And yet as time went on, it looks like their goals evolved. They evolved because they were able to move from in formation gathering to making information public that might simply disrupt the election, make people lose confidence in the system to at the very end if you believe the assessment of Us Intelligence actually entering on behalf of donald trump. The russians specialize, this goes and extremely wrong way. We are in the 100th anniversary of the Russian Revolution and the bolshevik specialized in propaganda and these kinds of operations. It has been around a very long time. When you look at what they have been doing for the last hundred years they have been rising a type that is already there, exploiting vulnerabilities in some cases but giving a nudge in the direction of larger trendss. Lenin embraced all kinds of causes that were not intrinsic to the revolution he was trying to undertake including the National Aspirations of ukrainians and a whole bunch of other nationalities of the former russian empire, ways of coopting them and moving their aspirations for independence in the direction of the bolsheviks, picked up on the ideas of other revolutionaries in czarist russia and basically parted company with them. There all kinds of things. What we saw in the case of the russian outlet simplified trends that were already there that emphasized directions in which they wanted to see things going, they also, this is written in a recent article you or one of your colleagues wrote, a counterintuitive element to this, they want to look good at what they are doing. They love that we are having this panel. Cspan is here but maybe we are live it makes them extraordinarily effective. We are giving them kudos here. They really did a good job in terms of their goals. Not from our perspective clearly because they are working on dinner at the same time. Basically they have loomed large in this in a way they could not have expected and it has been good for business. Vladimir putin wanted to join the kgb in the wake of a whole series of monetary documentaries and films about the derringdo of kgb and undercover operations by soviet intelligence in world war ii. A lot of people getting recruited in the back Office Taking down a tighten of us politics and doing it much more effectively than the chinese or the north koreans, russia is back in business, probably still current operative like Vladimir Putin, incredible pride in a job well done. It does bear saying that while it can be difficult to pinpoint the effects the russian hacking operation had on the election, there is work that be done perhaps by an enterprising graduate student to look at how the release of that information drove traffic online and changed the narrative online. That is measurable and researchable. Right now it is a fair point to say it is hard to put your finger on it but to research this a little bit how fake news distributes, a New York Times article would my ego prevents me from giving any of the results here but i can tell you the fake news stuff gets repeated pretty fast which is why facebook and google and others are looking for mechanisms either technological or of an editorial nature that would say to people who click on a certain article her Facebook Post you should look at these two or three other accounts that suggest what you just clicked on was complete fabrication and one of the reporters with whom i wrote the perfect weapon with, went out and found a guy living in annapolis, great story, basically wrote a lot of this fake news and he said if he could have made more money writing fake news and supported Hillary Clinton would have done that but the market was for donald trump. Next question, we go for quick questions and short answers as we get the final jeopardy. I was an official student many moons ago, still a student of life and i want to follow up on the influence of fake news especially domestically with david sanger. You may clear this is an old playbook on steroids and should be taken seriously. Everyone sitting and standing in this room takes it seriously but it is also fair to say that we are 90 of the eastern intellectual elite in this room and there is a whole group of people who dont take it as seriously as we do. The New York Times several weeks ago had an article about Trump Supporters and their reaction to wrecking hacking and there were three positions was on one spectrum it was it didnt happen. In the middle of the spectrum it happens, didnt influence the election and on the far end of the spectrum was if it influence the election this was a good thing, it got trump elected. Nowhere was a sense that this was a problem so if 35 of the electorate who are Trump Supporters come what may dont see russian hacking is a problem, what is the political will, what is the reality domestically about how we can move forward on this with the money, staff, policy that we all think it deserves . Great question, david . This is a set up because jim was a graduate student trying to keep track of all of us when i was a student, so he seen the problem close up here. It is a very good question and i think it is one of the reasons you saw so many committees in congress and efforts by the Obama Administration to set up investigations that would live beyond the Obama Administration and you are going to see a lot of efforts by the Trump Administration to try to make sure that this either goes away or distractions from it and so forth but fundamentally the hacking investigation fell victim to the same divisions in the country that made it so effective. What you have to do, it will be incumbent on all of us, change the discussion and change the narrative, depoliticize as much as possible. Fell victim to partisan politics and with due respect to some former senior figures in the cia they did not help in this matter and another article in the New York Times and elsewhere, they declared themselves a particular candidate or made a partisan comment, the message overall should have been this was an affront to National Security, no matter what your position on Hillary Clinton, former first lady, former senator, running for Public Office with a legitimate candidate in a legitimate election the matter how dirty the election was. If it can happen to Hillary Clinton it can happen to anybody and a member of linkedin had their personal information taken we should be concerned. Many people in this audience wants to run for Public Office, anybody out there, private citizenship, all the people who voted for trump can have their personal information taken. We know the chinese have been doing this is only a matter of time before this is used for political purposes. We need a national debate, congress is the right place to be having that because of the Intelligence Services and things we know and can have this compartmentalized information. We have to talk about this in a nonpartisan fashion and make it clear how serious this is which is why people are doing Research Like this. Had president obama, starting in july or august gone out every couple days saying this is not about my support for Hillary Clinton but we cant have a foreign power missing in the election and heres what intelligence is showing us. A choice he considered and rejected, to ask the question would that have been a better approach and i can tell you that while most of gone public on it there are many former members of the administration who believe he should have been a lot more vocal about it. It is worth noting senator mccain recently created a specialized subcommittee to focus on cybersecurity. That is a good step. We should expect our representatives in congress to spend more time specializing in cybersecurity oversight not just for the Armed Services committee, the intelligence committee, but for a broader slot of society. That is where we should be heading. Cyber Security Information Services to congress. Good shout out there. You have a question here . Go for it. I am a graduate student at the davis center. We spoke about providing evidence editing the fundamental question of how to provide evidence to prove to the extent possible these event plans are taking place. I got a lot more from your story then i got from Us Intelligence report from early january which to someone who follows russia said nothing new. Everyone knows there are propaganda outlets. We write more prescriptions than they do. Right. I was wondering about your views about limitations on releasing certain information. The fact that a lot of people in this country dont believe this has happened and how to combat it. Somebody with no background in intelligence the National Intelligence council, incredibly difficult for intelligence agencies that was literally the most sanitized summary they could put out there. There was always an anticipation the redacted version of this would be leaked as well. When they are leaked they put people in danger. We do not know what is going on. I dont have any special information but if they do have anything to do with that you can see what the consequences are. Lifeanddeath consequences for people who provide information. What i was going to suggest as a way of compromise is something for the role of Congress Getting back to the question. The Intelligence Community is in a difficult situation. Their priorities National Security but these are our representatives. Lindsey graham came out and said we had been hacked so when members of congress way to reaching out to their constituents also plan important role, presumably people who voted for them have a degree of trust in them. We have a problem with trust in congress but we have to work harder on restoring trust in our public institutions. It is significant that trump said we believe it is the russians. Having been adamant on the other side of that hopefully that will have quite an impact. For many of his supporters suggesting something going on. He was also right to talk about the fact that china and other countries are involved in this. We always have a hesitancy from the deck of view of the Brookings Institution where i work having been hacked and in constant denial about speaking out. We have this whole issue now of cyber hostagetaking, people take down your systems and you have to pay with bit coin to for your systems. We need more transparent and open about policies. Is incumbent on all of us here on this panel to find ways of doing this because we wont get anywhere unless individuals take it seriously not just institutions that have been subject to these attacks. I need everyone to work with me to keep it brief. I have debated a lot of people in the Intelligence Agency about whether they could have offered up more in the way of evidence and i strongly believe they could have because so much here had already been brought out by private companies which they could have come out and ratified and said their analysis was exactly the same as those private firms and probably could have talked a bit about having evidence of firm through implants they had. It is not exactly news to the russians that we are inside their system. Without getting so specific that it endangered there are ways to do this and they are stuck a little bit in an old thing about how to handle this. To amplify what david said about private companies it is worth noting talking about intelligence and cybersecurity it is different than chemical weapons in syria. And active industry, for intelligence operators in the private Sector Community working, that one these issues. Based on private evidence alone i was convinced and happy to stay on air in different forms by july or august. Because of the reuse of certain funding indicators and i think that is the area the Intelligence Community needs to adjust to piggyback on the private sector ends when she did fear with the private sector will say because they cant control them until some companies have an effort to get tension in very local in ways that they dont agree with but that is the wrinkle that requires a rethinking the Intelligence Community side. Ben has documented this in a recent paper called russia cyberoperations, challenges and opportunities for the next Us Administration so check that out. Next question here. Im a student at the Kennedy School with a question with regards to Upcoming European elections. You stress we should expect continued russian interference and i spoke at length about various shortcomings in the us and im curious to hear your views on how you see European Countries learn from what happened in the us and how they are stepping up their defense and how vulnerable you see various countries . We see the germans having public talked about this, they have a vulnerability different from ours. We were made safer here by the fact that our election system is so disparate across the states and there is so much suspicion of having a centralized system run by the federal government that you had a fan to design different ways to hack into the Voting System in each of the different states and sometimes in each different county. It is a lot easier in europe so they have a set of problems that go beyond hours. A lot of European Countries, not all, we have seen this on the other side, the deficiency but overall for some of the countries like germany and france, the United Kingdom for example have more integrated intelligence communities, much smaller intent to be communicating with each other much more quickly. And also there is now what can be done to the United States you can be sure it can be done to other countries but over the much more reverse active measures being taken by countries now to try to focus on the integrity of the system. Their political figures have been forewarned, their accounts of been hacked and those who have not been told that that is the case are pretty certain a high likelihood that that is the case, we will be seeing a lot of European Countries working closely together. There have been a whole host of tough and center set ups with in europe on cyber picking up on the issues raised here now to swap information including nato headquarters and other key subject in the eu itself. An example i talk about is the hack of ukrainian elections. We dont need to be forwardlooking to find Election Hacking in europe. It got very little attention in the United States, was not influenced in the same way, three days before the election the systems were wiped and they were ready to have backups. On election day itself, they were going to ship the results, found they were going to push out the media first. Results will show a fringe candidate winning. They had that happen in the past. The only into the once ukraine fixed the problem to a certain point was prorussia tv, somehow knew what was going to happen before it happened which suggested the confluence between cyberoperation and influence operation. That would worry me going forward, does not just influence operations but transitions to know kidding cyberattacks. I am paul from east fleischer school. My question has to do with sophie and the attack which you talked about, why they are seeing far less interest in the Party Discourse about that attack with russian hacking, why there is why there are certain interests in Foreign Government hacking our country whereas chinese have been doing that as long as we can remember and if you look at scales of the attack in my opinion like an act of war whereas the taking of the dnc as much as we want to think about it is probably not on the same scale as the opium attack, in 2015 when it happened i was working in the town newspaper and i remember how there seemed to be very little interest in their story, the story of the day wasnt about the attack but Something Else so i am curious. Then and david. Act of war from opium . Not act of war. They can to the chinese, they would, my guess is they have. Great moment when general clapper until recently director of National Intelligence is testifying in congress on the attack which could get a lot of coverage but mister trump may have been busy doing other things at the time but it was pretty well covered event. And all these members of congress were saying about the chinese attack on opiums and kept correcting them saying no, it was not an attack, he wouldnt even say china at the time. He would say the incursion on opiums, the espionage and the reason was if he categorized it as an attack he would have to say this behavior we would not do and obviously it is the kind of things that not only do we do but if you look at what the United States is done in china we have done parallel things, we havent done them on this scale and one of the questions raised by the opm attack is did the scale of this, 20 million records, biometric, the details people have, did the scale change the nature of it . One of the issues we have to address in line with the discussion is how we regulate cyberrelations. Everyone has said here, the United States is doing this as well into the countries clearly are too. Not just china or north korea or russia but every country is involved in these activities if they have that capability. We are in a whole New Territory now. In a way that isnt covered by many preexisting treaties. It is one of those difficult things to get our heads around about how we deal with this, do we engage in treaties or negotiations, what level, is an attack on emails Tactical Nuclear weapons or Something Like a larger denial of service or a strategic thing . Is this what we are thinking about . These are debates steve bannon and others are putting out. The thinking about do we think cyber the same way we used to talk about Nuclear Deterrence . Asking about these questions, this is only the beginning. For this new administration, it is going to have to be one of those questions. Is this on the table . To not reinvent what has already happened because theres a tendency to keep thinking about cyberdevelopment is new. You can look at popularly accessible books, and one of the developments there is good consensus on his nuclear is not a great analogy. We are lucky to have joseph nye. I will try to repeat the question. If you add a suggestion for thinking about norms and governance they spent time working on in this field or trying to bring stability to International Relations, any reaction . I will repeat it on the microphone. We are making some progress but a long way to go. One reason jim clapper didnt fall to the opm intrusion and attack is they were busy working out an arrangement with china to prescribe or develop a norm against cyberespionage. They wanted to maintain that distinction so they didnt disrupt that. You might say that is minor but it is an education of how a norm can develop. To have a call out i have an article this week in interNational Security called persuasion and deterrence and arguing why it is different from nuclear and not just retaliation but i am not going to bore you with that but the point is there is a beginning of norm development, a long way to go. Basically for those out there. The idea is for Enormous Development there has been some Good Progress but there is a long way to go and on our website you can see joes earlier work on this. He also said one of the reasons director clapper did not say it was an attack, the United States was in the middle of discussions and negotiations, that can be an instructive lesson about how norms do develop and the shout out joe has in an upcoming article in the upcoming issue of interNational Security published in the Developer Center on persuasion and deterrence in cyberspace, check it out and we look forward to having a followup conversation about deterrence soon. We will come to the side and introduce yourself. Im a firstyear student, my question goes to all of you. What do you think is an appropriate or proportionate response to russian hacking in the us election . I had a conversation with my friend, not only an intervention on the us election but the very institution that is supposed to protect the value excuse me, the value of democracy, it is an attack on your value. What would be your response . Let me govern this a little bit. Give us 30 or 45 seconds proportionate response to the hacking, then david, then ben and we will keep going. I will be very quick on that. This issue of proportionate response, you have to tread carefully. Should be guided i will see if i can get a copy. We have to be very careful on this score because what you mentioned, we want to be trying to take down similar institutions. The russian government already believes we have been doing that and we have not. We have not engaged in the kind of counter retaliation or preemptive action we did during the cold war. We have seen in the wake of this and across the Obama Administration one of the last actions they took before handing over the baton to the Trump Administration did announce a whole new set of sanctions against individuals and entities in russia but not just in response to the hacking but also in response to the harassment of us diplomats going on in russia and other actions. It is an extremely difficult thing, but it depends on what you want to achieve with those actions which is why we do have to have a measured look at this and to look at all the different instruments and ways of approaching this and part of this is having a constructive dialogue with the russians. Clearly with the chinese on what they want to get out of this, what is the point of them continuing these attacks. Very brief bob gates when he was defense secretary, the three were at least asked in washington are, and then what . That kept getting in the way of the Obama Administrations response. Your response was slow and you made up for it by making it incredibly weak. Lets think about other options. Had we called out the russians and doesnt sanctions in october, it would have invited them to mess around with an election infrastructure and vote on election day that we already figured out how to get inside. They didnt want to get up the escalation ladder and there are all kinds of things they can do from sanctions to counterstrikes and so forth and the problem between feeling good the next morning, saying really got those guys and feeling really crummy the week later. The hangover effect. When the u. S. Wants to mess with the Surveillance System which is a cyber system. There are options available but as david points out you get to up the ladder very quickly of escalation, are not going to be taken lying down. I think thats why we didnt see any of the actions by the options are there. I would note the legal question about proportionality while its important i think hs largely been litigated outside. You can look at a number of log reviewed journals to see proportionality is fairly comfortable with the options. The question is why do you want to respond to a given act in certain way in the context of the overall bilateral relationship. We have a problem with the country its not just a cyber problem. We have a lot of of issues on the tip. Table. The response to a cyber intrusion or hacking will have to be done in the context of the overall relationship and what the country wants. Were going to lightning round. Down to nine minutes. Please introduce yourself. Good evening. My name is peter. I wanted thank you for having this conference. I am an aspiring student at the university, so an aspiring government legislation analyst, an aspiring husband and speedy we aspire to get to the question. Im sorry, im very nervous. You are doing great. Most of us in this room know that the first step of an attack is reconnaissance, right . We wait. Is security stupid, to call the famous rock star. We are being taught right now to basically give information without asking for any kind details. For example, who has access to information . What is exact information that is being collected and how can we delete it . What should we do regarding privacy . This is what injures our liberty, right . Regarding privacy. In 15 seconds. I think its probably enough time. Ben, help us out looking back on some of the work that was done last year on encryption. Give us a little number of privacy and will do a couple others and keep going. I think the privacy question links back to one directly about what we do. Theres no world in which john podesta is personal Gmail Account will be regulated in the fashion by the u. S. Government. And finally thats the account that was hacked. All the talk about government regulation the balance of privacy, incredibly important but fundamentally the account that may change this election was a personal Gmail Account. If donald trump stepped in and said i got you, im going to secured. John podesta would say no, thank you. I dont want fellow government securing my email. Until that individual knowledge of security is there, this probably isnt going away. Appears to not have two factor authentication, which is a free option on gmail. Lets go quickly. Next question. Please introduce yourself. My name is rebecca. I have Background Information technology, and so in my mind i believe that kind of whats going on now is with secretion of the cloud infrastructure, being controlled by just a few interviews at this point, there is a kind of power being created thats never existed before which i think we need to be mindful of especially in terms of the democratic process. Just innocents Cloud Computing is making it possible to crunch data faster than has ever been possible. In my mind its interesting because most top corporations including the u. S. Government are throwing their data in their, maybe not with a lot of thought. And so ive been observing whats been going on and feeling alarmed, and also i have brothers who are in i. T. As well and we are very concerned. Bring us your question spirit of the question is really like with the cloud, the ability to crunch data, i mean, how do you feel about the new technologies that are being created and should there be more Data Governance around behind all of the hacking is the cloud really. Its the ability to crunch data, send massive amounts of new seats to these huge databases and thinking about security other information. All right. Cloud reaction speed of the downside of the clout is it centralizes the much more. The upside is if youre paying attention, if a cloud providers paying attention to secured it doesnt lega leave open as manyf the holes when each of us has a different amount of secured on her own. So while john podesta would not trust the u. S. Government, im in complete agreement, he probably that wishes he entrusted google a little more by using the services that you make the point were provided for free. The combination of Cloud Computing and big data capability poses a new set of risks to us. When you think about the obm hack, 10 years ago getting the records of 22 million americans probably would not even all that useful to the chinese because somebody wouldve had to go through the records of 22 million americans or an army of people wouldve had to go through. With a big data capability they can sort through very quickly so that when someone shows up at the airport in beijing, a a fingerprint them on the way in and theyve done an immediate comparison to whats in opm database, they may conclude probably by evans Senate Intelligence committee doesnt use opm, should been an Early Warning sign, they would say gee, this didnt show up. I wonder what this person is going in to be the second attache in the embassy when his finger prints dont exist in our database. I would note typical washington though when you steal 22 million records of federal Government Employees and but exaggerate their job title. It turns out theres former special assistant to the president. Wouldnt you know what . Fiona, any other quick addition to a question about risks from reliance on the cloud . My personal view after everything that has taken place from wikileaks onwards is that nobody showed up in expectation of privacy. Its just a simple as that. For anyone who is any kind of public position, have a blog or a professor or teacher, you are seen as fair game. Its basically john podesta had no expectation of his being seen as a private email so perhaps, i personally commit my private email because it has been hacked so many times. Anytime anybody wants to walk in the class with me, where on. Wonderful. Ben, do you still a private email . I do. I think its possible to secure. To single and he does still talk to us in person as well. Last question. Im a student. Just today i professor talked about International Relations class about seven warning signs that precedent working with them was like a rapid shift in military technology that makes work cheaper and more feasible. From what weve talked about today we probably see a cyber war is one of these things. How likely to see the possibility or how much do you see the likelihood of a great power war increasing by the shift of technology . I think maybe some people in the audience may disagree with me but if you go back, Vladimir Putin and people ru running thik that as well. Back to his speech at the munich security conference, it was a declaration of war we didnt have the imagination to realize. It was done any conventional sense in terms of the intervention in georgia in 2008 but for the russians there is no such thing as hybrid war. This is a term we make. Im mentioning it because in terms of Russian Strategic thinking, thinking from a a military perspective its just all part of a very large toolkit going from nuclear all the way through to political efforts. Theres a very good piece by mark explaining this, just came out in the last month or so. So many analysts and commentators in russia have also talked about syria as being one of the noble points out that were not because it was shaking out at original order. Theres talk to the ukraine as a proxy war with the United States. I think, although having to click this or talked about in these terms, what weve just seen is a full frontal attack on our election as part of this, but its going on on a much larger scale. I think we have to get used to the fact that this is where we are. That spectrum of how you use cyber with more traditional forces he is now making its way in the use of doctrine as well. When you look at what the cyber special Mission Forces are supposed to be doing, these more than 10 100 set of and sent outd distributed among the more traditional military units, its to use cyber in the Opening Hours or at some point in the conflict, together with other events. If you are looking for a good description of this, whats been written about the u. S. Program called nitro zeus which was the program against iran if weve gotten into conflict with iran, and described in some length in zero days, theres documentary you can find around it that describes the u. S. Iran cyber competition at some length. Thats what that is all about. In many ways, although there are significant differences in it, the way the russians have thought about this for a while has got parallels, not exact, with the way the u. S. Military is beginning to think about it. 2. 1 on data, 11 of the theory. On data, we have examples of note keeping cyber attacks. Some carried out by the russians. In 2015 the firstever publicly no blackout caused by a cyber attack in ukraine linked to russia. This past december in 2016 we saw another one. My suspicion is the development of capability from the full use of capabilities. But for much of our talk about influence operations, we should not forget Cyber Weapons are now tools of war and conflict. The point on three is important. The question was posed in the sense by our theory and what leads to conflict. The security level, a subject near and dear to my heart, and theres this branch of theory that says conflict is more likely if two things are true. One is that theres a perception that often has the advantage, which is uniformly true in cyber. Everyone will up to the president himself was an offense has the advantage of cyber. Second, its hard to tell offense from defense. What we touched on here with david talking about implants used for attribution, it is difficult to distinguish an offensive cyber intrusion from a defensive one. My presumption and my conclusion is that this animates the risk of conflict and this makes it more likely nations are going to misperceive one another when they engage in the digital domain. Before we go i need you to join me in thanking kate who set this whole thing. Shes too modest and hiding, but thank you, kate. [applause] she did the real hard work. We had a fun job up here. Thank you to the panel. Please join in thanking them. [applause] and thanks to you for tuning in, for being here in person on a very sunny, warm cambridge evening. Please come back and see you soon. Thanks again. [inaudible conversations] cpac, the conservative Political Action conference, begins today we we will have live coverage of remarks by kellyanne conway, special advisor to President Trump. Thats life at nine am eastern here on cspan2. Booktv in prime time continues tonight with books about the constitution. At 8 p. M. The making of the United States constitution. Watched cspan as President Trump delivers his first address to a joint session of congress. This congress is going to be the busiest congress weve had in decades. Life tuesday at 9 p. M. Eastern on cspan and cspan. Org. Cspan. Org. Listen live on the free cspan radio app. So which president s were americas greatest leaders . Cspan asked 91 president ial historians to write our 43 president s in 10 areas of leadership. Top building went to the president who preserved the union, abraham lincoln. Please held the top spot for all three cspan historian surveys. Three other top vote getters continue to hold their positions, george washington, Franklin Roosevelt and theodore roosevelt. Dwight eisenhower who served in the oval office of 19531961 makes his first appearance in the cspan top five this year. Rounding out the historians top 10 choices, harry truman, thomas jefferson, john f. Kennedy and ronald reagan. Lyndon johnson jumps up one spot to return to the top 10. But pd pennsylvanias james buchanan, he is ranked dead last in all three cspan surveys. Theres bad news for Andrew Jackson as well. Our seventh president found his overall rating dropping from number 13 to number 18. But the survey had good news for outgoing president barack obama. On his first time on the list, historians placed him at number 12 overall. And george w. Bush moved three spots on the scale to 33 overall with big gains in public persuasion and relations with congress. How did our historians rate your favorite president . Who are the leaders and the losers in each of the 10 categories . You can find all this and more on our website at cspan. Org. Now look at americas Opioid Epidemic in a panel hosted by zocalo public square. Speakers include an assistant u. S. Attorney who prosecuted doctors in drug rings, and