Cspan. Org coronavirus. [background sounds]. Good morning everyone. More people are expected to arrive but i think i saw Michael Waller come i dont know where he is, hes in the back now. He is becoming shy. Is the Wilson Centers supporter best supporter of the planet predict and we are giving him a name tag. But welcome michael and welcome everyone else. I am jane harman, president ceo of the wilsonso center. It is the best job on the planet because i get to talk to geniuses every single day. One of them it was not in my script, she will hide somewhere is make king. Some may nothe know her but she runs our Science TechnologyInnovation Program and is responsible for the schools we have on fridays to teach capitol hill staff about cyber and Artificial Intelligence and today genius, that would be van buchanan is our go to guy and teach some of the schools. Lsben buchanan. And hes beeno trying to teach e for a while and think i have been the repeater of all time that some of those schools i know i am kinda getting it but i have an analog brain. And i thank him for his patients. Van is a global fellow he will discuss his latest book right now called the hacker and the state. Spoiler alert, hackers have changed the world. Cyber operations are now indelibly part of the International Relations and the gap between the United States and other countries, as narrowed considerably. From north koreas efforts to hats for cash, a Million Dollars worth pretty against the bank of bangladesh to russia milan activity for disinformation to electric blackouts in ukraine and there is plenty to talk about. Understanding how cyber tools are usedde and abused is bens specialty. Often taking care of analog brain to grandmas. Ill give him credit for that. It is a marshall scholar received his phd from Kings College in london and he knows everything. Even more ported i though. Larry said this, as a former member of congress that would be me. Try to ensure our Technical Intelligence collection tools were notot cumbersome, they were legal and regularly reviewed by experts to prevent abuses i really salute been for the kind of teaching he is doing to all of these staffers who come here not knowing enough about the subject and not knowing each other. In the contribution he has made is just colossal. So my theory is i just hinted is that politicians are analog but our problems are digital in the Wilson Center is kind to change that. In here to moderate the conversation with van, then the genius this courtney qb of nbc news, courtney is a ncorrespondent covering nationl security and military and has spent a lot of time reporting on the intelligence and digital issues we are discussing today especially election interference. Did you know there is interference it really means a lot to us if courtney and she would come here and do this and take a little time away from endless conversation about our ongoing primary election and courtney thank you so much and over to you and enjoy everybody in thank you every much. Courtney we have been the genius and courtney be adequate. Ive been an early copy of this pretty soon probably one of the few people who had the luxury of being able to read this fascinating read. Were lucky to have been tells a little bit more about it. And since most people in the room have not had a chance to read printed can you give us just a basic overview of what the thesis of the book is printed. Ben too often we think about packing between the two nations like it is hypothetical. Its often the distance, its like it cyber of 911 or pearl harbor and pieces of the book is that there is the wrong way to look atch it. That in fact, hacking between nations happens every single day. Theres not an extraordinary activity but it is a daily one. And part of the way in which nations compete in the modern era and as part of the way it was a project car. So i what i want to do is take this discussion of above in a very hypothetical academic theoretical and make it very real. These are the stories of how nations attack one of each other. And this is what it means and why. So every chapter in the book is a different way in which nations projectch power rated fiberoptc cables and inscription backdoors and hacking banks to seal passion blackouts and beyond. Not untill the stories of what actually happens everyday in cyberspace. Courtney youre looking at, many people americans are the world, these attacks and even Cyber Espionage us art potential for casualties mass casualties and chaos beyond the assorted the states in between like the gray matter what happens and happening every single day. What do and will get into some of the specifics and fascinating cases that you detail in the book how would you characterize the cyber attack on a nation, how does that generally work look today. Ben awaiting with planes crashing in cities burning, you miss the activities the matter the most and that actually happened. But we do see between nations and persistent and pervasive espionage. China United States russia, the use Cyber Capabilities as espionage. We see attacks and to blackouts because by russia hackers in ukraine we also see what i call a deep stabilization, election interference. Nation saying revenues hacking tools to mess with your elections. These are categories espionage attacks and almost everything we see its into one of those buckets e pretty and very little of it involves casualties but all of it is important. Courtney so Cyber Attacks are pervasive but potentially less destructive. Ben of the sort of insidious harm that happens. His close or maybe two, change than it is to a forest fire. Courtney kills explaining the book that one of the major reasons that nations hack one another is sort of this endless struggle to dominate. Nominations over other countries and over the world. Is that or do you still think thats true and has happy become harder to prevent it was in the past. Ben not only is in order to prevent but nations getting for 0progressive. In attacking business between nations and what n we see is tht hitions are Getting Better and are also being less inhibited and below the russia, go back ten or 15 years, russia is doing very stealthy actor in cyberspace. Were in contrast to the chinese snatch and grab burglars, russia would be slow and methodical and high below the radar. And what weve seen since and in the case of russias that god much more aggressive and more capable. In the two blackouts in ukraine, certainly Everybody Knows here about the election interference in 2016 under other cases two. The text in 2017 as well pretty and destructive Cyber Attacks. 10 billion in damage are of the world and that is the low end. Also perpetrated by russias another link hackers Getting Better, there also getting more aggressive. Speech of humans ukraine and twice that russia attacked the power red. What do you believe after all oi this, we believe the russias goal was that was it messaging for distractive measures that they had the m camp capability. Ben if it was for distractive measures they fell short. Most remarkable remarkable that the 20152016 in ukraine, they were for the caused by a cyber attack. In pierce but they did less damage than they could have. And they also bangmac and it leads to question two what were they trying to do. And i think there is two possibilities. The first is it some kind of test used in line and the second is this is a signal that this is processing to ukraine or to the world, we have this capability, this thing that you will have all long feared was a cyber attack, we can do that. Lets particular remarkable especially about the 2016 blackout is it a tool the russians deployed to carry out the attack was automated and scalable it seems could work against american systems as well. That may be a suggestion not just to the ukrainians but to American Society this capability is in the arsenal and theyre not afraid to use it. Courtney did that allow western nations in the United States to put in some sort of preventative measure. Ben is certainly tips or handle bit could they develop a different capability. It is certainly c possible. The United States improved theres certainly possible. One hopes to up to the defenses and certainly election Grid Security is aso lot of dentition in the United States. It is not all dume and gloom. We are making progress. Courtney large financial implications congressman armen mentioned bank hacking. Our details in a book that i had never heardd about. Ben North Koreans have a remarkable admission. The most isolated sanction country ontr earth. In one of the ways that they get hard currency for the regime is to pack other banks. The most famous hack is the one against make a dish. They aspired to still a force of a dollars. Get access to banks accounts they used to account or interact with a an initiate transfer from the new york fed two counts of north korean central. Was a little bit funny about case the main some type of transfer some of the transfers were blocked and the only god anyone million and 7 billion. It was an expensive typo. North koreans made that mistake it was significant about the cases that show the omission of north korea and some of the discussion that the bank hacking stops there. This is actually much broader campaign. Theyll actually have other banks. Less success in the hacked crypto currency exchanges with a great deal of success. Theyve also hacked in operation against the bank in india. Atms all over the world and with drool the money in a decentralized way. So characteristic of them is that they are evolving. Courtney you mean this is something that is by the state run sanctioned and funded. Ben directed by the government. Its a priority for them to raise cruising hacking is one way to do it. Courtney i was surprised that you wrote the north korean operators risk tolerance this sort of opens up the next question printed both oher risk tolerance and enable regime doesnt seem to care about the International Laws and whatnot, what you think they could do next and hacking world. Ben this is only a question i dont want to say this is real but one hypothetical thing that has the race in north korea is capable of interfering withh the integrity with to be comfortable to do transaction in interfering to do damage. In a a bankable say that these transactions and records are at the core or are modern Financial System and again at this point hypothetical worry but one worries that north korea might t come back to the kincaid hacking but to try to punch back in a crisis. Courtney he also talk about espionage in cyber world. Sort of like the cat and mouse game that exists in espionage. Its called candor. Ben Chinese Group is cutting for the chinese hacking group. Courtney is essentially a spear fishing campaign right hundred and evolve over time printed. Ben it was a part of a a broader set of operations, being the codename for this. Lowest ranking about skinner was they were region striking many targets across the United States defense establishment in the work your spearfishing to get access to the computers of american officials and pulling information back. And what is striking is what the nsa did pretty they said the american in the they essentially hack the hackers pretty so they the computers for which the chinese operatives with part of the people of the british army was hacking in the hacked those computers in the hacked Home Networks and the Broader Network that was coming out of these operations hacking Internet Company from selling the tiny their Internet Service that they can look at the recordsli and confirm who was behind these activities and they got advance information on the chinese operations in the use that information to go and be ready tost defend against the attacks when the chinese showed up in the espionage. When they shouldve. And it as you said the cat and mouse game that is happening in at a daily competition. But this is a daily competition in this case between the ics china. Its how we operate in cyberspace. It. En courtney the u. S. Was able to counterspy in china and how many years did this one. Ben is unfolding for years. This was one battle in a much broader war. One hispanics case and the United States very well. Aeditors. The chinese activity but there are many others in which the chinese activity went uninhibited. I tell the story of an extensive Chinese Campaign against military aviation in the United States. The c17 warplanes pretty the cutting edge plane being built in the u. S. And chinese hackers plot reams of information about this plane. Information is so extensive they cant transport even digitally back to china so they just made lists of the filenames and filenames list for thousands of pages. They take the names of the files. And of all of these files we could pull back, which ones are important. It gives you a sense of the extensive breach of chinas efforts in this area. Courtney chinese example what was interesting b was the point that the chinese use break and explain how that works and how the nsa was able to intercede or intervene. Ben what is so fascinating about that operation is is all cat and mouse is all about spy versus spy an assumption in one way in which the chinese were carrying out this deception was they would Hack Computers and the thirdparty countries and then they would the United States from those computers. And with the nsa had to do, they hacked back was they had to have the thirdparty computers search which had no idea that this was happening in the systems and then went upstream and eventually made their way to the chinese networks. Lets not just the chinese to do this. Every nation takes precautions to try to disguise his hand. And we have hot points as well in the russians have an existing thing that they were doing for a period of time where they would have Satellite Phone information and payment down to africa. It is a constant game of trying to hide your hand so you get more freedom of operation. Courtney again birth fascinating, running sample of the nsa taking an offensive role in this and it paid off in the end. It was successful for them. Im surprised thehe character is characterization of the pla. When van describes the pla action specifically this case he said the chinese hackers were sloppy at times. Lack of discipline operational security. It was sometimesil even login on their stock and pornography. Ben and is true. Everyone has a boss in a budget and you can imagine the chinese hackers want them to hit more targets. The going to be sloppy and take shortcuts. And they get bored and lazy. And they decide, the odds of us getting caught are exceptionally low. So then they do other activities or took the market or whatever. That shows a human side of this business. Second person and hoodie behind keyboard. But in this case are also checking facebook. Courtney tell about shadow brokers. Ben there probably the single biggest mystery. Every author has his white well. Every journalist probably has it as well. There are mine and i got pieces of the story, fascinating story but we dont know all the details but what we do know is at some point in 2016 beginning in august of 2016 nsa tools and prep credibly powerful hacking tools, one is so powerful is like fishing with dynamite rated we dont know where it came from, a Mysterious Group of twitter another platforms of the shadow brokers. And proceeded for about 11 months or so and continually posting and burning nsa tools and then it stopped. And their theories about who did it. About why they did it. Many people guess it was russian intelligence. It seems to have its roots, at least at some level that even now to the state, three or four date trend years later we d dont know who did it despite it being one of the most significant leaks of classified information ever. See when they made it clear they wanted money was as nothing more than a criminal enterprise . Guest that is certainly aera theory. They talk all the time about how if they got paid enough money they would stop. One theory was a former insider contractor decided this was something they would do to try to get money and then disappear. Again another theory of the case weve seen many times is the masquerade and as a criminal element its actually an intelligence operation. Its remarkable that we still dont know. Host it opens up another iinteresting idea when it comes to hacking and Cyber Espionage. There is an article that New York Times this morning t and said a program that cost 100 million from 2015 to 2019 but it produced only two unique leads his face often ig report that question whether in fact this was an efficient use of money, a significant amount of taxpayer dollars. But we have quite a few congressional staffers in here and it gets to the larger issue of policy and oversight of this. Is there enough oversight of u. S. And government Cyber Espionage . Guest its hard is the congressman said at the outset e creating and denying keeping the adversaryve from doing what you want to be doing. The question scholars are raising will that lead to escalation . Will this work . Just moving it to classified settings or is more appropriate to ask and answer them. Host with yourr experience do you think that oversight at this point is adequate . You think theres enough attention to it, theres so muchch going on . Guest imo with more attention and oversight sign me up for more that if i