In the months after 9/11, America’s spies and intelligence analysts came to realize that they had contributed to a disaster. The lack of focus on terrorism, the inability to share the information they had on jihadis—U.S. intelligence professionals realized they had to change their ways. And so they did, reorganizing and refocusing the intelligence community in large part around the fight against terrorists.
Fast forward 15 years and to another disaster—this time, one of counterintelligence, not counterterror. For the first time in modern American history, a foreign adversary played a major role in electing a president. And though people like former FBI director James Comey may be warning that Russia is “coming after America” again, there’s been a reluctance inside Washington to fully grasp — and build systems to counter— that threat.
Today’s counterintelligence community in many respects is a holdover from the Cold War, and as the 2016 election showed, is in desperate need of modernization. It needs to change as far and as fast as the counterterrorists did after 9/11. Here are some areas that must be addressed to stop it from happening again.
The most visible element of the Russian interference campaign involved the release of private emails and the spreading of fake news on social media platforms. While there is no evidence that the actual vote count was changed, according to a January 2017 intelligence community assessment on Russian election interference, the Russian campaign sought “to help President-elect Trump’s election chances when possible by discrediting Secretary Clinton and publicly contrasting her unfavorably to him.” Any investigation has to examine how the Russian government distributed private data and proliferated fake news.
By now, we’ve all heard about Russia’s “troll farms.” The brute manpower and effort involved in those farms shows that seeding chaos and swaying online opinion are Russian priorities. However, because no laws are broken by the postings and tweets (even WikiLeaks is viewed as part of the press), law enforcement is powerless to act. Which leaves Facebook and Twitter—the so-called “platform companies”—as the main line of defense to detect and respond to campaigns by state actors. While FaceBook and Twitter have begun to accept some role in blocking malicious content—the firms move against copyright infringers and ISIS propagandists with some regularlity—it seems unlikely that they will move hard against disinformation campaigns. The result of this lack of oversight is a gap for state actors to push disinformation propaganda. This gap, according to the January intelligence assessment on Russian election interference, allowed for “paid social media users or ‘trolls’” to be used as part of the “influence campaign by serving as a platform for Kremlin messaging to Russian and international audiences.”
Russia’s commitment to pumping out disinformation and propaganda is directly connected to its use, according to the NY Times in 2015, of "an army of well-paid “trolls”[that] has tried to wreak havoc all around the internet." It has further reinforced this mechanism by using Russian media (such as RT and Sputnik) as part of their campaign. To counter this law enforcement, the intelligence community, and technology companies must work in partnership to identify and, at a minimum, inform the public about foreign influence campaigns is critical. Americans should know when the troll farms are trying to harvest their minds.
Counter-intelligence Operational Structure
As Comey recently wrote in his remarks to the Senate, “[i]t is important to understand that FBI counter-intelligence investigations are different than the more-commonly known criminal investigative work,” meaning the counter-intelligence community operates differently from other FBI divisions. The goal isn’t to collect evidence to present at trial. It’s “to understand the technical and human methods that hostile foreign powers are using to influence the United States or to steal our secrets,” Comey noted. In order to respond to, as Comey described them, the “aggressive intelligence operations” by Russia, the FBI shadows diplomats stationed in the United States who were suspected of spying.
But that’s not enough. These days, spies no longer pretend to be diplomats—or, not exclusively. As the 2015 arrests of intelligence operatives posing as members of Russian VEB Bank show, Russia is not constrained by geography or even industry. No longer are they just interested in recruiting spies such as Robert Hansen or Aldrich Ames with the goal of degrading American intelligence capabilities, they instead have set their aim on those, as Brennan testified to the Senate in May, those “who help shape American opinion.”
It is this shift in how and where foreign intelligence services conduct intelligence operations, that requires a US counter-intelligence restructure. Much as after 9/11 with the creation of the Director of National Intelligence and the National Counter-Terrorism Center, the counterintelligence force must be restructured to meet this re-emerging threat.
Security Clearance Investigations
Counterintelligence investigations often begin with routine background investigations during a security clearance applications. While the primary purpose of the application is to determine a candidate’s “qualifications, suitability, or loyalty to the United States Government, or access to classified information or restricted areas,” as we’ve seen with Jared Kushner and Michael Flynn, it can also provide clues about contacts with foreign governments and their intelligence operatives.
Many agencies have arcane rules to determine “suitability” such as extra vetting for foreign born candidates or those with foreign family members, while often ignoring the candidate’s social media and online activity. Furthermore, as seen with Mr. Kushner, the adjudication review is perhaps ill-equipped to assess individuals with complex financial entanglements. The ability to correctly asses the information collected during a background investigation is critical as, Comey explained, because a “credible allegation that there is some effort to co-opt, coerce, direct, employee covertly an American on behalf of the foreign power that's the basis on which a counterintelligence investigation is opened.”
With the so many alleged contacts and entanglements with those in the Trump orbit, it is critical to understand why these contacts were either not known, or why the intelligence community was unable to identify these individuals as possible foreign agents, long before the November election.
Understanding the damage caused by the 2016 Russian operation is not enough. As Comey testified, the Russians “tried to shape the way we think, we vote, we act.” All these actions point to a threat that is both serious and shows little sign of slowing. However, the first step in taking corrective action is to admit that the Russians were successful in interfering in the 2016 election and, as such, is an intelligence failure. Once an honest dialogue as to why counter-intelligence was unable to detect or neutralize this Russian operation, then a 9/11 commission approach to applying fixes can begin. However, as long as the question of success remains mired in partisan politics, the Russians and others will continue to take advantage of this existing and now known gap.