Why did they only break into two . Because only two people did not in the entire group did not have two factor identification on their email. If there is a lesson for all of you in the audience here, it is so but a little bit out there, leave immediately and put your two factor identification on. They gathered all this stuff from john podesta, who had checked with his i. T. People and somebody still hit the button that allowed a spear Phishing Campaign to get his password, and it was months later after another attack was discovered, run basically by gru, the people Russian Military intelligence, that people discovered what was going on, cleaned out the dnc hard drives. By that time, the russians had everything, and the first material was made public in the days before the opening of the democratic convention, and that was the set of releases of the internal dnc material that led to the resignation of Debbie Wasserman schultz as the chairman of the dnc, and then they did a another set of releases during the campaign, of the podesta emails, most of which got released within hours of that now famous videotape of thencandidate trump saying some fairly crude things. The release of the emails came 24 hours later. These came over several different channels. First over two channels we believe the russians themselves set up, and when not enough people were clicking on those, somebody gave the material to wikileaks. So what was unusual here . First, we had not anticipated. We had a failure of imagination that the russians would take a series of techniques and used it against the United States. Secondly, we failed to anticipate that a group like the dnc or rnc would be easy targets. Thirdly, we had an fbi that responded so slowly that they never did what we did during the reporting of the piece, walking which was walk between the fbi building and the dnc headquarters. It was a 14 minute walk, including a stop to get coffee at starbucks. This would not have required a lot of effort on their part. Then fifth, president obama when he got the data did not want to be accused of getting involved in the election on Hillary Clintons behalf, so he reacted fairly slowly and carefully. We reported in late july that the Intelligence Community had concluded the russians were behind the attack. The intelligence communities ys First Published attribution of this was not until october 7, and the u. S. Response was not until a few weeks before president obama left office, so if youre looking for a case study of how not to respond quickly to one of these things, you have got one. That has got to be maddening, and one of the best things about moderating a panel with david sanger is he cant ask you to explain why the government was so slow in responding, so we will leave that for the q a. Let me come back to ben to take on an article this morning from the succeeding and victorious New York Times to contrast with another adjective being used. The article this morning in the paper says, czech suspects a foreign power in gmail hacking. What do we make of this . What do you think of that . Is this the russians . Fiona is this the part of the , playbook . I will handle the czech thing. I will let fiona handle the playbook. There is no doubt in my mind this is not a new trick. Between 19452000, the United States and russia, then soviet union, combined to try influence 117 foreign elections, overtly sometimes overtly, sometimes covertly so this trick has been , around for a while, but doing it in an electronic fashion is new, and there is no reason to think the United States in 2016 was the first time the russians tried it in electronic fashion. If you look at the 2014 election in ukraine there is pretty good , evidence the russians were involved in that. And what appears to be a successful 2016 campaign by the russians in the u. S. Elections, theres no reason to think they will stop. I have heard from folks in europe that the russians feel y are concerned that they feel like the russians got away with it, so nothing will deter them from doing it to us, germany, france, Czech Republic with elections coming up are quite concerned, and in my view, rightfully so. The question for those nations is, what are they going to do about it . Germany has pursued a policy of aggressively calling out russian hacking far more than any other nation, and it is not clear that that is itself deterring russia, and certainly smaller states like the Czech Republic, who might not have advanced Cyber Security or a history of working in Cyber Operations have a lot to be concerned about, so if you are looking for new stories in 2017, this is one that is not going away, and this is one that will get a lot of attention. I think just to set fiona up on this, an article on the brookings website, what makes putin tick and what the west should do. That is very much worth reading. One of the opening lines is that we may have underestimated his willingness to fight for as long and as hard and as dirty as he needs to. Is this an extension of that . The kinds of activity, an extension of that argument . I think it is an extension. One of the reasons is the conclusion of the 2015 book, precisely because the analysis prefigures this. It was mostly focused on russian activity in eastern europe, so the failure of imagination was the failure to extend it to the United States and larger western European Countries, but just to pick up about the question you posed to ben. In december 2016, the head of german intelligence also announced come and this has been that announced, and this has been picked up in the new york the New York Times and elsewhere, that the personal email accounts of the German Parliament has also been hacked, and presumably other accounts as well. There is evidence of shell Bank Accounts in switzerland for a more conventional type of influence operations, funding fo Political Parties in advance of german elections, so we can fully anticipate the kind of activity we are seeing an in countries normally not on the front page of the New York Times, moldova, belarus, montenegro, the kinds of operations to influence and push the tide of elections there to be attempted in germany, the Czech Republic, the netherlands, french elections are coming up, although there seemed to be selfgenerated problems in the french elections, although one could say that his information through the kinds of sources we are talking about as well. This is a pattern that has been continued for some. Long period of time. It in our own backyard. As david said, it was a failure of imagination on our part not to see this given back if you go back 30 years to the 1980s and further, this is a feature of the kind of cold war activities that we and the soviet union were undertaking. In terms of that playbook, putin is a former operative in the kgb. He continues to think like an operative. He himself is extremely proud of that skill set he acquired. He talks quite frequently of being a specialist in human resources. Also in the use of information. He never shies away from extolling the virtues of the techniques he learned to play dirty in the kgb in politics, and he saw in the u. S. Political race something incredibly contentious. We are familiar with the nature of the Political Campaign we just went through, and an incredible amount of opportunity to exploit on all fronts. Putin and the people around him are strategists. We always underestimate and have underestimated for the reasons my colleague mentioned and why i wanted to write this book about putin that we always assumed he is an opportunist. You cant take advantage of opportunities unless you have an idea about what you would do are going to do with them. The people who came out of the kgb like putin were trained, but in contingency planning, but also have clear goals about what they wanted to do. In this instance, for a long time, putin has been in the interests of russia first read. This was his slogan back in 2000. I am not just picking up on the meme of the moment. When putin came into the presidency in russia in 2000, his whole manifesto that he announced at the end of december 1999 was to put russia back on its feet, first internally, domestically, then as a great power, and at numerous times and many speeches he has made through his presidencys and the es and the beginning of his various presidencies, he wants to make sure there is geopolitical and geoeconomic demand for russia and russia is one of the big players. He has also made it clear he will use whatever means necessary for this. What david said about the asymmetry of power is important. Putin is also quite cautious in his application of force and violence. You see that in domestic politics as well. There are a lot of policy steps made domestically that are meant to have an influence on others, very selective targeting of individuals. We have now seen that in Foreign Policy as well. When putin and the russians target a country, they often target an individual. A classic case was our elections with Hillary Clinton, who they saw as a threat. You can also see this in turkey. After the shooting down of the aircraft by the turkish military, the russian aircraft that made a small incursion into turkeys airspace during the syrian conflict in 2015, putin targeted all of the russian putin targeted, all of the russian establishment targeted not the turkish people, but not a turkish air force, but president erdogan directly. Airing out the dirty laundry, the kind of information circulating in the Turkish Press and has led to the arrests of turkish journalists. He said it was a stab in the back. He revealed that he and president erdogan had secret deals behind the scenes about the kurds in northern syria. Revealed all of this publicly. He went after president erdogan and the turkish government with a single minded purpose, putting sanctions on them, basically forcing the turks to eventually capitulate in terms of giving an apology for the shooting down of the plane and turning the screws on turkish front abilities with the kurdish situation in syria, and after the coup this past summer. Those are the kinds of actions we see repeated. We have seen it in smaller countries repeatedly. We are seeing the russians feel emboldened on doing this at a much larger scale, and they see this as fair game and part of a totality of instruments. Cyber is just one of a whole number of strategies and mechanisms. Let me ask david to pick up on something you were talking about. In terms of the asymmetry, the point david made earlier about why Cyber Capabilities can be the perfect weapon. That is the deniability. As a journalist, you are in a powerful role in communicating these activities to the public. The government does not talk about it. The only opportunity to learn for the populace and academia to learn about what happens is through a handful of journalists, and david has been reporting on it longer than almost anyone else. How do you think about evidence . How do you think about the standards that are needed to say that everybody is denying it, but here is what we will say as a succeeding victorious paper of record . Thanks for that and the reminder that im the oldest cyber reporter wandering around. [laughter] first, the first thing to remember here is that this was not the first time by a long shot that we saw russian intelligence operations, even in the United States. But we forget that earlier in the Obama Administration that we , we had seen three espionage only attacks. One on the state department, one on the unclassified emails in the white house, and one on the joint chiefs of staff, that being the scariest one because the dotmil is supposed to be the safest zone in the government. As if the u. S. Government has a particularly safe zone. It was not the russians who went in to the office of Personnel Management and got the 21 million files. That was the chinese, who beat them to it, but it was in these other cases. So in each of these other cases, there is of course the forensic evidence that you see, bruce and others here can talk about that, better but there are certain , patterns. The russians in the case of this hack used some very familiar techniques and tools. They used familiar ip addresses that have been used elsewhere. Of course, you can fake and ip address and borrow someone elses tools. You get to a point where there were enough of them that it becomes significant. Then secondly, you have motive, and i think fiona alluded to this when she mentioned Hillary Clinton. Vladimir putin has made no secret of the fact that he believes that secretary clinton in her last year as secretary when she commented quite publicly on the 2011 russian parliamentary elections and declared that they had been rigged, in putins mind, she was interfering with the russian elections, and i think it was a fairly reasonable guess, but again, you are still guesswork here, that he was seeing this as something as payback for something she had done. But the truth of the matter is that the only way you get truly convincing evidence is if you have a tap of a verbal conversation in which the people who are doing this are discussing it, or you have implants inside a Foreign Network in which you can see the traffic. If the dnc email suddenly show up running through an implant that you have put in the russian systems, you have a pretty good guess how this all came about. This is the hardest part of this whole bit, because revealing implants, revealing sources, is the most difficult element of it, and so the u. S. Government turned out an Intelligence Report in december that laid out their case. It was utterly unhelpful on all the questions you just described, but we quickly found out there were two other versions of the report. One of them was intended only for a close to session for members of congress, which is to say that it was cleaned up with the understanding that the leak would happen between 10 seconds and 10 minutes after the meeting ended, and then there was a compartmentalized version, which is what was shown to president obama and also shown to president elect trump at that time and his staff. It is pretty fascinating, because from the afternoon he saw that, you never heard President Trump again say that he did not believe this was the russians. In fact, he said flat out i do believe it was the russians. He then changed the topic, but it clearly impressed him. When we went back to do our reporting, we found what you expect to find, which was that evidence of this material inside russian systems. For aill turn to ben decision on opportunism and contingency planning. We will try to give a preference to students if you have a question. Come to the microphone and get a head start. We talked about the need to think about strategic planning, not opportunism or what the patent playbook is about. But for Cyber Operations, can how much can you stick to a plan . Can you help us think a little bit about the need for what you would call agility because you dont entirely know every single step of the way if will be successful or not, versus the need to tradeoff things strategically. Help us make sense of that, and students, hit the microphones. This is a great question. One that is not often asked and one that is particularly vexing. It goes back to what i said before about the need to develop access early if you want attack capability fixated. We also should note that Cyber Operations are a complex beast. These are multistaged, and oftentimes they take place in target networks where access can be lost any given day, not from a security update for security improvement, but just because somebody changes their software from something 2. 0 to something 3. 0. You could lose access to the what it is you are trying to operate or the domain you are trying to operate. There are real challenges, and a i think david points out the challenges on the defensive side of responding to the operations you do detect, particularly when that interface is with the bureaucracy. There are folks who will tell you on both offense and defense that the solution is to get humans out of the loop if possible, to fight in the cyber domain or engage in the cyber domain at machine speed rather than person speed, or swivel or swivel chair speed. It is an admirable goal, and we have seen fits and starts in our intelligence that would make it that thinkable in the long run. I think the resolution that is realization that is inescapable these days is organizations have to streamline the response processes and have people making the strategy and doing the plans who are comfortable with technical facts of the cyber domain, and who are and who are comfortable with the fact that things go wrong and flexibility is required. It is fundamentally different than operating in previous areas of traditional conflict and nuclear conflict. I think when the history of this period is written, it will be written as a period in which policymakers are struggling to figure out how to operate in this domain. The subtext of that is probably that the nation that does it well and fastest and finds its agility is going to have the most success. Just a quick addition to that at risk of uttering the obvious, taking people out of the system sounds good for past fast response, but it also takes the superpower politics of it out of the system. You dont want to do that, because the way you would respond to a hack from north korea, as the u. S. Did after the sony attack, could be quite different from what you want to do if you are responding to russia or china. I think we are going to be able to do another session here at the Kennedy School with the head of darpa. Darpa ran a grand challenge last year about selfhealing systems in computers that can attack each other and heal each other without humans in the loop. That is going to be a topic we will explore here at the Kennedy School. One point before we go to the questions. There is going to be an element of all of us as individuals and involved in this as well. We are all going to have to be very careful about our own use of the internet. I have been personally hacked multiple times. It has been a very sobering experience. The chinese and everybody imaginable is trying to get hold of our data, organized crime, and individuals who want to basically get hold of peoples identity information. I think it is going to be incumbent in this environment to not just go back and put in the necessary for gmail, but thinking about our use of all social media. For students and those of you out there who have a whatsapp account, very recently, i discovered a colleague of mine had their facebook account hacked, which basically infiltrated their whatsapp account. All of us linked on whatsapp got from theof porn hacking of a facebook account so i would advise all of you to start changing those settings pretty quickly. The point is we have gotten used to these tools as part of individual convenience and part of our lives. People are tweeting, people are on their computers now, but we have made ourselves vulnerable to a range of individuals that want to attack us. I think it is going to be a sobering experience. I remember back in the day at the Kennedy School and here at harvard when everyone was dictating notes and writing everything down in notebooks in , some cases, we may actually had to sanitize our ways of operating because of the sensitivity of information, going back to the days where we did not have to blog and tweet. What a time. [laughter] lets get to the audience. Please identify yourself with your name. My name is josh golding. I am a senior at tufts university. I will target this at dr. Hill, but if anyone can answer, i would appreciate it. I am curious how you think internal competition within the Russian Security services will influence the frequency and scale of Cyber Operations. That is a great question. Obviously, there is something going on right now, because we because we are getting information about arrest s and things going on in moscow. Every Security Service has competition. We have a pretty strict firewall between what our various agencies can do. For example the fbi has to deal , with a lot of domestic political issues. The cia and other intelligence agencies deal with foreign intelligence are not allowed, actually, to basically undertake any investigation that has domestic political components. I think the Russian Services knew that very well. They were able to take advantage of some of our firewalls. In this case, they have a lot of overlap. I think they are very keen on showing who is more agile, who is able to get the information first. It is not all about elections, either because there is a routine to find out information about leadership in other countries, to find out information that would give the russian government a distinct advantage. Obviously, there is housecleaning going on, because because there are all kinds of questions about whether individuals in the Services Provided information to the United States or provided information to other governments about what is going on, but i think this is going to be a very big issue that most of us on the outside will not know what is happening, but this is something that will be a feature in the next couple of years, and i would say we will see a lot more of these attacks as agencies are being compromised in russia. They will be trying to prove their worth again. I dont think this issue is going to go away, and it will be difficult for us to deal with the complexities of interagency competition in russia. Just one very quick point about russia. The russians also have an election coming up. Putin has to basically put himself up for relegitimization in 2018. Elections do matter in russia, because it is a way of putting faith back in the presidency. You can be sure that putin is to make sure there will be no outside efforts to influence their elections as he believes happened in 2011 and 2012. We can imagine more preemptive aggression coming from russia to make sure that nobody has any idea about intervening. A 30second supplemental . One point. It was the fsbs group that first got into the d c, and it nc, and it was months later when the gru came in. There was considerable speculation within u. S. Intelligence that the two of them were not coordinated, and actually it is the gru that ended up getting caught and made the one that made a lot of this material public. Hints at some of the competition fiona refers to. If others want to hit the microphones, i would invite you to do it, but you over here, please introduce yourself. My name is grant. I am a student here at the Kennedy School. Thank you for this panel. This week, vice magazine put out an article called the data that turned the world upside down. It was about the use of psychometrics, which is an enhanced form of demographic information, basically feedback from the clicks you made on facebook. They can put people in the categories and influence elections. Say if i clicked on a few things, they know i am an anxious father about a certain type of issue, and they can target individually based on that through dark advertising and other methods. My question is, we have seen this in campaigns. This was linked to the president ial campaign in the vice article. Has this been used by the state actors, and what are the applications of this . You had me at psychometrics. Any thoughts . Ben, you want to jump in . Question,we into the we talked a lot about Cyber Operations. We have an event called russia and Cyber Operations. This intersects neatly with Information Operations and propaganda operations and what the kgb used to call active measures, false information, fake information. I think at some point, the story will be written about the tv network rt, the online website sputnik, and a verifiable army of twitter accounts pushing accounts pushing information. In some way, this is hidden in plain sight, but there is no doubt that is the piece of the puzzle i dont fully understand. This notion of microtargeting is important. I am not sure of the degree to which the russians have mastered microtargeting in the way president ial campaigns have, in part because i dont think they can buy the data in facebook in the way that the Obama Campaign in 2012 did. The broader principle is the more data that does get out there, either through legitimate or illegitimate means, we have seen the chinese run a series of operations. David mentioned opm. There are also hacks against Insurance Companies that gather data on american citizens. The more data that is out there, the more savvy Intelligence Services will use it as part of these influence operations that intersect with the Cyber Operations that are familiar to those of us who have been studying them for a while. The question i get asked most often, usually by people who voted for Hillary Clinton was, was, can you qualify and the end whether or not this can you qualify whether or not this operation swung the election . I always say no, we cant, because the russians did not go after the actual voting machines. They appear to have scanned a number of registration databases, but we have no evidence they manipulated the votes so those 3 million illegal votes came from someplace else. [laughter] but because we dont do that, we have no idea in the end how successful or not successful this was. You are trying to separate it out in an election where there are a lot of factors. The statements made by james comey about Hillary Clinton z s emails. The fact that secretary clinton did not prove to be a viable candidate. In ourl of these makemix difficult to tell. That is part of what made the russians so successful, because think they did not start this operation in 2015 when this all began thinking that they would get donald trump elected. They thought, like most of the people in this room thought, that his candidacy would probably be over by september or october of 2015, and yet as time went on, it looked like their goals evolved, and they evolved because they were able to move from information gathering, which is where the fsb began, to making information public that might simply disrupt the election, make people lose confidence in our system. At the very end, if you believe the assessment of u. S. Intelligence actually entering on behalf of donald trump. What the russians specialize in, and this goes back and extremely long way we are in the 100th anniversary of the russian revolution. The bolsheviks specialized in propaganda and these kinds of operations. They have been at this a very long time. When you look at what they have been doing for the last hundred years, these kinds of operations, they have been riding a tide that is already there, exploiting vulnerabilities in some cases, but really giving a nudge in the direction of larger trends. If you look back 100 years, lenin embraced all kinds of causes that were not intrinsic to the mission he was trying to undertake, including the operations of ukrainians and a whole bunch of other nationalities of the former russian empire. He had stalin coopting them in and moving their independence in the direction of the bolsheviks. He picked up on the ideas of other revolutionaries and amplify those until he parted company with them. All kinds of things. But i think we saw in the case of rtm sputnik, the russian rt and sputnik, the russian outlets, they amplified trends that were already there, but emphasized the directions in which they wanted to see things going. They also, and i think this was written in a recent article that either you or one of your colleagues wrote, there is a counterintuitive element to all of this. The russians want to look good at what they are doing. They love that we are having this panel right now. Cspan is here, but maybe we are live on rt. We are all giving them cues. Kudos. They really did a good job here in terms of their goals. They are probably working on our dinner at the same time. Basically, they have loomed very large in this in a way they could not have possibly expected. This is also good for business. Putin wanted to join the kgb and basically went through a whole series of documentaries and films about the kgb and undercover operations during during world war ii. You can be assured there are an awful lot of people getting recruited now on the background of taking down a titan of u. S. Politics. They are doing it much more effectively than the chinese and or the north koreans. Basically, russia is back in business. For a farmer, probably still for a former, probably still current, operative like to, this putin, this is a job well done. I do think there is some work that can be done by an enterprising graduate student at the Kennedy School to look at how the release of that information drove traffic online and changed narratives online. That, i think, actually is measurable and research of all. Researchable. Right now, i think it is a fair point to say it is a little hard to point your finger on it, but there are a lot of ways to research this. How fake news compares to a New York Times article. [laughter] my ego prevents me from giving you many of the results, but i can tell you that the fake news stuff gets you repeated repeated fast, which is why facebook, google, and others are looking for mechanisms that either technological or of an editorial nature that would say to people who click on a certain article or certain facebook post, hey, you should look at these two or three other accounts that suggest that what you just clicked on was complete fabrication. My colleague, with whom one of the two reporters i wrote the perfect weapon with, went out and found a guy living in annapolis, who basically wrote a lot of this fake news. He said that if he could have made more money writing fake news in support of Hillary Clinton, he would have done that, but the market was for trump. [laughter] horrifying. Next question, we will go for quick questions, and we will go for short answers, please, as we get down to final jeopardy. My name is jim. I was an official student many moons ago. Still a student of life. I want to follow up on the influence of the election and news especially , domestically with david sanger, though all of you are welcome to respond. You always clear this is an old playbook on steroids and should be taken seriously, even if we should not panic. I think everyone sitting and standing in this room takes it seriously, but it is also fair to say that we are about 90 of the eastern intellectual elite sitting in this room, and there is a group of people who dont seem to take it as seriously as we do. The New York Times had an article weeks ago about Trump Supporters and their reaction to russian hacking. There were three positions. On one end, it did not happen. In the middle, it happened but did not influence the election. On the far end, it happened, and it was a good thing that got trump elected. Nowhere was there a sense that this was a problem. If perhaps 35 of the electorate who are Trump Supporters dont see russian hacking as a problem, what is the political will, the reality domestically about how we can move forward on this with the money, the staff, the policy that we all think it deserves . Great question. David . First of all, this is a setup because jim was a graduate student trying to keep track of all of us when i was a student. He has seen the agitprop closeup here. It is a very good question, and i think it is one of the reasons that you saw so many committees in congress and many efforts by the Obama Administration to set up investigations that would live beyond the Obama Administration. I think you are going to see a lot of efforts by the Trump Administration to try to make sure that this either goes away or there are distractions from it and so forth. But fundamentally, the hacking investigation fell victim to the same divisions within the country that made it so effective. I think what we are going to have to do, and it is going to be incumbent on all of us, is basically change the discussion about this and narrative and actually depoliticize this stuff if at all possible. It is right that it fell victim to partisan politics, and i have to say with due respect to some former senior figures in the cia, they actually did not help opedss matter in and other articles they wrote where they declared themselves in favor of a particular candidate or made partisan comments because the message overall should have been that this is an affront to our national security. No matter what your position on Hillary Clinton, she was running for Public Office as a legitimate candidate in a legitimate election no matter , how contentious this election was. If it can happen to Hillary Clinton, it can happen to anybody. Anybody sitting in here who is a member of linkedin and has their personal information taken, we should all be concerned about this because many people in this audience will want to run for Public Office, just by the fact that you are sitting here and working at the Kennedy School. Anybody out there in private citizenship and all those who voted for trump, they can have their personal information taken. We know the chinese have been doing this. I think we have to have a national debate. Congress is the right place to be having that. They can have this compartmentalized information. It is incumbent upon us to talk about this in a nonpartisan fashion and make it clear how serious this is. Also, it is worth asking a question. Had president obama, starting in july or august, come out every couple of days saying this is not about my support for Hillary Clinton, but we cant have a foreign power messing in the election and this is what the intelligence is showing us, a choice he considered and rejected. We might question, would that have been a better approach . I can tell you that while most of the public on it there are , many former members of his administration who believe that he should have been a lot more vocal about it. I think it is also worth noting that senator mccain recently created a specialized subcommittee to focus on Cyber Security. That is a good step. I think what we should expect and ask for is our representatives in congress to spend a little more time specializing in Cyber Security oversight not just for the Armed Services committee the , intelligence committee, but for a much broader swath of society. I think that is where we need to be heading. My soninlaw offers Cyber SecurityInformation Services to congress. Wonderful. Got him a good shout out there. Im a graduate student at the naval center for russian information studies. We spoke about providing evidence and it seems there is a fundamental question about evidence to the public. Does it prove the extent possible that these events have taken place . I got a lot more from your story that i not from the u. S. Intelligence report from early january which is the summary that says russia said nothing new. They charge more for subscriptions. Right. Wondering, with limitations on certain information, how can the fact that a lot of people in this country still believe this happened, how can this actually be combated . Of the data center, as somebody who went through no background in National Intelligence council, it is incredible difficult for Intelligence Agency to write the things more interesting than that summary. That was the most sanitized summary they can put out there and it said there was always in in anticipation that a more substantive version of this will cover the leaks as well. For now, they put people in danger. We do not know, despite what is going on. We dont have any special information on russia but if they do have anything to do with that, there are more consequences. These are lifeanddeath consequences. Isn i was going to suggest as a way of compromise is it is to get into the realm of congress. The intelligence communities are in a very difficult situation securityo far national is not advising the president but congress has representatives in people. The ground came out and said he had been hacked. These, they can find out about whether reaching up to their constituents plays an important role, presumably because they have a problem with trust in congress at the moment but we will have to work harder on restoring trust in our public institutions. I do think it was significant that President Trump said now he believes it is the russians and having basically been quite adamant on the other side of that, hopefully that would have had an impact to many of his supporters. I think he was also right to talk about the fact that china and other countries are involved, something we have always had a hesitancy. We have it from the point of view of the brookings institution. They have constant denial of service about speaking out. Ofhave this whole issue basically cyber hostagetaking where people take down your systems and you have to pay with bitcoin. We can be more transparent. It comes upon all of us on this panel to find creative ways of doing this. But we wont get anywhere unless individuals start to take it seriously, not the institutions that have been subject to the attack. We will keep the answers brief here. I have had a long debate with a lot of friends in the intelligence agencies about whether they could have offered up more in the way of evidence. I strongly believe they could have because so much here had already been brought up by private companies, which they could have come out and ratified , and said that their analysis was exactly the same as those private firms. I think they probably could have talked a bit about having evidence the firm from implants they had in the russian system. It is not news to the russians that there were Cyber Security issues. Without getting so specific it endangers, i think there are ways to go through this and i think they are stuck little bit in that old think about how you handle this. Just to amplify what david said about the private companies, it is worth noting that talking about communications and Cyber Security is funded mentally than talking about chemical weapons in syria which means you have a very active industry comprised of former intelligence operators in the private sector community, working in Cyber Security companies that want to own these. Based on that alone, i was convinced and happy to stay on their. Because of the reuse of certain forensic indicators, i think that is the area which we need to adjust, both to piggyback on the private sector and when should it fear what the private sector will say . Vocalies have been very wrinkle, i the think, that requires the rethink on the Intelligence Communitys side. Then has documented this in a paper called russia and Cyber Operations. Feel free to check that out. Next question, introduce yourself. I am a student at the Kennedy School. Ive got a question with regards to the Upcoming European elections. I be interested you stress that we should probably expect continued russian interference and you spoke at length about the various shortcomings in the u. S. Id be interested to see how far you see European Countries learning from what happens in the u. S. And how they have been stepping up their defenses and how vulnerable you see them. You see the germans having publicly talked about this problem. Theyve got a vulnerability that is a little bit different than ours. We were made safer here by the fact that our election system is so disparate across the states and their is so much suspicion of having a centralized system run by the federal government that you would have had to design different ways to hack into the Voting System and sometimes in each different county. It is a lot easier in europe so theyve got a set of problems that go beyond that. One thing that a lot of European Countries have said, we have seen on the counterterrorism side. Overall, some of the countries like germany and france and the United Kingdom have more integrated intelligence communities. They are smaller and they tend to be communicating with each other much more quickly. Also, they have been set on notice. It can be done to the United States you can be sure that it could be done to other countries. Is going to be a reverse active measure being taken by countries to focus on the integrity of the systems. Political figures have been forewarned that their accounts have been hacked. Are not being told that is the case, should be very certain that there is a high likelihood that is the case. We will be seeing a lot of the European Countries working quite closely together, seeing a whole host of sensors set up within europe, picking up on some of the issues to swap information, including nato headquarters and Key Countries within the eu itself. Here is the 2014 hack of the in chretien the ukrainian election. You dont have to look far to find Election Hacking in europe. It got little attention in the United States and would not influence operations the same way as 2016. Before the election, the systems were wiped and the ukrainians had backups. On election day itself, before the ukrainians were going to distribute the results they found they were going to push out the systems to the media and the results were going to show a fringe candidate winning. They had them retracted and pushed out the real results. The only solution was to push out the fake results. Prorussian tv somehow knew what was going to happen before it happened. The confluence between the cyber operation, that was the sort of stuff that would worry me in a European Election going forward. It is actually transitioning to cyber attacks. Yes, sir. I am a student at the fletcher school. My question has to do with attacks. Like you touched on in the talks. Is seeing far less interest in the Public Discourse about the russian hacking, which, like President Trump said a while ago, why there are sudden interests in hacking our country whereas the chinese have been doing that for as long as we can remember. If you look at these scales of the attacks, there was in my opinion an act of war if you think about it. Where is the hacking of rnc and dnc, as much as we want to single it out, they were probably not as big of an where is the hacking of rnc and offense as was back in 2015. At the time on a newspaper and i remember covering the event and how there seems to be very little interest but the story wasnt about the attack. So im just curious. Obviously act of war . Yes or no. Not an act of war. The government has been quite clear that if they could do it to the chinese they would and my guess is they have. A great moment where general clapper, until recently the director of National Intelligence, was up testifying attack, mr. Trump may have been busy doing other things but it was a well covered event. All these members of congress were saying about this attack on opm and he kept on correcting them, saying it wasnt an attack. He would say the incursion on espionageection was and the reason was, he categorized it as an attack and he would have to say this fits the norm of behavior that we would not do. Obviously it is the kind of thing that not only do we do but if you look at what the United States has done in china, we have done parallel things. We havent done them on this scale and i think one of the questions raised by the attack 21 or 22cale million records, biometrics, details people have on their stream clearance, is the scale changing the nature of it . I think one of the issues we are all going to have to address is the discussion of how we regulate cyber relations. The United States is doing a lot of this as well and other countries clearly are. Such as china, north korea and russia. Every country is involved in these kinds of activities if they have that capability. So we are in a whole New Territory now. Way thatitorial in a hasnt covered many of our preexisting treaties. It is one of those difficult things we have to get our heads around about how we deal with treaties and negotiations and at what level . An attack on emails like a Tactical Nuclear weapon . Is a larger denial of service like a strategic Nuclear Weapon . These are the debates that people like ben and others are pushing us towards now. If we think of cyber in the way we use to talk about nuclear deterrence, asking about these different kinds of questions, this is only the beginning for us. This new administration is going to have to be one of those questions. Is this going to be on the table for the chinese . We might also reinvent thinking that has already happened because there is a tendency to think about Cyber Development as new. You can look at properly accessible books that have been with these problems since the 80s. A consensus that nuclear is not a great analogy but when it comes to interstate relations we are lucky to have joan i hear, not to cold call you, but if you had a suggestion for thinking about norms and governments that you spend so much time working on in this field or trying to bring stability to International Relations, any reactions to what fiona was just saying and i will repeat it on the microphone. Progress making some developing morals that have a long way to go. One of the reasons jim clapper pm intrusionthe o and attack is they were busy working out an arraignment for prescribe the development norm against Cyber Espionage for commercial purposes. They wanted to maintain that distinction so that they didnt disrupt that. You might think that is minor but it is not that minor. It is an indication of how a norm can develop. Say,allout, as mike would we had a hearing this week on International Security and it was called persuasion and deterrence for cyberspace. There are four different mechanisms and not just retaliation, im not going to bore you with that. But the point is, if there is a beginning of Norm Development we have a long way to go. Watch me screw this up, but basically for those out there, the idea here is that for norms development there has actually been a Good Progress but there is a long way to go in on our website, you can see some of joes earlier work on this. He also said it was one of the reasons director clapper did not say that it was an attack, that the opm compromise was an attack because the United States was in the middle of discussions with the chinese for norms development and that could be a lesson for us as to how norms develop. Has anhout out, joe upcoming article in the upcoming issue of International Security published out of the Developer Center on the terrence in cyberspace. In cyberspace. We have a conversation about the terrence soon. Please introduce yourself. I am a First Year Student at the school of law. My question goes to all of you. What do you think is an appropriate or right response to the russian hacking and the u. S. Sanctions. I had a conversation with my friend that it is not only an intervention on the election but they attacked the very institution that is supposed to protect the value excuse me the value of democracy. It is an attack on your values. What is an adequate response . Give us a 45 second proportional response to the hacking. We got about 85 people lined up. I will be quick on that. This issue of the proportional response, you have to tread carefully. Theshould be guided by advance copy. We have to be very careful on this because when you mentioned to take down want similar institutions in other countries. The russian government always believed that we have been doing that. We have not engaged in that same kind of counter retaliation or preemptive action we did. The wake of, in this and of course the Obama Administration, the last action they took before handing over the baton to the trump announced aon, this new set of sanctions against individuals in russia but it wasnt in response to the hunting. It was also in response to the harassment of u. S. Diplomats that has been going on for a long time in russia. Difficultemely depending on what you actually want to achieve. Which is why you do need to have a look at this and look at all the difference. It may have a structured dialogue with the russians on where we clearly were with the chinese and really what they want to get out of this. What is the point of them continuing these attacks . David, a brief . When he was defense secretary the three words lease asked in washington were and then what. That kept getting in the way of the Obama Administrations response. When you go to them and say, what actions . Your response was slow and you made up with it by being incredibly weak. Their answer is, well, lets think about other options. Have we called out the russians and done sanctions right in october. It would have invited them to come in and mess around with an election infrastructure on election day that we have already figured out you have to get inside. So they didnt want to get up the escalation ladder. Thingsre all kinds of they could do from sanctions to counter strikes, and i think it is the problem between feeling really good the next morning, saying we really got those guys and feeling really crummy the week later. The hangover effect sort of got to him. I think we know why they didnt act. There are no consequences. What would they do . The principle is you want to find something that is asymmetric. Or maybe, how we get our news . What are russian weaknesses . The corruption that surrounds their leadership . Would the u. S. Want to dump information on Vladimir Putin and his cronies . Couldnt think we already do. Maybe the u. S. Wants to earn the reputation. With a mess with the counter Surveillance System . There are options available but as david pointed out, you just upped the latter very quickly. They are not going to be taken lying down. See any ofidnt these actions but the option is there. The legal question about proportionality, while important, has largely been litigated. A number of law review journals, we see that proportionality is fairly comfortable with the option. The question is why do you want the response to a given act in a certain way in the context of the overall bilateral relationship . We have a problem with the country and it is not just a cyber problem. We have other issues. Response to cyber intrusions or hacking it will have to be done in the context of the overall relationship. Lightning rounds, down to nine minutes. Please it is yourself. My name is petri peter thank you for having this conference. I am an aspiring student at the university. An aspiring government legislation analyst, an aspiring husband [laughter] im sorry, i am very nervous. Youre doing great. This room known that the first step of an attack is reconnaissance, right . Is security stupid . ,o quote the famous rock star we are being taught right now to basically give information without asking for any kind of details. For example, who has access to the information . What is that information that is being collected . Do regardinge privacy . This is what ensures our liberty, right . In 15 seconds, i think that is enough time. To help us out, looking back on some of the work that we have encryption,ar on give us a little number on privacy and we will do a couple of others. I think the privacy question links back to one directly opposed before about what do we do . There is no world in which John Podestas personal Gmail Account is going to be regulated in any fashion. Fundamentally that is the account. All this talk about government regulation is incredibly important but the account that may have changed this election was a personal account and if donald trump stepped in and said john podestae it will say no thank you, i dont want the federal government to carry my email. Until that individual knowledge of security is there, this is not going away. It has a factor indication enabled which is a free option on gmail. Here, pleaseion introduce yourself and we will do a quick answer. My name is rebecca. I have a background in information technology. That what, i believe is going on now is with the creation of the Cloud Infrastructure being controlled by just a few entities at this point, there is a kind of power being created that has never been used before which i think we need to be mindful of in terms of the democratic process. Just in the sense that Cloud Computing is making it possible to crunch data faster than has ever been possible, in my mind, it is interesting because most top corporations are throwing re, maybe not the with a lot of thought. I have been observing what is going on and feeling very alarmed as someone who has an i. T. Background and also i have brothers who are in i. T. As well and we are very concerned. The question is, really, with the cloud, the ability to crunch data, how do you feel about the new technologies that are being created and should there be more data covering this all around. Kind all this hacking is the cloud. It is the ability to send a massive amount of news feeds through databases and thinking about sharing that information. Clout reactions . The downside of the cloud is it centralizes stuff much more but the upside is if you pay attention, the provider is paying attention to security it doesnt just leave open as many when each of us has a different amount of security on our own systems. While john podesta would not trust the u. S. Government on the complete agreement, he probably now wishes he had trusted google a little more. Using the services that he provided. You made the point they were provided for free. The combination of Cloud Computing and big data capabilities poses a new set of risks to us. When you think about the opm add , 10 years ago, getting the record from 22 million americans probably wouldnt have been all that useful to the chinese because somebody would have had to go through the record of 22 million americans or a few people would have had to go through them. With the data capability, they can sort through very quickly so that when somebody chose up at the airport in beijing and they fingerprint them on the way in and they have done a comparison to what is in the opm database then they conclude by an absence of evidence that the Intelligence Community doesnt use opm, they would say this show up. I wonder why this person is going in to be the second cash a in the embassy when his thinker prince dont exist in our database. Typicalnote that washington, when you steal 22 million records, everybody exaggerates their job title. Out, there are 4 million special assistance to the president. Any other quick additions on the question of Risk Assessment for the cloud . My personal view after everything that has taken place from wikileaks onwards is that nobody should have any expectations. It is as simple as that. If you have anyone who is in any kind of position in the public, anybody sitting here, a professor or a teacher, it is basically podesta obviously has no expectation this is being seen as a private email. I got rid of my private email because it got hacked so many times. We want to talk incursions and then send you any mail. Up for a walk in the park with me, we are on. Wonderful. I think it is possible to secure two factor authentication. And he does still talk to us in person as well. With the last question here today, professor walsh talked on and International Relations class about warning signs of president war and one of them was a rapid shift in military technology that makes war cheaper and more feasible. From what we have talked about today, we see that cyber war is one of these things. How likely do you see the possibility how much to you see the likelihood between a war increasing . It wont happen for some time. Some people might disagree with him, if you go back toar his speech at the Munich Security Conference in 2007 it was a declaration of war but we enough to realize. It was done in a conventional russians,for the there is such thing as hybrid war. Because ining it terms of the Russian Strategic thinking and thinking from a military perspective, this is all part of a very large tilt going from nuclear all the way through the political. You can watch the last few minutes of this discussion online at cspan. Org. Type Harvard University in the search bar. If you are looking for a debate on whether to withdraw an invitation for President Trump on a state visit to the u. K. I want to clear the public gallery. I call mr. Paul flynn. It is a pleasure to serve in your company as a distinct parliamentarian. Move for the petitions, 178844 and 171928. They are considered i this house. Allow me to introduce these petitions. There has been a great deal of misunderstanding about the nature. One is signed by nearly 300 people, which says that donald trump should be invited to make an official state visit because he is the leader of the free world and the u. K. Is a country that supports free speech and does not believe that people that oppose our point of view should began to. Should bean gagged of 1,850,000 voters in a few days, they resent. Donald trump should be allowed to enter the u. K. In his capacity as head of the United States government but he should not be allowed he should not be invited to make an official state visit because it would cause embarrassment to her majesty the queen. As is a fascinating prospect, what is the need of first petition that suggests that some way canceling the visit, the state visit, would deprive President Trump of his ability to speak freely. What we have heard in recent days is incontinent of free speech. The man is everywhere, 24 hours a day, seven days of the week. But the other petition is saying not that he shouldnt come, because he should come on business or other matters, but he shouldnt be accorded the rare privilege of a state visit. Only does copresident s of the United States have been granted a state visit since 1952. It is extraordinary. But here we have a position where seven days into his the fully he invited panoply of a state visit. Extraordinary. Completely unprecedented. We can dwell on the reasons for that but the reasons have nothing to do with the fact that we all, in this room, are holding in retrospect the united , thes presidency thetitution, the history of president , and we know how close our cultures have melded in then the odds arts, in entertainment and in our film and cinema. We are merging into almost one nation but we have a direct interest in the presidency of the United States because he is also the leader of the free world. Their, wouldon of if myble friend friend is able to read for a trade deal, does he think President Trump might be able to detect as well . The word comes to mind when we think of the circumstances of our beleaguered prime minister, that she is there with this great predicament of being the break burner, destroying the bridges to us and europe and knowing the possibility of brexit bumps in the road ahead to be aight turn out brexit sinkhole where our economy might plunge but she has a difficulty. Can the bridge burner be the Bridge Builder . She made an attempt to present herself as someone who could act as a link between the presidency and europe. And the president of lithuania pointed out, we dont