Cspan2. Good morning everyone. More people are expected to arrive i saw Michael Lawler in the back. So the Wilson Center the best supporter on the planet and giving a name tag. So i am jane harman president and ceo of the wilsonan center it is the best job onob the planet because i get to talk to geniuses every single day. One of them i will call around you may not know her but she run Science TechnologyInnovation Program and is responsible and then to teach capitol hill staff about cyberand Artificial Intelligence and then been gbuchanan and the go to guy and and i think i have been the repeater of alll time. And i thank him for his patients. A global fellow and will discuss the latest book right now but spoiler alert hackers change the world. How . But those are at those relations in the gap between the United States and other countries has narrowedas considerably. Narrowed considerably. In 1 million worth against the bank of bangladesh and that disinformation to the blackouts in ukraine there is plenty to talk about. Understanding how cybertools are used and abused is the specialty with that analog brain a scholar to receive the phd from Kings College and knows everything even more important arity said this as a former member of congress to try to ensure the technical tools were not cumbersome and then to be reviewed by experts know that kind of teaching he is doing with all the stuffers and not to know the subject or each other. And that politicians are analog but they are digital and the Wilson Center is trying to change that. And within the genius courtney is a correspondent covering National Security and the military and has spent a lot of time reporting in the intelligence and digitalof issues we are expressing today especially election interferenc interference. Did you know theres election interference . It means a lot to us to do this and take some time away from the endless conversation with the ongoinggo primary election thank you so much. So one little thing and probably one of the few people that have the luxury that is a fascinating read in and to have been here to tell us more aboutnd it. If you have not had a chance to read it what is the basic overview of what is the thesis of the book . Too often we talk about hacking as a hypothetical like a nuclear war. Off in the distance, the cyberpearl harbor or 9 11. And hacking between nations every single day and thats part of the ways in which nations compete in the modern era in the project power. So to take the discussion thats academic and hypothetical and theoretical make a very real that these are the stories of how why they tackle one another and whatav it means so every chapter in the book that they project power inio cyberspace. And then hacking banks to steal cash but i want to say what really happens every day. And then to cyberespionage with masss casualties and chaos but for the space all between the gray i matter in what happens everyer single day as we will get into specific and fascinating cases but how did you characterize a cyberattack on the nation how did that general look today . You are waiting for a cyberattack with planes crashing and cities burning you miss what happeneded the most and with that persistent pervasive espionage and with those capabilities in some circumstances to blackouts with Russian Hackers and ukraine we also see the destabilization operation with that primary example of this to say we will use hacking tools for the election and those categories activity or espionage attack in the most everything we see fits into one of those buckets but almost all of that its important. So today they are more pervasive but less destructive . And that insidious harm and may be the Climate Change and that insidious harm and may be the Climate Change one of the major reasons nations hack one another is an and the struggle to dominate for domination over other countries and the world. Do you still believe that is true . Is hacking becoming harder to prevent that in the past . Not only as a harder to prevent been nations are getting i more aggressive. So what we see is that they are Getting Better and if you go back ten or 15 years russia is doing a very stealthy actor in cyberspace with the smash and grab burglars it would be methodical and slow will be seen since then to be much smore aggressive and the two blackouts and ukraine everybody here knows about i the election but there are other cases also so probably the most destructive cyberattack in history did Something Like 10 million of damage around the world and thats also perpetrated by russia there also getting more aggressive. So twice and with 20152016 what do you believe russias goal was was at messaging and then to have that capability. So what is remark about 2015 and 2016 the most publicly known back blackouts from cyberattack is that it appears they do less damage than they could and to hold Something Back which leaves the question what were they trying to do . What were they trying to do and there are two possibilities but the first that there is some kind of test to the capability for use down the line on the second that this is russia saying to ukraine or to the world we have this capability that to cause a blackout with a cyberattack we can do that and whats remarkable about the 2016 blackout the tool that they deployed to carry out the attack was automated and more scalable and it seems could erwork against with those modifications and that to the ukrainians and to the americans this is a capability in the arsenal. Specifically than 2016 to heat allow the other western nations and allies to been some sort of a preventative measure. It tipped their hand so can they develop the different capability can they prove it is so when you see a hypothetical and then caused the up the defenses that Grid Security to get attention and then to makeg progress. And then with a large and then can you tell us about that case there are details i never heard about expect that ambition with north koreas. And with that most isolated station country and then to fix that and then for those to hack other banks of the most famous hack is against the bank oft bangladesh where they aspired to steal upwards of 1 billion. They got access to the banks taccount and then to initiate transfers from the new york fed to the accounts north koreans controlled. So some of the were blocked and he only got 81 million 1 billion. And that the north koreans made. It shows the ambitions of north korea and that discussion and what i show in the book is a much Broader Campaign their currency exchanges with that coin and they also have hacked atms. And then to withdraw the money in a decentralized way. And nowhere is that more true than the baking operations and with the north korean government and to raise currency with the bank of malaysia that the north korea operators and that regime that sndoesnt care and what could they do next in the hacking world cracks in one hypothetical to delete transaction laws and to delete or manipulate transactions in order to do damage and that these transaction records and one worry and at this point a worry that they may come back for the purpose to punch back of from the west. What i found fascinating is the cat and mouse game t that exist because of cyberespionagele the byzantine is the chinese nsa codename for the hacking group. It was a spearfishing campaign so tell us about how that started and evolved over time. This was part of a broader set of trained operations. And their reach to strike many targets across the United States defense establishment and spearfishing to get access and then pulling information back. And what is striking is what the nsa did with a single Intelligence Agency and they hack the hacker so to figure out for those operatives are part of the Liberation Army ware hacking and that Broader Network and to hack the Internet Company to look at the billing records to confirm behind these activities to get advanced information with those chinese operations to come and to be ready against when the chinese show up. And the cat and mouse game is a daily competition with a public view and all of this is secret. And that is endemic to how nations operate. And there is a stretch but this is one battle in the bigger war and then to stop the chinese activity and tell the story and the Chinese Campaign against military aviation in the United States and then to be built in us and the chinese hackers pull out reams of information and it is so extensive they can even go back to china so they make list of the filenames and then to say if we could pull back which ones are important . Just to get a sense of the extent of the reach so can you explain how that works and how the nsa could intercede . What so fascinating is all about spy versus spy in the way the chinese were carrying out this deception that they would Hack Computers with the thirdparty countries and hack from those computers and what they have to do and where they hack back they had to hack these third party and had no idea and then they went up stream to make their way to the Chinese Networks every nation takeses precaution when was cyberespionage and the russians have extensive thing they were having for a period of time and then being that down because western intelligence agencies might not be working but they were so it is a constant game of trying to hide. It all sounds very nfascinating. And then it paid off in the end it was successful. And with the pla and if you would just indulge me for a a second and in this case the chinese hackers were sloppy at times with a lack of discipline and Operational Security and to be logged in on the personal email account and then watch pornography. All true. There are two reasons somebody would be sloppy. The first is everyone has a bos boss. You can imagine the chinese shacker they will be sloppy and take shortcuts and the second is they get bored and lazy and those odds are why not or other activities. And that shows the human side of this business we think of hackers with a person in the 30 behind the keyboard but the chinese were also checking facebook. [laughter] you talk about the shadow brokers so tell us about them and what you learned probably the single biggest mystery in cyberoperations and every author has their one but the one story every journalist has a and the shadow brokers are mine. I got pieces it is a fascinating story but we dont know all the details. What we do know at some point in 2016 at the incredibly powerful hacking tools. And then it was like fishing with dynamite. We dont know where it came from just a Mysterious Group on twitter and other platforms call the shadow brokers and they proceeded for about 11 months continually posting and burning and then it stopped and there are theories about who did it and why they did it and then to hand it to others. And so with those two attacks the next year one by north korea one by the russians used along withth other than that was the most distractive cyberattack in history with damage and it seems to have its roots at some level so that even now to this day they cannot condemn despite of those most significant i ones ever. Was is nothing more than a criminal enterprise . The shadow broker stock all the time and how they would stop the one theory of the case and a former contractor has decided this is what they would do to get money and then disappear. A produced only two unique needs, and this is based off of an ig report that questioned whether it was an efficient use of money and taxpayer dollars. We have quite a few staffers, surrogates to a large issue of policy and oversight. Is there enough oversight to a u. S. Government Cyber Espionage . This is an activity that is incredibly complex. Its actually one of the simpler collection programs and even that was hard to oversee so the biggest challenge in overseeing the program is often an understanding and the world of Cyber Operations is a tricky business. What is significant is what happens with the change in the strategy that we have seen the last couple of years. The arm that carries out the operations from the military purposes has been very clear over the pastac few years that t wants to be more aggressive, take the fight to the adversary and be less shy about pushing backju a. A. Is it going to work these are all questions hard to answer and question to the public that they should be asking in classified settings where its more appropriate to ask andd answer them. I am someone that always wants more oversight, so sign me up for more of that and how adept it is given how complex some of these programs are and how complex some of the jurisdiction is and what makes it an intelligence activity overseen versus an Armed Services activity overseen by the Armed Service committee. We actually worked that out but it was a discussion of who oversees what. Do you think there needs to be some sort of a standard rule of practice that exists. What needs to be adhered to the policy on this that sgoverns the activity they are classified, so it is hard to know. The broad question that is more pessimistic if can we get other nations to agree. Can we have norms here are the way we have in other categories of the warfare and the way weve seen the technologies in the past and then we build the norms to try to counteract them. Im skeptical and i think that this is an opportunity where it serves the interest of all nations to compete in cyberspace and the norms that have been outlined by the un have been very high level and general and i dont think they are constraining them out of the state behavior. Some of the nations that do the most conducted tasks on iran, china, russia that dont adhere to these practices or norms. Because of bad are they Getting Better, have they surpassed the United States in theirss capability . T the phrase you hear a lot the United States has the nicest rocks that we live in a very glasshouse so when it comes to intricate beautiful cyber offense the american capabilities are truly extraordinary talking about the intricate operations against the program but just because we can do that doesnt mean we can defend very well and weve got this vulnerability that our adversaries havent been exploiting. This is the case in which most dont know these Companies Access to a this is more of a military side but at what point do these attacks if we are talking about something in the gray area at what point are they beginning of the actual cyber war in connecticut for. I think what is remarkable is where we thought the point was we kept pushing it back to 1999 the russians carry out an spl launch campaign against Unclassified Networks in the United States this is what the cyber war was at the time. Whether it is doing a billion dollars in damage. Whether it is election interference and time and time again we kept redefining this. What costs are we willing to bear t to an act of punishment d thus far the administrations of both parties have beenes willing to say lets let the competition play out. Is this something that hell needs to get more involved in to provide guidance . Im not sure that i know the answer, but it is something that others can say what is the strategy or where is the line where the plan for reducing or mitigating the threat from the actors with china and russia. I do think there is an overhanging of deterrence where no one is going to kill people with the United States cyber attack. We just want to make sure we are drawing the line in the same place. Without attribution. Has the u. S. Gotten better and at what point without some sort of smoking gun, how can there be a kinetic response unless potentially they show how they were able to determine it. This is one of the biggest questions in cyberspace, can we figure out who did it. And i think the conventional wisdom for a long time is unlike the cold war, it was impossible. If the unite United States souga thousand Nuclear Missiles they knew where they were coming from. The thinking here is we wont know where the cyber attack comes from. We make it seem harder than it actually is. According to one estimate they get these emails about Angelina Jolie and the question immediately emerges who did this and they said it was north korea and some in the industry say it wasnt. We dont know, but it wasnt north korea. It emerges with time at the way the United States new it was in fact korea but they were in the north korean networks and koread eventually this leaked to the New York Times that i think it is emblematic of how thehe natis do these cases its not just forensic evidence detective work. Its also hacking the adversaries to watch what they are doing but that comes back to the broad theme this cat and mouse. Some folks said it is incredible. You havent proven the evidence. When you say the u. S. Is Getting Better at determining the attribution and a stronger and more concrete way and are there other nations as well. It certainly is the case of others that appear to have this against theha u. S. If that was a russian observation then that was an extraordinary counterintelligence success that we feel tremendous access. I want to touch a little bit on Election Security because you have a story in the book about j