The Director of U.S.’s Central Intelligence Agency is worried it’s in danger of losing relevance in an ever-more-digital world.
His answer has been to order a sweeping reorganization of the C.I.A., which would include the creation of a new Directorate of Digital Innovation who would manage a new division overseeing both cyber-spying capabilities as well as internal technology needs and would rank as high as the agency’s powerful operations and analysis groups.
And while Brennan steered clear of saying it clearly, it’s the latest signal the U.S. is leaning in to a more offensive posture in the areas of cyber-espionage and cyber-warfare than before, a position that could prompt America’s adversaries to ratchet up their own cyber-spying capabilities, setting the stage for a technological cold war.
In the wake of last year’s attack by North Korea against Sony Pictures Entertainment and numerous other breaches, the urge to hack back, or at least build up the means to do so when and if needed, has increased.
The stats on the subject are pretty clear. The most widely-cited collection of data on hacking incidents is the annual Data Breach Investigations Report put out by telecom giant Verizon. Figures for 2014 have not yet been released, but in 2013 its authors flagged a tripling of incidents of “cyber espionage,” around the world. More than half of all incidents reported — 54 percent — were against American companies, government agencies or other entities like universities. The vast majority — 87 percent — were state-sponsored, meaning they were carried out by hackers working on behalf of the governments of other countries.
The C.I.A. isn’t alone in beefing up its ability to counter-punch hackers. Last year, the U.S. Department of Defense announced an increase in the number of military cyber-warriors serving at U.S. Central Command to 6,000 with an attendant jump in the budget for cyber-operations. And the epic offensive hacking capabilities of the U.S. National Security Agency are already well-known thanks to documents leaked by its former contractor Edward Snowden.
Even the White House has signaled a broader and more offensive cyber-posture. In last month’s interview with Re/code President Obama likened cyber security matters to basketball, a sport where the line between offense and defense is fluid and unclear. “When you develop sufficient defenses, the same sophistication you need for defenses means that, potentially, you can engage in offense,” Obama told Kara Swisher.
The President also spelled out which lines America’s cyber spies won’t cross. They will not, he said, work on behalf its corporate interests. This is a charge routinely lobbed against China and which last year resulted in criminal indictments by a federal grand jury against five active-duty Chinese military officers. Russia and Iran are also regularly blamed for such high profile attacks.
So back to the C.I.A. In his memo to the agency’s rank and file released on Friday, Brennan said the agency’s “greatest mission successes” have resulted “from collaboration among all of our mission elements.”
Aside from the creation of the new directorate, he says the agency will stand up new “mission centers,” that won’t report up to any single director, but will blend all of the C.I.A’s analytical, technical, spying and operational abilities to specific kinds of missions in certain areas of the world like the Middle East or on specific ongoing problems like weapons proliferation.
Here too, Brennan’s language suggests a tougher, more assertive stance. The mission centers “will be responsible for consistently preempting threats and furthering U.S. national security objectives with the best possible information, technology, analysis, and operations,” he writes in the memo (emphasis mine).
It’s not that the C.I.A. hasn’t gone on the offensive before. When it has, it has done so in spectacular fashion. For two years starting in 2009 the C.I.A. and Israeli intelligence used a computer worm known as Stuxnet to cripple Iran’s nuclear ambitions. The worm allowed attackers to seize control of and damage centrifuges used to enrich uranium for that country’s nuclear program. Neither the U.S. nor Israel has ever officially acknowledged the effort, but its circumstances have been widely reported.
While we don’t know the details of other secret cyber missions — successful ones usually remain secret — the Stuxnet attack is thought to have been an exception to America’s previous defensive posture. With this reorganization it’s possible that there will be more actions like Stuxnet. That will in turn prompt America’s adversaries to respond by beefing up their own capabilities and create a new cyber-spying arms race.
Unlike the last one pitting the U.S. and the Soviet Union in a battle of nuclear deterrence, and an endless chess game of moves and counter-moves by spies around the world. This one will have many more players — practically every country can participate. The range of outcomes will be harder to predict but could have devastating consequences, including crippled power grids or downed financial markets.