America is waging two wars against lethal threats — a very public one against COVID-19, and a more clandestine one with foreign adversaries targeting our democratic elections. The stealth campaign waged by our intelligence community to detect, deter and defeat a global assault on how we pick a president is about to become much more public. What that more public posture looks like, and exactly what, when and why we are permitted to see it, will be shaped by difficult strategic and tactical counterintelligence decisions. That is, if the politicians and political appointees step aside and let the professionals do their job of protecting our elections from foreign interference. There’s some reason to doubt that they’ll do that.
On Tuesday, Senator Richard Blumenthal (D-CT), tweeted, “In advance of the classified briefing I’ll hear later today, I reviewed classified documents this morning. They are chilling. Declassify this information. Americans deserve & need to know about ongoing foreign interference (even sabotage) in our election system”.
If only it were that easy.
On July 31, William Evanina, the nation’s top counterintelligence coordinator, a career professional, briefed the “gang of eight” on the foreign threat to our upcoming presidential election. During that briefing, both House Speaker Nancy Pelosi and House Majority Leader Steny Hoyer reportedly chastised Evanina for his related July 24 press release which they described as so vague as to be almost “meaningless.” Perhaps they didn’t read that press release as closely as I did, or through my lens of 25 years of counterintelligence experience. Or, perhaps they discounted the details provided in the classified briefing they received. Maybe they simply wanted the public to know every sensitive facet of what the intelligence community is uncovering about the attacks on our election process. And since they are, after all, politicians, just maybe they wanted to politicize intelligence because, at least for now, it favors their party. There’s a lot to unwrap here.
First, let me tell you how I see that July 24 press release from the National Counterintelligence and Security Center. There’s enough in there to signal to any reader that we are under full-on assault. I can assure you that when a press release like this is crafted, each word is carefully chosen to precisely convey the intended meaning. Let’s start with this line: “Today, we see our adversaries seeking to compromise the private communications of U.S. political campaigns, candidates and other political targets.” Wow, really? So, the private phone numbers and email addresses of the campaigns (plural), the candidates themselves, and those of some other unidentified associated “targets” are likely under withering and persistent attack by foreign nations. Think about that. That means those folks have had to start using almost entirely encrypted communications, and/or are discarding and switching their phones and email addresses as soon as there is evidence of a possible compromise. That also means our intelligence and cyber professionals are in full-time monitoring and warning mode just on that attack vector alone.
Let’s move to this nugget in the press release: “Our adversaries also seek to compromise our election infrastructure, and we continue to monitor malicious cyber actors trying to gain access to U.S. state and federal networks, including those responsible for managing elections.” Yikes. We already knew from the Mueller report that the Russians had gotten into some state election infrastructure and waved “hello,” but now we’re told conduct like this is continuing, perhaps by multiple nation-states or garden variety bad guys, and has reached federal government networks that “manage elections.” Hmmm. That’s particularly interesting given that Senate Majority Leader Mitch McConnell seems to think that the federal government has no role in managing elections.
And, lest we forget that our consumption of media remains a threat vector, there is this: “In addition, foreign nations continue to use influence measures in social and traditional media in an effort to sway U.S. voters’ preferences and perspectives, to shift U.S. policies, to increase discord and to undermine confidence in our democratic process. The coronavirus pandemic and recent protests, for instance, continue to serve as fodder for foreign influence and disinformation efforts in America.” There’s a lot in those two sentences, but wait, “traditional media” is now being used in foreign influence measures? You mean the newspaper I read and the network news I watch? Are stories being planted by intelligence services? Is there enough vetting being done by certain cable news networks before they report? The press release goes on to remind us that it’s just not Russia we should worry about. China and Iran are at it also. And who knows which candidate they favor. Then there’s the ever popular “non-state actors,” which could include everyone from Trump’s infamous “400 pound guy sitting in his bed” to ISIS, Al-Qaeda, or white supremacist organizations. So, what’s a counterintelligence professional to do?
Now more than ever, the American voter needs to make truly informed decisions. If a certain article in some magazine has put us squarely in favor of one candidate over another, we want to know if that reporting is propaganda from a foreign intelligence service. Importantly, if one candidate is facilitating foreign interference on his behalf, we need to know that. But it’s not that simple, and to make it even harder, intelligence professionals inevitably have political masters.
Here are the top ten questions that the career professionals in the intelligence community dedicated to catching spies and preserving our democracy are asking right now:
- How much do we publicly reveal without compromising sources and methods?
- If we give specific examples will the bad guys change tactics and cause us to “go dark”?
- Could a human source be killed?
- If we provide an example showing Russia is working for Trump, must we find an example of China working for Biden? What if we don’t have such an example?
- Should we take down a site we suspect is controlled by a foreign actor, or wait until we can unravel the whole cell or network supporting it?
- How much do we share with the service providers – Facebook, Twitter, Google?
- After what happened in the 2016 election, are we damned if we do, damned if we don’t?
- Should we provide daily, weekly or monthly public briefings that look like Governor Cuomo’s daily COVID-19 briefings? At that point, do we become the arbiters of an election?
- What’s the “red line” that we can’t allow a malicious actor to cross?
- Will the DNI, the Attorney General, and the White House even permit us to do our jobs?
Welcome to the world of counterintelligence in the year 2020.
The news isn’t all bad. There was at least one positive line in that July 24 press release – let’s cling to it as we carefully search for any change in tone in future public disclosures: “However, the diversity of election systems among the states, multiple checks and redundancies in those systems, and post-election auditing all make it extraordinarily difficult for foreign adversaries to broadly disrupt or change vote tallies without detection.”
Americans can and will still pick their own president if the current administration, and both parties in the House and Senate, permit career intelligence professionals to do their jobs and brief us on what we need to know without partisan pressure and posturing. If we learned one thing from the COVID-19 crisis, it’s that when it really matters, most Americans want to hear from the experts, not from politicians.